Struct dco3_crypto::DracoonCrypto

source · 
pub struct DracoonCrypto;
Expand description

Implements symmetric and asymmetric encryption for DRACOON by implementing traits using the openssl crate

Trait Implementations§

source§

impl Decrypt for DracoonCrypto

Implements decryption based on AES256 GCM. Provides function to decrypt on the fly and another one to create a Crypter in order to decrypt in chunks.

source§

fn decrypt( data: &impl AsRef<[u8]>, plain_file_key: PlainFileKey ) -> Result<Vec<u8>, DracoonCryptoError>

Decrypts bytes on the fly - full message is expected and passed as data.

§Example
use dco3_crypto::{DracoonCrypto, Decrypt, Encrypt};
let message = b"Encrypt me please";
let (enc_message, plain_file_key) = DracoonCrypto::encrypt(message.to_vec()).unwrap();
let plain_message = DracoonCrypto::decrypt(&enc_message, plain_file_key);
source§

impl Decrypter<Crypter> for DracoonCrypto

source§

fn decrypter( plain_file_key: PlainFileKey, buffer: &mut Vec<u8> ) -> Result<Crypter<'_, OpenSslCrypter>, DracoonCryptoError>

Returns a Crypter for chunked decryption

Accepts a buffer to store the decrypted message to. In order to decrypt in chunks, you need to

  • get a decrypter and pass a buffer and the plain file key
  • update the decrypter by passing the chunks
  • finalize the decryption once all chunks were read
  • get the message (as bytes) from the encrypter
§Example
use dco3_crypto::{DracoonCrypto, Encrypt, Decrypter, ChunkedEncryption};
use openssl::symm::Cipher;
let message = b"Encrypt this very long message in chunks and decrypt it";

/// returns a tuple containing the message and the plain file key
let (message, plain_file_key) = DracoonCrypto::encrypt(message.to_vec()).unwrap();
let buff_len = message.len() + Cipher::aes_256_gcm().block_size();

/// chunks of 5
let mut chunks = message.chunks(5);
let mut buf = vec![0u8; buff_len];
let mut decrypter = DracoonCrypto::decrypter(plain_file_key, &mut buf).unwrap();
let mut count: usize = 0;
while let Some(chunk) = chunks.next() {
   count += decrypter.update(&chunk).unwrap();
}
count += decrypter.finalize().unwrap();

let plain_message = std::str::from_utf8(decrypter.get_message()).unwrap();
source§

impl DracoonRSACrypto for DracoonCrypto

source§

fn create_plain_user_keypair( version: UserKeyPairVersion ) -> Result<PlainUserKeyPairContainer, DracoonCryptoError>

Creates a plain RSA keypair required for DRACOON to encrypt and decrypt file keys. Using a 4096 bit keypair is recommended - 2048 bit is for legacy support and usage is discouraged.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, UserKeyPairVersion};
let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();
source§

fn encrypt_private_key( secret: &str, plain_keypair: PlainUserKeyPairContainer ) -> Result<UserKeyPairContainer, DracoonCryptoError>

Encrypts a plain keypair container - specifically the private key - using a secret provided as parameter.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, UserKeyPairVersion};
let secret = "VerySecret123!";
let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();
let enc_4096_keypair = DracoonCrypto::encrypt_private_key(secret, plain_4096_keypair).unwrap();
source§

fn decrypt_keypair( secret: &str, keypair: UserKeyPairContainer ) -> Result<PlainUserKeyPairContainer, DracoonCryptoError>

Decrypts an encrypted keypair container - specifically the private key - using a secret provided as parameter.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, UserKeyPairVersion};
let secret = "VerySecret123!";
let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();
let enc_4096_keypair = DracoonCrypto::encrypt_private_key(secret, plain_4096_keypair).unwrap();

let plain_keypair = DracoonCrypto::decrypt_keypair(secret, enc_4096_keypair).unwrap();
source§

fn decrypt_private_key( secret: &str, private_key: &PrivateKeyContainer ) -> Result<PrivateKeyContainer, DracoonCryptoError>

Decrypts a private key container - specifically required for public shares - using a secret provided as parameter.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, UserKeyPairVersion};
let secret = "VerySecret123!";
let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();
let enc_4096_keypair = DracoonCrypto::encrypt_private_key(secret, plain_4096_keypair).unwrap();
let plain_private_key = DracoonCrypto::decrypt_private_key(secret, &enc_4096_keypair.private_key_container).unwrap();
source§

fn encrypt_file_key( plain_file_key: PlainFileKey, public_key: impl PublicKey ) -> Result<FileKey, DracoonCryptoError>

Encrypts a file key used for file encryption using either the public key or a plain keypair container.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, PlainFileKey, UserKeyPairVersion};

let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();

let plain_file_key = PlainFileKey::try_new_for_encryption().unwrap();
let enc_file_key = DracoonCrypto::encrypt_file_key(plain_file_key, plain_4096_keypair).unwrap();
source§

fn decrypt_file_key( file_key: FileKey, private_key: impl PrivateKey ) -> Result<PlainFileKey, DracoonCryptoError>

Decrypts a file key used for file encryption using a plain keypair container.

§Example
use dco3_crypto::{DracoonCrypto, DracoonRSACrypto, PlainFileKey, UserKeyPairVersion, PublicKeyContainer};

let plain_4096_keypair =
DracoonCrypto::create_plain_user_keypair(UserKeyPairVersion::RSA4096).unwrap();
let public_key_container = PublicKeyContainer {
public_key: plain_4096_keypair.public_key_container.public_key.clone(),
version: UserKeyPairVersion::RSA4096,
created_at: None,
created_by: None,
expire_at: None,
};
let plain_file_key = PlainFileKey::try_new_for_encryption().unwrap();
let enc_file_key = DracoonCrypto::encrypt_file_key(plain_file_key, public_key_container).unwrap();
let plain_file_key = DracoonCrypto::decrypt_file_key(enc_file_key, plain_4096_keypair).unwrap();
source§

impl Encrypt for DracoonCrypto

Implements encryption based on AES256 GCM. Provides function to encrypt on the fly and another one to create a Crypter in order to encrypt in chunks.

source§

fn encrypt( data: impl AsRef<[u8]> ) -> Result<EncryptionResult, DracoonCryptoError>

Encrypts bytes on the fly - full message is expected and passed as data.

§Example
use dco3_crypto::{DracoonCrypto, Encrypt};
let message = b"Encrypt me please";
let enc_message = DracoonCrypto::encrypt(message.to_vec()).unwrap();
source§

impl Encrypter<Crypter> for DracoonCrypto

source§

fn encrypter( buffer: &mut Vec<u8> ) -> Result<Crypter<'_, OpenSslCrypter>, DracoonCryptoError>

Returns a Crypter for chunked encryption

Accepts a buffer to store the encrypted message to. In order to encrypt in chunks, you need to

  • get an encrypter and pass a buffer
  • update the encrypter by passing the chunks
  • finalize the encryption once all chunks were read
  • get the message (as bytes) from the encrypter
  • get the plain file key from the encrypter
§Example
use dco3_crypto::{DracoonCrypto, Encrypter, ChunkedEncryption};
use openssl::symm::Cipher;

let mut message = b"Encrypt this very long message in chunks and decrypt it";
let buff_len = message.len() + Cipher::aes_256_gcm().block_size();
let mut buf = vec![0u8; buff_len];
let mut encrypter =
DracoonCrypto::encrypter(&mut buf).unwrap();
let mut count: usize = 0;
const CHUNKSIZE: usize = 8;
let mut chunks = message.chunks(CHUNKSIZE);
while let Some(chunk) = chunks.next() {
count += encrypter.update(&chunk).unwrap();
}
count += encrypter.finalize().unwrap();

let enc_message = encrypter.get_message();
let plain_file_key = encrypter.get_plain_file_key();

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more