pub enum EncryptionStreams {
Aes256Gcm(Box<EncryptorLE31<Aes256Gcm>>),
XChaCha20Poly1305(Box<EncryptorLE31<XChaCha20Poly1305>>),
DeoxysII256(Box<EncryptorLE31<DeoxysII256>>),
}Expand description
This enum contains streams for that are used solely for encryption
It has definitions for all AEADs supported by dexios-core
Variants§
Aes256Gcm(Box<EncryptorLE31<Aes256Gcm>>)
XChaCha20Poly1305(Box<EncryptorLE31<XChaCha20Poly1305>>)
DeoxysII256(Box<EncryptorLE31<DeoxysII256>>)
Implementations§
Source§impl EncryptionStreams
impl EncryptionStreams
Sourcepub fn initialize(
key: Protected<[u8; 32]>,
nonce: &[u8],
algorithm: &Algorithm,
) -> Result<Self>
pub fn initialize( key: Protected<[u8; 32]>, nonce: &[u8], algorithm: &Algorithm, ) -> Result<Self>
This method can be used to quickly create an EncryptionStreams object
It requies a 32-byte hashed key, which will be dropped once the stream has been initialized
It requires a pre-generated nonce, which you may generate with gen_nonce()
If the nonce length is not exact, you will receive an error.
It will create the stream with the specified algorithm, and it will also generate the appropriate nonce
The EncryptionStreams object is returned
§Examples
// obviously the key should contain data, not be an empty vec
let raw_key = Protected::new(vec![0u8; 128]);
let salt = gen_salt();
let key = balloon_hash(raw_key, &salt, &HeaderVersion::V4).unwrap();
let nonce = gen_nonce(&Algorithm::XChaCha20Poly1305, &Mode::StreamMode);
let encrypt_stream = EncryptionStreams::initialize(key, &nonce, &Algorithm::XChaCha20Poly1305).unwrap();Sourcepub fn encrypt_next<'msg, 'aad>(
&mut self,
payload: impl Into<Payload<'msg, 'aad>>,
) -> Result<Vec<u8>>
pub fn encrypt_next<'msg, 'aad>( &mut self, payload: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>>
This is used for encrypting the next block of data in streaming mode
It requires either some plaintext, or an aead::Payload (that contains the plaintext and the AAD)
Sourcepub fn encrypt_last<'msg, 'aad>(
self,
payload: impl Into<Payload<'msg, 'aad>>,
) -> Result<Vec<u8>>
pub fn encrypt_last<'msg, 'aad>( self, payload: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>>
This is used for encrypting the last block of data in streaming mode. It consumes the stream object to prevent further usage.
It requires either some plaintext, or an aead::Payload (that contains the plaintext and the AAD)
Sourcepub fn encrypt_file(
self,
reader: &mut impl Read,
writer: &mut impl Write,
aad: &[u8],
) -> Result<()>
pub fn encrypt_file( self, reader: &mut impl Read, writer: &mut impl Write, aad: &[u8], ) -> Result<()>
This is a convenience function for reading from a reader, encrypting, and writing to the writer.
Every single block is provided with the AAD
Valid AAD must be provided if you are using HeaderVersion::V3 and above. It must be empty if the HeaderVersion is lower.
You are free to use a custom AAD, just ensure that it is present for decryption, or else you will receive an error.
This does not handle writing the header.
§Examples
let mut input_file = File::open("input").unwrap();
let mut output_file = File::create("output.encrypted").unwrap();
// aad should be generated from the header (only for encryption)
let aad = header.serialize().unwrap();
let encrypt_stream = EncryptionStreams::initialize(key, &nonce, &Algorithm::XChaCha20Poly1305).unwrap();
encrypt_stream.encrypt_file(&mut input_file, &mut output_file, &aad);