[][src]Module dup_crypto::private_message

Private message encryption/decryption

Encrypt a private message (sender side)

Warning: Take the time to study which is the authentication policy adapted to your specific use case. Choosing an unsuitable authentication policy can be dramatic for your end users. Read the documentation of AuthenticationPolicy.

use dup_crypto::keys::{
    KeyPair, PublicKey,
    ed25519::{KeyPairFromSaltedPasswordGenerator, PublicKey as Ed25519PublicKey, SaltedPassword}
use dup_crypto::private_message::{Aad, Algorithm, AuthenticationPolicy, METADATA_LEN};
use dup_crypto::seeds::Seed32;

// Take the time to study which is the authentication policy adapted
// to your specific use case.
// Read `dup_crypto::private_message::AuthenticationPolicy` documentation.
let authentication_policy = AuthenticationPolicy::PrivateAuthentication;

// Regardless of the authentication policy chosen, the sender's key-pair is required.
let sender_key_pair = KeyPairFromSaltedPasswordGenerator::with_default_parameters()
    .generate(SaltedPassword::new("sender salt".to_owned(), "sender password".to_owned()));

// Choose an encryption algorithm adapted to your specific use case.
// Read `dup_crypto::private_message::Algorithm` documentation.
let encryption_algo = Algorithm::Chacha20Poly1305;

// Aad value must be known by the software that will decipher the message, it can be the
// name of the service followed by the name of the network (name of the currency for example).
// This field is only used to ensure that there is no interference between different services
// and/or networks.
let aad = Aad::from(b"service name - currency name");

// Define receiver and message content
// The message must be mutable because for performance reasons the encryption is applied
// directly to the bytes of the message (the message is never copied).
let receiver_public_key = Ed25519PublicKey::from_base58(
).expect("invalid public key");
let message = b"This is a secret message, which can only be read by the recipient.";

// It is up to you to create the buffer that will contain the encrypted message.
// This gives you the freedom to choose how to allocate the memory space and in
// which type of "container" to store the bytes of the encrypted message.
// Metadata needed for decryption and authentication will be added to your message,
// you must make sure that your buffer has enough capacity to hold this metadata.
let mut buffer: Vec<u8> = Vec::with_capacity(message.len() + METADATA_LEN);

// Finally, authenticate and encrypt the message.
    &mut buffer,

// Send message to the recipient by any way..

Decrypt a private message (receiver side)

use dup_crypto::keys::{KeyPair, ed25519::KeyPairFromSeed32Generator};
use dup_crypto::private_message::{Aad, Algorithm};
use dup_crypto::seeds::Seed32;

let receiver_key_pair = KeyPairFromSeed32Generator::generate(
    Seed32::from_base58("7nY1fYmCXL1vF86ptneeg8r7M6C7G93M8MCfzBCaCtiJ").expect("invalid seed")

let mut encrypted_message = vec![221u8, 252, 176, 127, 197, // ... several bytes hidden

let (message, signature_opt) = dup_crypto::private_message::decrypt_private_message(
    Aad::from(b"service name - currency name"),
    &mut encrypted_message,

    &b"This is a secret message, which can only be read by the recipient."[..],



The additionally authenticated data (AAD) for an opening or sealing operation. This data is authenticated but is not encrypted.



Private message encryption algorithm If your program is susceptible to running on machines that do not provide hardware acceleration for AES (some phones, embedded devices, old computers, etc) then you should choose Chacha20Poly1305. Even on devices with hardware acceleration for AES, the performance of Chacha20Poly1305 is often equivalent to Aes256Gcm, so only choose Aes256Gcm if you have strong reasons to do so.


Authentication policy.


Error at encryption/decryption of a private message



Metadata length



Decrypt private message. Return a reference to decrypted bytes and an optional signature. If the authentication method chosen by the sender is Signature, then the signature is necessarily returned. The signature is returned to allow subsequent publication of proof that this particular message was sent by the sender.


Encrypt private message