MeshEncryptionKey

hive_btle::security

Struct MeshEncryptionKey 

Source 
pub struct MeshEncryptionKey { /* private fields */ }
Expand description

Mesh-wide encryption key for HIVE documents

All nodes sharing the same formation secret derive the same key, enabling encrypted communication across the mesh.

Implementations§

Source§

impl MeshEncryptionKey

Source

pub fn from_shared_secret(mesh_id: &str, secret: &[u8; 32]) -> Self

Derive a mesh encryption key from a shared secret

Uses HKDF-SHA256 with the mesh ID as salt and a fixed info string to derive a unique 256-bit key for this mesh.

§Arguments
  • mesh_id - The mesh identifier (e.g., “DEMO”, “ALPHA”)
  • secret - 32-byte shared secret known to all mesh participants
§Example
let secret = [0x42u8; 32]; // In practice, a securely shared secret
let key = MeshEncryptionKey::from_shared_secret("DEMO", &secret);
Source

pub fn encrypt( &self, plaintext: &[u8], ) -> Result<EncryptedDocument, EncryptionError>

Encrypt plaintext document bytes

Generates a random 12-byte nonce and encrypts using ChaCha20-Poly1305. The resulting ciphertext includes a 16-byte authentication tag.

§Arguments
  • plaintext - Raw document bytes to encrypt
§Returns
  • Ok(EncryptedDocument) - Encrypted document with nonce and ciphertext
  • Err(EncryptionError) - If encryption fails (should not happen in practice)
Source

pub fn decrypt( &self, encrypted: &EncryptedDocument, ) -> Result<Vec<u8>, EncryptionError>

Decrypt encrypted document bytes

Verifies the authentication tag and decrypts the ciphertext.

§Arguments
  • encrypted - Encrypted document with nonce and ciphertext
§Returns
  • Ok(Vec<u8>) - Decrypted plaintext document bytes
  • Err(EncryptionError) - If decryption fails (wrong key or corrupted data)
Source

pub fn encrypt_to_bytes( &self, plaintext: &[u8], ) -> Result<Vec<u8>, EncryptionError>

Encrypt and encode in one step

Convenience method that encrypts plaintext and returns wire-format bytes.

Source

pub fn decrypt_from_bytes( &self, data: &[u8], ) -> Result<Vec<u8>, EncryptionError>

Decode and decrypt in one step

Convenience method that decodes wire-format bytes and decrypts.

Trait Implementations§

Source§

impl Clone for MeshEncryptionKey

Source§

fn clone(&self) -> MeshEncryptionKey

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for MeshEncryptionKey

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.