Expand description
§OpenADP Rust SDK
This crate provides a complete Rust implementation of the OpenADP (Open Advanced Data Protection) distributed secret sharing system, designed to protect against nation-state attacks.
§Core Features
- Ed25519 elliptic curve operations with point compression/decompression
- Shamir secret sharing with threshold recovery
- Noise-NK protocol for secure server communication
- JSON-RPC 2.0 API with multi-server support
- Cross-language compatibility with Go and Python implementations
§Quick Start
use openadp_ocrypt::{generate_encryption_key, recover_encryption_key, get_servers, Identity};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Get live servers
let servers = get_servers("").await?;
// Create Identity for the encryption operation
let identity = Identity::new(
"user@example.com".to_string(), // UID - user identifier
"laptop-2024".to_string(), // DID - device identifier
"document.pdf".to_string() // BID - backup identifier
);
// Generate encryption key with distributed backup
let result = generate_encryption_key(
&identity,
"secure_password",
10, // max_guesses
0, // expiration
servers,
).await?;
if let Some(key) = result.encryption_key {
println!("Generated key: {} bytes", key.len());
// Later: recover the key
let recovered = recover_encryption_key(
&identity,
"secure_password",
result.server_infos.unwrap(),
result.threshold.unwrap(),
result.auth_codes.unwrap(),
).await?;
if let Some(recovered_key) = recovered.encryption_key {
assert_eq!(key, recovered_key);
println!("Successfully recovered key!");
}
}
Ok(())
}Re-exports§
Modules§
- client
- OpenADP Rust Client Implementation
- crypto
- Cryptographic operations for OpenADP.
- keygen
- Key generation and recovery functionality for OpenADP
- ocrypt
- Ocrypt - Drop-in replacement for password hashing functions
- recovery
Enums§
Constants§
Functions§
- derive_
identifiers - Derive identifiers from filename, user_id, and hostname This matches the Go DeriveIdentifiers function behavior