Crate pyrus_crypto

Crate pyrus_crypto 

Source
Expand description

§Pyrus Crypto

This crate provides an OpenPGP inspired crypto system. It is based on generating certificates and using them to sign, encrypt and decrypt messages. Because it is designed for use in a larger application, this crate has some shortcomings. Mainly: symmetric encryption requires supplying a sender’s certificate.

§Warning!

This is not a serious crypto crate. It has no tests and is not reviewed by third parties. It’s security goes as far as the author’s will to make his school project seem secure.

§Examples

§Generate and serialize a certificate keeping its secret parts:

use pyrus_crypto::prelude::*;

let larry = Cert::new("Larry <larry@gentoo.org>");
let cert_bytes = postcard::to_stdvec(&larry)?;

//.. save the certificate
// use the certificate here

§Encrypt a message symmetrically using a passphrase:

use pyrus_crypto::prelude::*;

let larry: Cert = //..
 
let secret_text = b"This is a very secret message";
let message = Message::new(&larry)?
    .write(&secret_text[..])?
    .encrypt_with(b"alcmdzmafia")? // don't use such passwords
    .finalize()?;

§Sign and encrypt a message asymmetrically:

Note that the certificates are behind an std::sync::Arc. This is how they will usually appear in the wild.

use pyrus_crypto::prelude::*;

let larry: Arc<Cert> = //..
let agentcow: Arc<Cert> = //..
let agenthorse: Arc<Cert> = //..
let agentfox: Arc<Cert> = //..
let friends = vec![agentcow.clone(), agenthorse.clone()];

let secret_text = b"Let's meet up in the evening";
let msg = Message::new(&larry)?
    .write(&secret_text[..])?
    .sign()
    .encrypt_for(&friends)?
    .finalize()?;

§Decrypt a symmetrically encrypted message

use pyrus_crypto::prelude::*;

// another of the aforementioned shortcomings
let dummy = Cert::new("dummy cert");
// assume we already have a message
let (_, content, sig) = message
    .parse(&dummy)?
    .decrypt_with(&b"alcmdzmafia"[..])?
    .finalize();

assert_eq!(&secret_text[..], &content[..]);
assert!(sig.is_none()); // the message is not signed

§Decrypt and verify a signed message

use pyrus_crypto::prelude::*;

let larry: Arc<Cert> = //..
let agentcow: Arc<Cert> = //..
let agenthorse: Arc<Cert> = //..
let agentfox: Arc<Cert> = //..

let secret_text = b"Let's meet up in the evening";
let (message, content, signature) = message
    .parse(&agentcow)? // decrypt using agentcow's certificate
    .decrypt(larry.clone())?
    .verify_signature(larry.clone())?
    .finalize();

assert_eq!(&secret_text[..], &content[..]);
assert!(signature.unwrap()); // signature is Some and is good

let fail = message
    .parse(&agentfox)?
    .decrypt(larry.clone());
assert!(fail.is_err()); // cannot decrypt, not a recipient

Modules§

cert
Certificate generation and serialization.
crypto
Cryptographic primitives, the foundation of this crate.
error
CryptoError type and Result<T> type specialization.
message
Message creation and parsing.
prelude
Re-exports commonly used types

Type Aliases§

Fingerprint
Alias for the certificate’s fingerprint type.