Crate saltlick

Crate saltlick 

Source
Expand description

A library for encrypting and decrypting file streams using libsodium.

This library provides a Rust implementation of the saltlick binary file format, which is itself a format for encrypting and decrypting files using strong elliptic curve cryptography. See the saltlick spec for details about the motivation and implementation of the file format itself.

Both low-level and high-level APIs are provided. The low-level API requires manually updating an encrypter with chunks of plaintext and receiving ciphertext, or updating a decrypter with chunks of ciphertext and receiving plaintext. High-level APIs are provided for Rust’s Read, BufRead, and Write traits.

§Usage

First, add this to your Cargo.toml:

[dependencies]
saltlick = "0.4"

Next:

use saltlick::{
    read::SaltlickDecrypter,
    write::SaltlickEncrypter,
    SaltlickError,
};
use std::{
    error::Error,
    fs::File,
    io::{self, Cursor, Read, Write},
};

fn main() -> Result<(), Box<dyn Error>> {
    // Generate a new public/secret keypair
    let (public, secret) = saltlick::gen_keypair();

    // Writing data to a stream
    let writer = Vec::new();
    let mut stream = SaltlickEncrypter::new(public.clone(), writer);
    stream.write_all(b"I have a secret for you")?;
    let ciphertext = stream.finalize()?;

    // Reading data back from stream
    let reader = Cursor::new(ciphertext);
    let mut stream = SaltlickDecrypter::new(public.clone(), secret.clone(), reader);
    let mut output = String::new();
    stream.read_to_string(&mut output)?;
    assert_eq!("I have a secret for you", output);

    // Save public and private keys as PEM format
    let public_pem = public.to_pem();
    let secret_pem = secret.to_pem();

    Ok(())
}

§Generating Keys

In addition to generating keys programmatically, it is possible to generate compliant key files with OpenSSL 1.1.0 or newer:

openssl genpkey -algorithm x25519 > secret.pem
openssl pkey -in secret.pem -pubout > public.pem

Modules§

bufread
Wrapper types over BufRead objects.
crypter
Low-level API for saltlick stream operations.
read
Wrapper types over Read objects.
streamio-async
Wrapper types over Stream objects.
write
Wrapper types over Write objects.

Structs§

PublicKey
Wrapper over libsodium-provided public key type.
SecretKey
Wrapper over libsodium-provided secret key type.

Enums§

SaltlickError
Saltlick errors.
SaltlickKeyIoError
Errors when loading keys directly from a file.
Version
Supported Saltlick file format version.

Constants§

PUBLICKEYBYTES
Number of bytes in a PublicKey.
SECRETKEYBYTES
Number of bytes in a SecretKey.

Functions§

gen_keypair
Create a new saltlick keypair.