Expand description
A library for encrypting and decrypting file streams using libsodium.
This library provides a Rust implementation of the saltlick binary file format, which is itself a format for encrypting and decrypting files using strong elliptic curve cryptography. See the saltlick spec for details about the motivation and implementation of the file format itself.
Both low-level and high-level APIs are provided. The low-level API requires
manually updating an encrypter with chunks of plaintext and receiving
ciphertext, or updating a decrypter with chunks of ciphertext and receiving
plaintext. High-level APIs are provided for Rust’s Read
, BufRead
,
and Write
traits.
§Usage
First, add this to your Cargo.toml:
[dependencies]
saltlick = "0.4"
Next:
use saltlick::{
read::SaltlickDecrypter,
write::SaltlickEncrypter,
SaltlickError,
};
use std::{
error::Error,
fs::File,
io::{self, Cursor, Read, Write},
};
fn main() -> Result<(), Box<dyn Error>> {
// Generate a new public/secret keypair
let (public, secret) = saltlick::gen_keypair();
// Writing data to a stream
let writer = Vec::new();
let mut stream = SaltlickEncrypter::new(public.clone(), writer);
stream.write_all(b"I have a secret for you")?;
let ciphertext = stream.finalize()?;
// Reading data back from stream
let reader = Cursor::new(ciphertext);
let mut stream = SaltlickDecrypter::new(public.clone(), secret.clone(), reader);
let mut output = String::new();
stream.read_to_string(&mut output)?;
assert_eq!("I have a secret for you", output);
// Save public and private keys as PEM format
let public_pem = public.to_pem();
let secret_pem = secret.to_pem();
Ok(())
}
§Generating Keys
In addition to generating keys programmatically, it is possible to generate compliant key files with OpenSSL 1.1.0 or newer:
openssl genpkey -algorithm x25519 > secret.pem
openssl pkey -in secret.pem -pubout > public.pem
Modules§
- Wrapper types over
BufRead
objects. - Low-level API for saltlick stream operations.
- Wrapper types over
Read
objects. - Wrapper types over
Stream
objects. - Wrapper types over
Write
objects.
Structs§
- Wrapper over libsodium-provided public key type.
- Wrapper over libsodium-provided secret key type.
Enums§
- Saltlick errors.
- Errors when loading keys directly from a file.
- Supported Saltlick file format version.
Constants§
- Number of bytes in a
PublicKey
. - Number of bytes in a
SecretKey
.
Functions§
- Create a new saltlick keypair.