Crate self_encryption[−][src]
Expand description
A file content self_encryptor.
This library provides convergent encryption on file-based data and produces a SecretKey
type and
several chunks of encrypted data. Each chunk is up to 1MB in size and has an index and a name. This name is the
SHA3-256 hash of the content, which allows the chunks to be self-validating. If size and hash
checks are utilised, a high degree of certainty in the validity of the data can be expected.
Examples
A working implementation can be found in the “examples” folder of this project.
use self_encryption::{encrypt, test_helpers::random_bytes};
#[tokio::main]
async fn main() {
let file_size = 10_000_000;
let bytes = random_bytes(file_size);
if let Ok((_secret_key, _encrypted_chunks)) = encrypt(bytes) {
// .. then persist the `encrypted_chunks`.
// Remember to keep `secret_key` somewhere safe..!
}
}
Storage of the Vec<EncryptedChunk>
or SecretKey
is outwith the scope of this
library and must be implemented by the user.
Structs
This is - in effect - a partial decryption key for an encrypted chunk of data.
The actual encrypted content of the chunk, and its key index.
A secret key to decrypt a self-encrypted file.
Helper struct for seeking original file bytes from chunks.
Enums
Errors which can arise during self_encryption or -decryption.
Constants
Controls the compression-speed vs compression-density tradeoffs. The higher the quality, the slower the compression. Range is 0 to 11.
The maximum size (before compression) of an individual chunk of the file, defined as 1MB.
The minimum size (before compression) of an individual chunk of the file, defined as 1kB.
The minimum size (before compression) of data to be self-encrypted, defined as 3kB.
Functions
Decrypts what is expected to be the full set of chunks covered by the secret key.
Decrypts a range, used when seeking.
Encrypts a set of bytes and returns the encrypted data together with the secret key that is derived from the input data. Returns an error if the size is too small for self-encryption. Only files larger than 3072 bytes (3 * MIN_CHUNK_SIZE) can be self-encrypted. Smaller files will have to be batched together for self-encryption to work.
Helper function for getting info needed to seek original file bytes from chunks.
Type Definitions
Specialisation of std::Result
for crate.