1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
// Copyright 2020-2021 IOTA Stiftung // SPDX-License-Identifier: Apache-2.0 #![allow(clippy::upper_case_acronyms)] //! This crate defines and implements the encrypted offline storage format used by //! the Stronghold ecosystem. //! //! The format has a header with version and magic bytes to appease applications //! wishing to provide file-type detection. //! //! The data stored within a snapshot is considered opaque and uses 256 bit keys. //! It provides recommended ways to derive the snapshot encryption key from a user //! provided password. The format also allows using an authenticated data //! bytestring to further protect the offline snapshot files (one might consider //! using a secondary user password strengthened by an HSM). //! //! The current version of the format is using X25519 together with an ephemeral //! key to derive a shared key for the symmetric XChaCha20 cipher and uses the //! Poly1305 message authentication algorithm. //! Future versions, when the demands for larger snapshot sizes and/or random //! access is desired, might consider encrypting smaller chunks (B-trees?) or //! similar using per chunk derived ephemeral keys. mod compression; pub mod files; pub mod kdf; mod logic; pub use compression::{compress, decompress}; pub use logic::*;