Crate encryptfile [] [src]

This library provides an interface to Rust Crypto(1) for encrypting and decrypting files. It provides the following features:

  1. A high-level configuration interface to specify various options

  2. Generation and verification of HMACs(2) for the encrypted data.

In the future, this library may provide:

  1. Support for different encryption methods or output formats.

  2. Support for encryption libraries other than rust crypto

  3. Support for arbitrary user-provided metadata that is included (encrypted) with the output file.

This library is on GitHub. Feel free to make feature suggestions in the issue tracker.

Example

use encryptfile as ef;

// Encrypt
let mut in_file = std::env::var("HOME").unwrap();
in_file.push_str("/.bash_history");
let mut c = ef::Config::new();
c.input_stream(ef::InputStream::File(in_file.to_owned()))
 .output_stream(ef::OutputStream::File("/tmp/__encrypted_bash_history.ef".to_owned()))
 .add_output_option(ef::OutputOption::AllowOverwrite)
 .initialization_vector(ef::InitializationVector::GenerateFromRng)
 .password(ef::PasswordType::Text("iloveyou".to_owned(), ef::scrypt_defaults()))
 .encrypt();
let _ = ef::process(&c).map_err(|e| panic!("error encrypting: {:?}", e));

// Decrypt
let mut c = ef::Config::new();
c.input_stream(ef::InputStream::File("/tmp/__encrypted_bash_history.ef".to_owned()))
 .output_stream(ef::OutputStream::File("/tmp/__encrypted_bash_history.txt".to_owned()))
 .add_output_option(ef::OutputOption::AllowOverwrite)
 .password(ef::PasswordType::Text("iloveyou".to_owned(), ef::PasswordKeyGenMethod::ReadFromFile))
 .decrypt();
let _ = ef::process(&c).map_err(|e| panic!("error decrypting: {:?}", e));

Structs

Config

The main Configuration type. This is a Builder object [1].
ScryptLogN

The Scrypt LogN parameter.
ScryptP

The Scrypt P parameter.
ScryptR

The Scrypt R parameter.

Enums

EncryptError
InitializationVector

Specifies the initialization vector. Note, when decrypting, you do not need to specify this since the IV is in the file.
InputStream

Data input streams.
Mode

The current encryption mode. Initially set to Unknown.
OutputOption

Output options.
OutputStream

Data output streams.
PasswordKeyGenMethod

Controls how the encryption key is generated from a text password.
PasswordType

Specifies the encryption password.
RngMode

Controls how random numbers are generated whenever they are needed by this library. Currently this is only required when generating an initialization vector (InitializationVector::GenerateFromRng). Note, when decrypting, you do not need to specify this.

Constants

IV_SIZE
PW_KEY_SIZE

Functions

process

Process the config and produce the result. This function does not "consume" the config, so it can be reconfigured and reused after process() returns.
scrypt_defaults

Returns a set of default scrypt parameters: LogN 16, R 8, P 1. See http://www.tarsnap.com/scrypt/scrypt-slides.pdf for more details.
scrypt_params_encrypt1

Returns a set of scrypt parameters tuned for file encryption: LogN 20, R 8, P 1 See http://www.tarsnap.com/scrypt/scrypt-slides.pdf for more details.

Type Definitions

IvArray
PwKeyArray