vodozemac

Module pk_encryption

Source
Expand description

☣️ Compat support for libolm’s PkEncryption and PkDecryption

This implements the m.megolm_backup.v1.curve25519-aes-sha2 described in the Matrix spec. This is a hybrid encryption scheme utilizing Curve25519 and AES-CBC. X25519 ECDH is performed between an ephemeral key pair and a long-lived backup key pair to establish a shared secret, from which symmetric encryption and message authentication (MAC) keys are derived.

WARNING: Please note the algorithm contains a critical flaw and does not provide authentication of the ciphertext.

§Examples

use anyhow::Result;
use vodozemac::pk_encryption::{PkDecryption, PkEncryption};

fn main() -> Result<()> {
    let plaintext = b"It's a secret to everybody";

    let decryption = PkDecryption::new();
    let encryption = PkEncryption::from_key(decryption.public_key());

    let message = encryption.encrypt(plaintext);
    let decrypted = decryption.decrypt(&message)?;

    assert_eq!(decrypted.as_slice(), plaintext);

    Ok(())
}

Structs§

Enums§

  • An error type describing failures which can happen during the decryption step.
  • An error type describing failures which can happen during the decoding of an encrypted Message.