pub struct PkDecryption { /* private fields */ }
Expand description
The decryption component of the PkEncryption support.
The public key can be shared with others, allowing them to encrypt messages which can be decrypted using the corresponding private key.
Implementations§
Source§impl PkDecryption
impl PkDecryption
Sourcepub fn new() -> Self
pub fn new() -> Self
Create a new random PkDecryption
object.
This contains a fresh Curve25519SecretKey
which is used as a
long-term key to derive individual message keys and effectively serves
as the decryption secret.
Sourcepub fn from_key(secret_key: Curve25519SecretKey) -> Self
pub fn from_key(secret_key: Curve25519SecretKey) -> Self
Create a PkDecryption
object from a Curve25519SecretKey
key.
The Curve25519SecretKey
will be used as the long-term key to derive
individual message keys.
Sourcepub const fn secret_key(&self) -> &Curve25519SecretKey
pub const fn secret_key(&self) -> &Curve25519SecretKey
Get the Curve25519SecretKey
of this PkDecryption
object.
If persistence is required, securely serialize and store this key. It
can be used to reconstruct the PkDecryption
object for decrypting
associated messages.
Sourcepub const fn public_key(&self) -> Curve25519PublicKey
pub const fn public_key(&self) -> Curve25519PublicKey
Get the associated ephemeral Curve25519PublicKey
. This key can be
used to reconstruct the PkEncryption
object to encrypt messages.
Sourcepub fn from_libolm_pickle(
pickle: &str,
pickle_key: &[u8],
) -> Result<Self, LibolmPickleError>
pub fn from_libolm_pickle( pickle: &str, pickle_key: &[u8], ) -> Result<Self, LibolmPickleError>
Create a PkDecryption
object by unpickling a PkDecryption pickle in
libolm legacy pickle format.
Such pickles are encrypted and need to first be decrypted using a
pickle_key
.
Sourcepub fn to_libolm_pickle(
&self,
pickle_key: &[u8],
) -> Result<String, LibolmPickleError>
pub fn to_libolm_pickle( &self, pickle_key: &[u8], ) -> Result<String, LibolmPickleError>
Pickle a PkDecryption
into a libolm pickle format.
This pickle can be restored using the
[PkDecryption::from_libolm_pickle]
method, or can be used in the
libolm
C library.
The pickle will be encrypted using the pickle key.
⚠️ Security Warning: The pickle key will get expanded into both an AES key and an IV in a deterministic manner. If the same pickle key is reused, this will lead to IV reuse. To prevent this, users have to ensure that they always use a globally (probabilistically) unique pickle key.
§Examples
use vodozemac::pk_encryption::PkDecryption;
use olm_rs::{pk::OlmPkDecryption, PicklingMode};
let decrypt = PkDecryption::new();
let pickle = decrypt
.to_libolm_pickle(&[0u8; 32])
.expect("We should be able to pickle a freshly created PkDecryption");
let unpickled = OlmPkDecryption::unpickle(
pickle,
PicklingMode::Encrypted { key: [0u8; 32].to_vec() },
).expect("We should be able to unpickle our exported PkDecryption");