Module dryoc::dryocstream::protected
source · Available on crate feature
nightly
only.Expand description
Protected memory type aliases for DryocStream
This mod provides re-exports of type aliases for protected memory usage
with DryocStream
. These type aliases are provided for convenience.
Example
use dryoc::dryocstream::protected::*;
use dryoc::dryocstream::{DryocStream, Tag};
// Load some message into locked readonly memory.
let message1 = HeapBytes::from_slice_into_readonly_locked(b"Arbitrary data to encrypt")
.expect("from slice failed");
let message2 =
HeapBytes::from_slice_into_readonly_locked(b"split into").expect("from slice failed");
let message3 =
HeapBytes::from_slice_into_readonly_locked(b"three messages").expect("from slice failed");
// Generate a random key into locked readonly memory.
let key = Key::gen_readonly_locked().expect("key failed");
// Initialize the push stream, place the header into locked memory
let (mut push_stream, header): (_, Locked<Header>) = DryocStream::init_push(&key);
// Encrypt the set of messages, placing everything into locked memory.
let c1: LockedBytes = push_stream
.push(&message1, None, Tag::MESSAGE)
.expect("Encrypt failed");
let c2: LockedBytes = push_stream
.push(&message2, None, Tag::MESSAGE)
.expect("Encrypt failed");
let c3: LockedBytes = push_stream
.push(&message3, None, Tag::FINAL)
.expect("Encrypt failed");
// Initialized the pull stream
let mut pull_stream = DryocStream::init_pull(&key, &header);
// Decrypt the set of messages, putting everything into locked memory
let (m1, tag1): (LockedBytes, Tag) = pull_stream.pull(&c1, None).expect("Decrypt failed");
let (m2, tag2): (LockedBytes, Tag) = pull_stream.pull(&c2, None).expect("Decrypt failed");
let (m3, tag3): (LockedBytes, Tag) = pull_stream.pull(&c3, None).expect("Decrypt failed");
assert_eq!(message1.as_slice(), m1.as_slice());
assert_eq!(message2.as_slice(), m2.as_slice());
assert_eq!(message3.as_slice(), m3.as_slice());
assert_eq!(tag1, Tag::MESSAGE);
assert_eq!(tag2, Tag::MESSAGE);
assert_eq!(tag3, Tag::FINAL);
Re-exports
pub use crate::protected::*;
Type Aliases
- Heap-allocated, page-aligned header for authenticated secret streams, for use with protected memory.
- Heap-allocated, page-aligned secret key for authenticated secret streams, for use with protected memory.
- Heap-allocated, page-aligned nonce for authenticated secret streams, for use with protected memory.