Module safe

Bitwarden-crypto safe module

The safe module provides high-level cryptographic tools for building secure protocols and features. When developing new features, use this module first before considering lower-level primitives from other parts of bitwarden-crypto.

Password-protected key envelope

Use the password protected key envelope to protect a symmetric key with a password. Examples include:

• locking a vault with a PIN/Password
• protecting exports with a password

Internally, the module uses a KDF to protect against brute-forcing, but it does not expose this to the consumer. The consumer only provides a password and key.

Modules

password_protected_key_envelope 🔒

Password protected key envelope is a cryptographic building block that allows sealing a symmetric key with a low entropy secret (password, PIN, etc.).

Structs

PasswordProtectedKeyEnvelope

A password-protected key envelope can seal a symmetric key, and protect it with a password. It does so by using a Key Derivation Function (KDF), to increase the difficulty of brute-forcing the password.

Enums

PasswordProtectedKeyEnvelopeError

Errors that can occur when sealing or unsealing a key with the PasswordProtectedKeyEnvelope.