Large Files Encryption

Method available for E3Kit Swift v2.2.0, Kotlin v2.0.6, JavaScript v2.4.0 and newer.

E3Kit provides a method for encryption that allows to encrypt large amount of data (using streams for Java/Kotlin and Swift, or entire files for JavaScript). This is useful when the size of data is too large to be encrypted or decrypted all at once.

We recommend using file encryption with files larger than 1mb.

Before you begin

Be sure to implement the following:

Encrypt large files

To encrypt a large file for one user or a group, use the encryptShared method (encryptSharedFile in JavaScript).

This method generates a new key pair (fileEncryptionKey) and encrypts the file with it. After that, the sender needs to upload the encrypted file to a remote storage and share the link to it with the recipient.

Next, the user needs to encrypt the fileEncryptionKey with a specific E3Kit method: Default encryption for peer-to-peer, Group encryption for group. Use your business logic to send the link and the encrypted stream key (encrypted FileEncryptionKey) to the recipient.

Encrypt for one user

// 1. Prepare streams.
val plaintext = "Hello"
val data = plaintext.toByteArray()
val inputStream = ByteArrayInputStream(data)
val inputStreamSize = data.size
val encryptedOutputStream = ByteArrayOutputStream()

// 2. Encrypt stream.
val streamKeyData = aliceEthree.encryptShared(inputStream, inputStreamSize, encryptedOutputStream)

// 3. Upload data from `encryptedOutputStream` to a remote storage.

/**
* Application specific code.
*/

// 4. Encrypt `streamKeyData` to a specific user (peer-to-peer).
val bobCard = aliceEthree.findUser(bobIdentity).get()
val p2pEncryptedStreamKeyData = aliceEthree.authEncrypt(Data(streamKeyData), bobCard)

// 5. Send encrypted `streamKeyData` (p2pEncryptedStreamKeyData, or groupEncryptedStreamKeyData) to destination device.

/**
* Application specific code.
*/

Encrypt for group

// 1. Prepare streams.
val plaintext = "Hello"
val data = plaintext.toByteArray()
val inputStream = ByteArrayInputStream(data)
val inputStreamSize = data.size
val encryptedOutputStream = ByteArrayOutputStream()

// 2. Encrypt stream.
val streamKeyData = aliceEthree.encryptShared(inputStream, inputStreamSize, encryptedOutputStream)

// 3. Upload data from `encryptedOutputStream` to a remote storage.

/**
* Application specific code.
*/

// 4. Encrypt `streamKeyData` for a group.
val groupId = "group-chat-1"
val bobUsersResult = aliceEthree.findUsers(arrayListOf(bobIdentity)).get()
val aliceGroup = aliceEthree.createGroup(groupId, bobUsersResult).get()
val groupEncryptedStreamKeyData = aliceGroup.encrypt(streamKeyData)

// 5. Send encrypted `streamKeyData` (p2pEncryptedStreamKeyData, or groupEncryptedStreamKeyData) to destination device.

/**
* Application specific code.
*/

Decrypt large files

To decrypt the shared file, use the decryptShared method (decryptSharedFile in JavaScript).

The recipient uses their private key to decrypt the encrypted stream key (encrypted fileEncryptionKey). In case of group encryption, group members use the group's private key to decrypt the encrypted fileEncryptionKey. After that, the recipient decypts the file using the decrypted stream key (decrypted fileEncryptionKey).

Decrypt encrypted for one user

// 1. Receive `encryptedStreamKeyData` and download data from the remote storage.
/**
* Application specific code.
*/

// 2. Prepare streams.
val encryptedInputStream = ByteArrayInputStream(encryptedData)
val decryptedOutputStream = ByteArrayOutputStream()

// 3. Find initiator's Card.
val aliceCard = bobEthree.findUser(aliceIdentity).get()

// 4. Decrypt `encryptedStreamKeyData` received peer-to-peer.
val p2pDecryptedStreamKeyData = bobEthree.authDecrypt(Data(p2pEncryptedStreamKeyData), aliceCard).value

// 5. Decrypt stream.
val decryptedStreamKeyData = p2pDecryptedStreamKeyData ?: groupDecryptedStreamKeyData

bobEthree.decryptShared(encryptedInputStream, decryptedOutputStream, decryptedStreamKeyData, aliceCard)

Decrypt encrypted for group

// 1. Receive `encryptedStreamKeyData` and download data from the remote storage.
/**
* Application specific code.
*/

// 2. Prepare streams.
val encryptedInputStream = ByteArrayInputStream(encryptedData)
val decryptedOutputStream = ByteArrayOutputStream()

// 3. Find initiator's Card.
val aliceCard = bobEthree.findUser(aliceIdentity).get()

// 4. Decrypt `encryptedStreamKeyData` received by the group.
val groupId = "group-chat-1"
val bobGroup = bobEthree.loadGroup(groupId, aliceCard).get() // load correspond group
val groupDecryptedStreamKeyData = bobGroup.decrypt(groupEncryptedStreamKeyData, aliceCard) // decrypt key

// 5. Decrypt stream.
val decryptedStreamKeyData = p2pDecryptedStreamKeyData ?: groupDecryptedStreamKeyData

bobEthree.decryptShared(encryptedInputStream, decryptedOutputStream, decryptedStreamKeyData, aliceCard)