💬 Join the Matrix chat

libsodium library, in pure Rust

dryoc: Don't Roll Your Own Crypto™[^1]

dryoc is a pure-Rust, general-purpose cryptography library. It's provides an implementation of the excellent libsodium library, in pure Rust.

The purpose of this project is to provide a pure-Rust, mostly drop-in replacement for libsodium. This library has nearly the same ergonomics as libsodium (referred to in dryoc as the Classic API), such that people familiar with libsodium can use this library nearly interchangeably. While the API is not 100% identical to libsodium, most functions have the same or very similar signatures.

In addition to the Classic API, there's a Rustaceous API which aims to bring an idiomatic Rust implementation of libsodium's core features: public and secret key authenticated cryptography and general-purpose cryptography tools.

Not all features from libsodium are implemented here, either because there exist better implementations in other crates, or because they aren't necessary as part of this crate.

Additionally, this crate provides exceptionally safe cryptography thanks to Rust's safety features. The Rustaceous API is designed designed to make it difficult to shoot yourself in the foot. It's worth noting, however, you certainly can still shoot yourself if you choose (either by leaking private data, using insecure hardware, OPSEC issues, etc).

Features

  • Many libsodium implemented with both Classic and Rustaceous API
  • Protected memory handling
  • Serde support (with features = ["serde"])

Project status

The following libsodium features are currently implemented, or awaiting implementation:

  • Public-key cryptography (crypto_box_*) libsodium link
  • Secret-key cryptography (crypto_secretbox_*) libsodium link
  • Point*scalar multiplication (crypto_scalarmult*) libsodium link
  • Zeroing memory (sodium_memzero) with zeroize libsodium link
  • Generating random data (randombytes_buf) libsodium link
  • Encrypted streams (crypto_secretstream_*) libsodium link
  • Memory locking (sodium_mlock, sodium_munlock, sodium_mprotect_*) libsodium link
  • Encrypting related messages (sodium_increment) libsodium link
  • Generic hashing (crypto_generichash_*) libsodium link
  • Secret-key authentication (crypto_auth*) libsodium link
  • One-time authentication (crypto_onetimeauth_*) libsodium link
  • Sealed boxes (crypto_box_seal*) libsodium link
  • Key derivation (crypto_kdf_*) libsodium link
  • Key exchange (crypto_kx_*) libsodium link
  • Public-key signatures (crypto_sign_*) libsodium link
  • Ed25519 to Curve25519 (crypto_sign_ed25519_*) libsodium link
  • Short-input hashing (crypto_shorthash) libsodium link
  • Password hashing (crypto_pwhash_*) libsodium link

The following libsodium features are either incomplete, not exposed as public APIs, or not implemented; you may find equivalent functionality in other crates:

  • Stream ciphers (use salsa20 crate directly instead)
  • Helpers and padding utilities
  • Advanced features:
    • Scrypt (use scrypt crate directly instead)
    • Finite field arithmetic (try the curve25519-dalek crate)

Stargazers over time

Other NaCl-related Rust implementations worth mentioning

  • sodiumoxide
  • crypto_box

[^1]: Not actually trademarked.

Information - Updated Jun 18, 2022

Stars: 104
Forks: 9
Issues: 0

Repositories & Extras

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Rust-Crypto seeks to create practical, auditable, pure-Rust implementations of common cryptographic

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Orion is a cryptography library written in pure Rust

It aims to provide easy and usable crypto while trying to minimize the use of unsafe code

Orion is a cryptography library written in pure Rust

Rustls is a modern TLS library written in Rust

ring for cryptography and rustls-pemfile crate

Rustls is a modern TLS library written in Rust

Mundane is a Rust cryptography library backed by BoringSSL that is difficult

to misuse, ergonomic, and performant (in that order)

Mundane is a Rust cryptography library backed by BoringSSL that is difficult

Rustls is a modern TLS library written in Rust

ring for cryptography and rustls-pemfile crate

Rustls is a modern TLS library written in Rust

A (mostly) pure-Rust implementation of various common cryptographic algorithms

Rust-Crypto seeks to create practical, auditable, pure-Rust implementations of common cryptographic

A (mostly) pure-Rust implementation of various common cryptographic algorithms

This repository holds a Rust port of Google's Tink cryptography library

This repository holds a Rust port of Google's RustCrypto crates – this repo focuses on making

This repository holds a Rust port of Google's Tink cryptography library

A cryptography library that is mainly implemented in Rust

I aim to implement bindings to other languages such as C/C++ and Python

A cryptography library that is mainly implemented in Rust

Libsm is an open source pure rust library of China Cryptographic Algorithm Standards

It is completed by a collaborative effort between the Cryptape Technology LLC

Libsm is an open source pure rust library of China Cryptographic Algorithm Standards

Cryptographic algorithms in pure Rust

The main interface to these crates is the RustCrypto traits

Cryptographic algorithms in pure Rust

A collection of cryptography functions written in Rust

rustup -- curl --proto '=https' --tlsv1

A collection of cryptography functions written in Rust
Facebook Instagram Twitter GitHub Dribbble
Privacy