Popularity
4.7
Growing
Activity
8.9
Declining
143
12
12

Description

orion is a cryptography library written in pure-Rust which aims to provide easy and usable crypto. 'Usable' meaning exposing high-level API's that are easy to use and hard to misuse.

Monthly Downloads: 260
Programming language: Rust
License: MIT License
Tags: Cryptography     Aead     Mac     Hashing     KDF    
Latest version: v0.14.4

orion alternatives and similar packages

Based on the "Cryptography" category

Do you think we are missing an alternative of orion or a related project?

Add another 'Cryptography' Package

README

orion

Build Status Build status codecov dependency status Documentation Crates.io Safety Dance MSRV

About

orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code. You can read more about orion in the wiki.

Currently supports:

  • AEAD: (X)ChaCha20Poly1305.
  • Stream ciphers: (X)ChaCha20.
  • KDF: HKDF-HMAC-SHA512, PBKDF2-HMAC-SHA512.
  • MAC: HMAC-SHA512, Poly1305.
  • Hashing: BLAKE2b, SHA512.

Security

This library is not suitable for production code and usage is at own risk.

More information about security regarding orion is available in the wiki.

Minimum Supported Rust Version

Rust 1.37 or later is supported however, the majority of testing happens with latest stable Rust.

MSRV may be changed at any point and will not be considered a SemVer breaking change.

Features

  • By default orion targets stable Rust and in this case, extra dependency specifications are not required.

  • no_std: To use orion in a no_std context, you need to specify the dependency as such:

    [dependencies.orion]
    version = "*" # Replace * with the most recent version
    default-features = false
    features = ["no_std"]
    

    no_std requires Rust nightly and benefits from the same inline assembly features as when using the nightly feature.

When orion is used in a no_std context, access to nearly all functionality, except for that in hazardous, is not available. This is because the high-level functionality depends on the systems random generator, which is not available in no_std.

  • nightly: The nightly feature enables the use of inline assembly for constant-time comparisons. Using nightly is recommended for security. Specify the dependency as such, to use the nightly feature: [dependencies.orion] version = "*" # Replace * with the most recent version default-features = false features = ["nightly"] nightly requires Rust nightly.

Documentation

Can be viewed here or built with:

cargo doc --no-deps

Tests and Fuzzing

The wiki has details on how orion is tested. To run all tests:

cargo test

Fuzzing is done using honggfuzz-rs in orion-fuzz. See orion-fuzz on how to start fuzzing orion.

Constant-time execution tests can be found at orion-dudect and orion-sidefuzz.

Benchmarks

The library can be benchmarked with Criterion as below. All benchmarking tests are located in benches/.

cargo bench

Changelog

Please refer to the CHANGELOG.md list.

Contributing

Please refer to the guidelines in CONTRIBUTING.md for information on how to contribute to orion.

License

orion is licensed under the MIT license. See the LICENSE file for more information.


*Note that all licence references and agreements mentioned in the orion README section above are relevant to that project's source code only.