RustCrypto VS dexios

I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.

FYI: the rust-crypto crate is unmaintained. Take a look at https://github.com/RustCrypto/AEADs instead

For AEAD with AES, you may want to use RustCrypto (https://github.com/RustCrypto/AEADs.git) instead

Dexios is a secure command-line encryption tool, that uses audited crates provided by the RustCrypto Team.

This is in relation to RustCrypto/AEADs#421 - myself and another user are having the exact same issue.

I choose an AEDS crate from the RustCrypto group: AES-GCM in its SIV variant (the SIV variant isn't really needed but it doesn't cost much).

Use RustCrypto's aes with one of its block modes (https://docs.rs/block-modes/latest/block_modes/) or AEAD algorithms (https://github.com/RustCrypto/AEADs). There's a lot of modular stuff in RustCrypto, just need to browse a little 😉.

crypto_secretbox: https://github.com/RustCrypto/AEADs/tree/master/xsalsa20poly1305

I'd recommend https://github.com/RustCrypto/AEADs. RustCrypto's crates are high quality, widely used and some have even been audited. Unfortunately they don't provide a read/write interface.

Rclone can be used on windows dexios has a wip gui app and borg yeah thats a linux only thing. You could probably use rclone itself though as it has tons of useful features like encryption.

Hey so when looking at xchacha as it seems to be getting more and more popular in terms of adoption for securing files/messages etc. I noticed that when experimenting and testing file encryption with applications like dexios picocrypt and hat.sh that none of the files could be read/understood by other applications. While this doesn't happen with alot of other apps/algos likes aes afaik.

A command line tool written in rust that uses XChaCha20-Poly1305 designed for its ease of use, simplicity, and high security.

I'm assuming this software would be just as safe but there seems to be features that Picocrypt has that I can't see if dexios has. Unless someone can correct me with that and they do in fact share the same set of features

Not knowning what Dexios is, I did visit https://github.com/brxken128/dexios and learnt:

You may find Dexios on Github, and you can find the full documentation on Github Pages.

You may view the project on Github

Windows is mostly supported1, and we offer builds for it on Github!

This is a huge step up from v7.x.x versions, as encrypted file headers have finally been standardized!. This means your files will always be backwards-compatible, and always supported.