RustCrypto VS mundane

I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.

FYI: the rust-crypto crate is unmaintained. Take a look at https://github.com/RustCrypto/AEADs instead

For AEAD with AES, you may want to use RustCrypto (https://github.com/RustCrypto/AEADs.git) instead

Dexios is a secure command-line encryption tool, that uses audited crates provided by the RustCrypto Team.

This is in relation to RustCrypto/AEADs#421 - myself and another user are having the exact same issue.

I choose an AEDS crate from the RustCrypto group: AES-GCM in its SIV variant (the SIV variant isn't really needed but it doesn't cost much).

Use RustCrypto's aes with one of its block modes (https://docs.rs/block-modes/latest/block_modes/) or AEAD algorithms (https://github.com/RustCrypto/AEADs). There's a lot of modular stuff in RustCrypto, just need to browse a little 😉.

crypto_secretbox: https://github.com/RustCrypto/AEADs/tree/master/xsalsa20poly1305

I'd recommend https://github.com/RustCrypto/AEADs. RustCrypto's crates are high quality, widely used and some have even been audited. Unfortunately they don't provide a read/write interface.

I'm the author of Mundane, which wraps BoringSSL, which is written in C. We have some internal utilities which make it safer to work with C objects by doing a certain amount of automatic memory management and lifecycle tracking.

Most problems with security specs and libraries that implement them are communication problems. They involve people incompletely describing or understanding their requirements, capabilities, or threat model. Usually this also involves providing/using interfaces that are not ergonomic (https://github.com/google/mundane/blob/master/DESIGN.md), which in turn comes from the spec trying to do too much (as XML Signature does).

I don't know how GPT could help with that. If anything I would expect it to bias toward things it has already seen, which is the opposite of what you want when writing a new spec/library aiming to avoid past mistakes.

I'm quite intrigued by mundane which is cryptography library with a Rust interface that contains lots of code from OpenSSL (via BoringSSL, which is a fork of OpenSSL).

(https://sequoia-pgp.org/, https://github.com/google/mundane, etc)