RustCrypto VS utils

I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.

FYI: the rust-crypto crate is unmaintained. Take a look at https://github.com/RustCrypto/AEADs instead

For AEAD with AES, you may want to use RustCrypto (https://github.com/RustCrypto/AEADs.git) instead

Dexios is a secure command-line encryption tool, that uses audited crates provided by the RustCrypto Team.

This is in relation to RustCrypto/AEADs#421 - myself and another user are having the exact same issue.

I choose an AEDS crate from the RustCrypto group: AES-GCM in its SIV variant (the SIV variant isn't really needed but it doesn't cost much).

Use RustCrypto's aes with one of its block modes (https://docs.rs/block-modes/latest/block_modes/) or AEAD algorithms (https://github.com/RustCrypto/AEADs). There's a lot of modular stuff in RustCrypto, just need to browse a little 😉.

crypto_secretbox: https://github.com/RustCrypto/AEADs/tree/master/xsalsa20poly1305

I'd recommend https://github.com/RustCrypto/AEADs. RustCrypto's crates are high quality, widely used and some have even been audited. Unfortunately they don't provide a read/write interface.

I didn't use any inline asm, instead I wrote the simplest if statement possible, which I confirmed on x86_64, x86, and aarch64 compiles down to use the platform's supported conditional move instructions. If this changes in the future and there's a need to write inline asm, you can do so in a portable way, e.g. the cmov crate.

There's also cpufeatures which might suit your use case better (depending on exactly how you want to do it).

I have seen that RustCrypto also offers a create for securely zeroing memory with: zeroize

The zeroing routine itself looks fine to me. You might want to compare your code with the (already mentioned) zeroize crate, which does something similar (or maybe identical?).

To save a few clicks, this was found to be, indeed, a Y2K issue, and der v0.4.1 has just been released to fix it. Citing the comment added to the issue after the fact:

I opened a tracking issue for that.

https://github.com/RustCrypto/utils/pull/325#issuecomment-791503136