RSA
pysequoia
RSA | pysequoia | |
---|---|---|
5 | 2 | |
505 | 5 | |
3.0% | - | |
7.4 | 7.9 | |
about 1 month ago | 13 days ago | |
Rust | Rust | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
RSA
-
rpgp: Pure Rust Implementation of OpenPGP
Yep, I saw the upstream[1].
However, I misread this: I thought the padding was being done on the cleartext signing side, but this is padding of the signature itself. So there's some malleability here, but it isn't susceptible to DO'1985. I'll update my top-level comment.
[1]: https://github.com/RustCrypto/RSA/issues/272
-
Marvin Attack on RSA (Rust): potential key recovery through timing sidechannels
Thanks! Changed from https://github.com/RustCrypto/RSA/security/advisories/GHSA-c... above.
- whats a good crate for rsa or Edsa
-
How to encrypt text file with Rust?
The RSA crate looks delightfully simple to use. https://github.com/RustCrypto/RSA
pysequoia
-
rpgp: Pure Rust Implementation of OpenPGP
I agree that gpg did not age well. If we compare it to a different project with similar history: curl, it's apparent that gpg chose wrong on several fronts. It should be a library first instead of a cli tool. Funny part is that even the library of gpg (gpgme) is internally calling the binary.
I've played around with designing a higher level library to OpenPGP once (https://pypi.org/project/pysequoia/) and personally I think it yields more readable, faster and secure code.
-
Calling Rust from Python
I'd also recommend PyO3 and Maturin. The amount of help these crates give is mind boggling (automatic type marshaling and even github CI jobs for creating cross platform precompiled wheels).
I've created a library using this crate (https://github.com/wiktor-k/pysequoia/) and most of the time I could just focus on the problem domain instead of technical details of the bindings.
There are just a couple of smaller issues (eg. Python to Rust async is not built in) but overall it's really nice.
What are some alternatives?
Twofish
PyO3 - Rust bindings for the Python interpreter
block-ciphers - Collection of block cipher algorithms written in pure Rust
bmp - Read and write uncompressed BMP image files
multihash-serialise - Haskell libraries for interacting with IPFS
candid - Candid Library for the Internet Computer
winery - Preservative serialisation format
awesome-cryptography-rust - Collect libraries and packages about cryptography in Rust.
crates.io - The Rust package registry
zip - Efficient library for manipulating zip archives
raaz - Cryptographic library for Haskell
SHA - Haskell implementation of SHA / SHA2 hash functions