orion
mundane
| orion | mundane | |
|---|---|---|
| 5 | 4 | |
| 236 | 1,069 | |
| - | -0.2% | |
| 6.6 | 0.0 | |
| about 3 years ago | 10 months ago | |
| Rust | Rust | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
orion
-
orion 0.16 - const generics, organization changes and a new maintainer
GitHub: https://github.com/orion-rs/orion Crates.io: https://crates.io/crates/orion
-
Looking for an open-source project to join part-time
I'm the author and maintainer of a pure-Rust crypto library called Orion. I've been at it for a couple of years now, working on it in my spare time as well. There are a few people involved already, but we're still missing someone that is involved enough to be a "co-maintainer". There are some larger features that have been planned, but I lack the time currently to start too many new things. Of course, you can contribute in any amount you want.
-
Look-up tables for bcrypt, scrypt and Argon2?
Custom (the ones I have in the implementation I wrote)
-
How to implement a simple password-based encryption with ring?
With that said, i think multiple people are working on crypto libraries that take footguns out of it - which is what i think we definitely need. https://github.com/brycx/orion seems like a solid attempt at making crypto fool-proof , so i do have hope.
-
Does any interesting projects need help?
You're more than welcome to swing by at Orion (a pure-Rust crypto lib). You can also check the new Matrix room for a small chat.
mundane
-
Crates for helping with C FFI?
I'm the author of Mundane, which wraps BoringSSL, which is written in C. We have some internal utilities which make it safer to work with C objects by doing a certain amount of automatic memory management and lifecycle tracking.
-
SAML Is Insecure by Design
Most problems with security specs and libraries that implement them are communication problems. They involve people incompletely describing or understanding their requirements, capabilities, or threat model. Usually this also involves providing/using interfaces that are not ergonomic (https://github.com/google/mundane/blob/master/DESIGN.md), which in turn comes from the spec trying to do too much (as XML Signature does).
I don't know how GPT could help with that. If anything I would expect it to bias toward things it has already seen, which is the opposite of what you want when writing a new spec/library aiming to avoid past mistakes.
-
Void Linux: "Switching back to OpenSSL"
I'm quite intrigued by mundane which is cryptography library with a Rust interface that contains lots of code from OpenSSL (via BoringSSL, which is a fork of OpenSSL).
-
How to implement a simple password-based encryption with ring?
(https://sequoia-pgp.org/, https://github.com/google/mundane, etc)
What are some alternatives?
ring - Safe, fast, small crypto using Rust
saml-idp - Simple SAML Identity Provider (IdP)
rust-djangohashers - A Rust port of the password primitives used in Django Project.
RustCrypto - Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers
rust-crypto - A (mostly) pure-Rust implementation of various cryptographic algorithms.
shib-sp - Containerized Shibboleth SP
ASP.NET SAML - Very simple SAML 2.0 consumer module for ASP.NET/C#
octavo - Highly modular & configurable hash & crypto library
rage - A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
suruga - [INACTIVE] TLS 1.2 implementation in Rust
fusionauth-samlv2 - SAML v2.0 bindings in Java using JAXB