mundane
RustCrypto
Our great sponsors
mundane | RustCrypto | |
---|---|---|
4 | 10 | |
1,070 | 636 | |
0.4% | 2.5% | |
0.0 | 7.0 | |
10 months ago | 9 days ago | |
Rust | Rust | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mundane
-
SAML Is Insecure by Design
Most problems with security specs and libraries that implement them are communication problems. They involve people incompletely describing or understanding their requirements, capabilities, or threat model. Usually this also involves providing/using interfaces that are not ergonomic (https://github.com/google/mundane/blob/master/DESIGN.md), which in turn comes from the spec trying to do too much (as XML Signature does).
I don't know how GPT could help with that. If anything I would expect it to bias toward things it has already seen, which is the opposite of what you want when writing a new spec/library aiming to avoid past mistakes.
-
Void Linux: "Switching back to OpenSSL"
I'm quite intrigued by mundane which is cryptography library with a Rust interface that contains lots of code from OpenSSL (via BoringSSL, which is a fork of OpenSSL).
-
How to implement a simple password-based encryption with ring?
(https://sequoia-pgp.org/, https://github.com/google/mundane, etc)
RustCrypto
-
(Why) is a toy password manager a too complex summer project?
I would say a toy (or personal-use-only) password manager is a relatively simple project. If we are to forget about the GUI parts, you need to determine serialization of your password database (bincode + serde should be enough) and how to encrypt it. For the latter you need only two algorithms: a password hash for deriving encryption key from password and optional salt (the latter is usually randomly generated and stored as a "key file"), and an AEAD algorithm for encrypting and decrypting serialized database. There are certain pitfalls with encryption (e.g. you should not reuse nonce with the same key, especially with modes like GCM) and with properly erasing sensitive data from memory, as well as preventing it from leaking to things like swap, but learning about those is part of the learning experience.
-
Announcing street-cred 0.1.1 - My first Rust crate
FYI: the rust-crypto crate is unmaintained. Take a look at https://github.com/RustCrypto/AEADs instead
-
Dexios - a secure command-line encryption tool.
Dexios is a secure command-line encryption tool, that uses audited crates provided by the RustCrypto Team.
-
SafeCloset, a Secret Safe - Why and how I made it in Rust
I choose an AEDS crate from the RustCrypto group: AES-GCM in its SIV variant (the SIV variant isn't really needed but it doesn't cost much).
-
Crate for AES256 - which one to choose? Questions about block cipher modes and AEAD too.
Use RustCrypto's aes with one of its block modes (https://docs.rs/block-modes/latest/block_modes/) or AEAD algorithms (https://github.com/RustCrypto/AEADs). There's a lot of modular stuff in RustCrypto, just need to browse a little 😉.
-
Sodiumoxide has been deprecated
crypto_secretbox: https://github.com/RustCrypto/AEADs/tree/master/xsalsa20poly1305
-
What encryption crates do you guys recommend, especially one with support for streams
I'd recommend https://github.com/RustCrypto/AEADs. RustCrypto's crates are high quality, widely used and some have even been audited. Unfortunately they don't provide a read/write interface.
- How to implement a simple password-based encryption with ring?
What are some alternatives?
ring - Safe, fast, small crypto using Rust
rustls - A modern TLS library in Rust
sodiumoxide - [DEPRECATED] Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium)
rust-crypto - A (mostly) pure-Rust implementation of various cryptographic algorithms.
orion - Usable, easy and safe pure-Rust crypto [Moved to: https://github.com/orion-rs/orion]
Ockam - Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
exonum - An extensible open-source framework for creating private/permissioned blockchain applications
orion - Usable, easy and safe pure-Rust crypto
ed25519-dalek - Fast and efficient ed25519 signing and verification in Rust.
rust-openssl - OpenSSL bindings for Rust
webpki - WebPKI X.509 Certificate Validation in Rust