Expand description
§Apple CryptoKit for Rust
这个crate为Rust提供了Apple CryptoKit的绑定,允许在macOS、iOS等苹果平台上 使用经过优化的密码学算法。
§功能特性
- 哈希算法: SHA256, SHA384, SHA512等
- 消息认证码: HMAC-SHA256, HMAC-SHA384等
- 对称加密: AES-GCM, ChaCha20-Poly1305
- 非对称加密: 椭圆曲线密码学 (P256, P384, P521, Curve25519)
- 量子安全算法: ML-KEM, X-Wing, ML-DSA (抗量子攻击)
- 密钥派生: HKDF
- 密钥管理: 对称密钥生成和管理
§示例
§传统密码学
use apple_cryptokit::hashing::{sha256_hash, SHA256, HashFunction};
use apple_cryptokit::symmetric::aes::{aes_gcm_encrypt, aes_gcm_decrypt};
// 哈希计算
let data = b"Hello, World!";
let hash = sha256_hash(data);
// 或者使用trait
let hash = SHA256::hash(data);
// 对称加密
let key = b"0123456789abcdef0123456789abcdef"; // 32字节密钥
let nonce = b"cdef01234567"; // 12字节nonce
let plaintext = b"Secret message";
let ciphertext = aes_gcm_encrypt(key, nonce, plaintext)?;
let decrypted = aes_gcm_decrypt(key, nonce, &ciphertext)?;§量子安全密码学
use apple_cryptokit::quantum::{MLKem768, XWingMLKem768X25519, MLDsa65};
use apple_cryptokit::quantum::{KEMPrivateKey, KEMPublicKey, KeyEncapsulationMechanism};
use apple_cryptokit::quantum::{SignaturePrivateKey, SignaturePublicKey, DigitalSignatureAlgorithm};
// ML-KEM768 密钥封装
let private_key = MLKem768::generate_private_key()?;
let public_key = private_key.public_key();
let (ciphertext, shared_secret) = public_key.encapsulate()?;
let decapsulated_secret = private_key.decapsulate(&ciphertext)?;
assert_eq!(shared_secret, decapsulated_secret);
// X-Wing 混合KEM(结合ML-KEM768和X25519)
let xwing_private = XWingMLKem768X25519::generate_private_key()?;
let xwing_public = xwing_private.public_key();
let (xwing_ciphertext, xwing_secret) = xwing_public.encapsulate()?;
let xwing_decapsulated = xwing_private.decapsulate(&xwing_ciphertext)?;
assert_eq!(xwing_secret, xwing_decapsulated);
// ML-DSA65 数字签名
let sign_private = MLDsa65::generate_private_key()?;
let sign_public = sign_private.public_key();
let message = b"Hello, post-quantum world!";
let signature = sign_private.sign(message)?;
let is_valid = sign_public.verify(message, &signature)?;
assert!(is_valid);Re-exports§
pub use error::CryptoKitError;pub use error::Result;pub use hashing::HashAlgorithm;pub use hashing::HashBuilder;pub use hashing::HashFunction;pub use hashing::SHA1;pub use hashing::SHA256;pub use hashing::SHA384;pub use hashing::SHA512;pub use hashing::Sha256;pub use hashing::Sha384;pub use hashing::Sha512;pub use hashing::sha1_hash;pub use hashing::sha256_hash;pub use hashing::sha384_hash;pub use hashing::sha512_hash;pub use authentication::HMAC;pub use authentication::hmac_sha1;pub use authentication::hmac_sha256;pub use authentication::hmac_sha384;pub use authentication::hmac_sha512;pub use symmetric::aes::AESGCMNonce;pub use symmetric::aes::AESKey;pub use symmetric::aes::AESKeySize;pub use symmetric::aes::AesGcm;pub use symmetric::aes::aes_gcm_decrypt;pub use symmetric::aes::aes_gcm_decrypt_with_aad;pub use symmetric::aes::aes_gcm_encrypt;pub use symmetric::aes::aes_gcm_encrypt_with_aad;pub use symmetric::chacha::ChaChaKey;pub use symmetric::chacha::ChaChaPoly;pub use symmetric::chacha::ChaChaPolyNonce;pub use symmetric::chacha::chacha20poly1305_decrypt;pub use symmetric::chacha::chacha20poly1305_decrypt_with_aad;pub use symmetric::chacha::chacha20poly1305_encrypt;pub use symmetric::chacha::chacha20poly1305_encrypt_with_aad;pub use symmetric::AuthenticatedCipher;pub use symmetric::Cipher;pub use key_derivation::KeyDerivationFunction;pub use key_derivation::hkdf_sha256_derive;pub use key_derivation::hkdf_sha384_derive;pub use key_derivation::hkdf_sha512_derive;pub use keys::SymmetricKey;pub use keys::SymmetricKeySize;pub use quantum::DigitalSignatureAlgorithm;pub use quantum::KEMPrivateKey;pub use quantum::KEMPublicKey;pub use quantum::KeyEncapsulationMechanism;pub use quantum::MLDsa65;pub use quantum::MLDsa65PrivateKey;pub use quantum::MLDsa65PublicKey;pub use quantum::MLDsa87;pub use quantum::MLDsa87PrivateKey;pub use quantum::MLDsa87PublicKey;pub use quantum::MLKem768;pub use quantum::MLKem768PrivateKey;pub use quantum::MLKem768PublicKey;pub use quantum::MLKem1024;pub use quantum::MLKem1024PrivateKey;pub use quantum::MLKem1024PublicKey;pub use quantum::QuantumSafe;pub use quantum::SignaturePrivateKey;pub use quantum::SignaturePublicKey;pub use quantum::XWingMLKem768X25519;pub use quantum::XWingMLKem768X25519PrivateKey;pub use quantum::XWingMLKem768X25519PublicKey;