Skip to main content

crypt_io/
lib.rs

1//! # crypt-io
2//!
3//! ENCRYPTION SUITE FOR RUST
4//!
5//! AEAD encryption (ChaCha20-Poly1305, AES-256-GCM), hashing (BLAKE3, SHA-2), MAC
6//! (HMAC, BLAKE3 keyed), and KDF (HKDF, Argon2id). Algorithm-agile. RustCrypto-backed
7//! primitives with REPS discipline. Simple API. Sub-microsecond throughput.
8//!
9//! # Design philosophy
10//!
11//! crypt-io is a focused encryption library that wraps proven cryptographic
12//! primitives (from RustCrypto and the BLAKE3 team) with:
13//!
14//! - A clean, ergonomic API
15//! - Algorithm agility (switch ciphers via enum or feature flag)
16//! - REPS-disciplined error handling and lifecycle
17//! - Tight integration with the portfolio (mod-rand, error-forge, optional log-io/metrics-lib)
18//! - Sub-microsecond throughput targets verified by benchmarks
19//!
20//! crypt-io does NOT implement cryptographic primitives from scratch. The actual
21//! math comes from battle-tested upstream crates. crypt-io's job is the integration,
22//! the API design, and the safety discipline (constant-time, zeroize, key handling).
23//!
24//! # Scope
25//!
26//! In scope:
27//!
28//! - **Symmetric AEAD encryption** (ChaCha20-Poly1305, AES-256-GCM)
29//! - **Stream/file encryption** for large data (chunked AEAD with framing)
30//! - **Hashing** (BLAKE3, SHA-256, SHA-512)
31//! - **MAC** (HMAC-SHA256, BLAKE3 keyed)
32//! - **KDF** (HKDF for key derivation, Argon2id for password hashing)
33//!
34//! Out of scope (use other crates):
35//!
36//! - **Random utilities** -> use `mod-rand`
37//! - **UUID generation** -> use `id-forge`
38//! - **Asymmetric crypto** (RSA, ECDSA, Ed25519) -> deferred to separate crate
39//! - **PGP/GPG** -> use `sequoia-openpgp`
40//! - **TLS** -> use `rustls`
41//! - **Key storage** -> use `key-vault`
42//!
43//! # Status
44//!
45//! Early scaffolding. Public API not yet defined. See [the repository](https://github.com/jamesgober/crypt-io)
46//! and `.dev/ROADMAP.md` for the milestone plan.
47//!
48//! # License
49//!
50//! Dual-licensed under Apache-2.0 OR MIT.
51
52#![doc(html_root_url = "https://docs.rs/crypt-io")]
53#![cfg_attr(docsrs, feature(doc_cfg))]
54#![cfg_attr(not(feature = "std"), no_std)]
55// REPS §Code Quality canonical lint set. `#![deny(warnings)]` is
56// intentionally NOT used at the crate root — new rustc versions can
57// introduce lints that retroactively break downstream builds of a
58// published crate. CI carries `RUSTFLAGS="-D warnings"` instead so the
59// gate is enforced where the lint surface is pinned to the toolchain
60// matrix.
61#![deny(missing_docs)]
62#![deny(unsafe_op_in_unsafe_fn)]
63#![deny(unused_must_use)]
64#![deny(unused_results)]
65#![deny(clippy::unwrap_used)]
66#![deny(clippy::expect_used)]
67#![deny(clippy::todo)]
68#![deny(clippy::unimplemented)]
69#![deny(clippy::unreachable)]
70#![deny(clippy::print_stdout)]
71#![deny(clippy::print_stderr)]
72#![deny(clippy::dbg_macro)]
73#![deny(clippy::undocumented_unsafe_blocks)]
74#![deny(clippy::missing_safety_doc)]
75#![warn(clippy::pedantic)]
76#![allow(clippy::module_name_repetitions)]
77
78extern crate alloc;
79
80mod error;
81
82#[cfg(any(feature = "aead-chacha20", feature = "aead-aes-gcm"))]
83pub mod aead;
84
85#[cfg(any(feature = "hash-blake3", feature = "hash-sha2"))]
86pub mod hash;
87
88pub use crate::error::{Error, Result};
89
90#[cfg(any(feature = "aead-chacha20", feature = "aead-aes-gcm"))]
91pub use crate::aead::{Algorithm, Crypt};
92
93/// Crate version string, populated by Cargo at build time.
94pub const VERSION: &str = env!("CARGO_PKG_VERSION");