cryptography-rs 0.6.2

Block ciphers, hashes, public-key, and post-quantum primitives implemented directly from their specifications and original papers.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

//! Public-key building blocks.
//!
//! This module starts with the arithmetic foundation needed by the public-key
//! schemes here: a simple limb-based bigint representation, a reusable
//! Montgomery toolkit, plus primality and modular-arithmetic helpers. The goal
//! is fidelity to the published arithmetic in pure idiomatic Rust, not a
//! replacement for industrial multiprecision libraries or a wrapper around
//! external C code.
//!
//! The public-key APIs are layered, but not every scheme exposes every layer
//! with the same shape:
//! - arithmetic maps such as `encrypt_raw`, `encrypt_with_nonce`,
//!   `encrypt_point_with_nonce`, or `sign_digest_with_nonce`
//! - typed wrappers such as `encrypt`, `decrypt`, `sign_message`, and
//!   `verify_message`, which operate on the scheme's natural plaintext,
//!   ciphertext, or signature representation
//! - byte wrappers such as `encrypt_bytes`, `decrypt_bytes`,
//!   `verify_message_bytes`, standard wire encodings, and crate-defined key
//!   blobs
//!
//! The important design rule is that the math stays visible. The exact method
//! set depends on what the underlying construction naturally supports:
//! signature schemes do not grow encryption wrappers, key-agreement schemes do
//! not pretend to be byte-to-byte encryption APIs, and schemes such as `ECIES`
//! intentionally present a direct byte-oriented wrapper because the primitive
//! is already hybrid encryption.
//!
//! The arithmetic primitives remain directly accessible, and the wrapper layer
//! adds:
//! - `rsa_pkcs1` for OAEP encryption and PSS signatures
//! - `rsa_io` for standard RSA key serialization (`PKCS #1`, `PKCS #8`,
//!   `SPKI`) plus an optional flat XML export for symmetry with the other
//!   schemes
//! - internal `io` helpers for the crate-defined non-RSA key formats: a DER
//!   `SEQUENCE` of positive `INTEGER`s, custom PEM armor, and the shared flat
//!   XML form
//!
//! Public-key naming is normalized crate-wide:
//! - prefer `*_with_nonce` for deterministic/external-randomness entry points
//! - prefer `to_wire_bytes` / `from_wire_bytes` for standard compact encodings
//!   that omit curve or algorithm parameters
//! - prefer `to_key_blob` / `from_key_blob` for crate-defined self-describing
//!   binary formats
//!
//! This follows the crate-wide design rule: keep the implementation in Rust,
//! avoid intrinsics and FFI, and add dependencies only where they materially
//! improve interoperability or maintenance.

pub mod bigint;
pub mod cocks;
pub mod dh;
pub mod dsa;
pub mod ec;
pub mod ec_edwards;
pub mod ec_elgamal;
pub mod ecdh;
pub mod ecdsa;
pub mod ecies;
pub mod ed25519;
pub mod eddsa;
pub mod edwards_dh;
pub mod edwards_elgamal;
pub mod elgamal;
mod gf2m;
mod io;
pub mod ml_dsa;
pub mod ml_kem;
pub(crate) mod ntru_ees401ep1;
pub(crate) mod ntru_ees443ep1;
pub(crate) mod ntru_ees449ep1;
pub(crate) mod ntru_ees541ep1;
pub(crate) mod ntru_ees677ep1;
pub(crate) mod ntru_ees1087ep1;
pub(crate) mod ntru_ees1087ep2;
pub(crate) mod ntru_ees1171ep1;
pub(crate) mod ntru_ees1499ep1;
pub(crate) mod ntru_ees_core;
pub(crate) mod ntru_hps509;
pub(crate) mod ntru_hps677;
pub(crate) mod ntru_hps821;
pub(crate) mod ntru_hrss701;
mod ntru_poly_mul;
mod ntru_pqc_shared;
pub mod paillier;
pub mod primes;
pub mod rabin;
pub mod rsa;
pub mod rsa_io;
pub mod rsa_pkcs1;
pub mod schmidt_samoa;
pub mod x25519;
pub mod x448;