ferrocrypt 0.3.0-beta.1

Recipient-oriented file and directory encryption: passphrase (Argon2id) and X25519 public-key recipients, XChaCha20-Poly1305 STREAM payloads, HKDF-SHA3-256 / HMAC-SHA3-256 key derivation and authentication.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

//! Reusable cryptographic building blocks and typed secrets.
//!
//! Owns:
//!
//! - [`keys`] — file-key generation, payload/header subkey derivation,
//!   passphrase wrap-key derivation, and shared key-size constants.
//! - [`kdf`] — Argon2id parameter validation ([`kdf::KdfParams`]) and
//!   resource-cap policy ([`kdf::KdfLimit`]).
//! - [`hkdf`] — HKDF-SHA3-256 expansion helper.
//! - [`mac`] — HMAC-SHA3-256 helpers and constant-time 32-byte
//!   comparison.
//! - [`aead`] — XChaCha20-Poly1305 single-shot seal/open helpers used to
//!   wrap the per-file `file_key`.
//! - [`stream`] — STREAM-BE32 payload encryptor/decryptor adapters and
//!   chunk-size constants.
//! - [`tlv`] — authenticated TLV grammar validator (FORMAT.md §6).
//!
//! Recipient-specific HKDF info strings live with their recipient
//! schemes; header/payload labels live in [`keys`]; the private-key
//! wrap label lives with [`crate::key::private`].

pub(crate) mod aead;
pub(crate) mod hkdf;
pub(crate) mod kdf;
pub(crate) mod keys;
pub(crate) mod mac;
pub(crate) mod stream;
pub(crate) mod tlv;