orion
About
orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code. You can read more about orion in the wiki.
Currently supports:
- AEAD: (X)ChaCha20Poly1305.
- Stream ciphers: (X)ChaCha20.
- KDF: HKDF-HMAC-SHA512, PBKDF2-HMAC-SHA512.
- MAC: HMAC-SHA512, Poly1305.
- Hashing: BLAKE2b, SHA512.
Security
This library is not suitable for production code and usage is at own risk.
More information about security regarding orion is available in the wiki.
Features and Requirements
-
By default orion targets stable Rust and in this case, extra dependency specifications are not required.
-
no_std
: To use orion in ano_std
context, you need to specify the dependency as such:
[dependencies.orion]
version = "*" # Replace * with the most recent version
default-features = false
features = ["no_std"]
no_std
requires Rust nightly and benefits from the same inline assembly features as when using the nightly
feature.
When orion is used in a no_std
context, access to nearly all functionality, except for that in
hazardous
, is not available. This is because the high-level functionality depends on the OsRng
which is not available in no_std
.
nightly
: The nightly feature enables the use of inline assembly for constant-time comparisons. Usingnightly
is recommended for security. Specify the dependency as such, to use thenightly
feature:
[dependencies.orion]
version = "*" # Replace * with the most recent version
default-features = false
features = ["nightly"]
nightly
requires Rust nightly.
Documentation
Can be viewed here or built with:
cargo doc --no-deps
Tests and Fuzzing
The wiki has details on how orion is tested. To run all tests:
cargo test
Fuzzing is done using honggfuzz-rs in orion-fuzz. See orion-fuzz on how to start fuzzing orion.
Benchmarks
The library can be benchmarked as below. All benchmarking tests are located in benches/
.
cargo +nightly bench
Changelog
Can be found here.
License
orion is licensed under the MIT license. See the LICENSE
file for more information.