orion 0.16.0

Usable, easy and safe pure-Rust crypto
Documentation

orion

Tests Daily tests dudect Security Audit codecov Documentation Crates.io Safety Dance MSRV Matrix

About

Orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code. You can read more about Orion in the wiki.

Currently supports:

  • AEAD: (X)ChaCha20Poly1305.
  • Stream ciphers: (X)ChaCha20.
  • KDF: HKDF, PBKDF2, Argon2i.
  • MAC: HMAC, Poly1305.
  • Hashing: BLAKE2b, SHA2.

Security

This library has not undergone any third-party security audit. Usage is at own risk.

See the SECURITY.md regarding recommendations on correct use, reporting security issues and more. Additional information about security regarding Orion is available in the wiki.

Minimum Supported Rust Version

Rust 1.51 or later is supported however, the majority of testing happens with latest stable Rust.

MSRV may be changed at any point and will not be considered a SemVer breaking change.

Crate Features

By default Orion targets stable Rust with std. To use Orion in a no_std context, you need to specify the dependency as such:

orion = { version = "*", default-features = false }
# Replace * with the most recent version

When Orion is used in a no_std context, the high-level API is not available, since it relies on access to the systems random number generator.

Argon2i is not available with no_std by default, but can be by enabling the alloc feature:

[dependencies.orion]
version = "*" # Replace * with the most recent version
default-features = false
features = ["alloc"]

Documentation

Can be viewed here or built with:

cargo doc --no-deps

Tests and Fuzzing

The wiki has details on how orion is tested. To run all tests:

cargo test

Fuzzing is done using honggfuzz-rs in orion-fuzz. See orion-fuzz on how to start fuzzing orion.

Constant-time execution tests can be found at orion-dudect and orion-sidefuzz.

Benchmarks

An overview of the performance that can be expected from Orion can be seen here.

The library can be benchmarked with Criterion as below. All benchmarking tests are located in benches/.

cargo bench

Changelog

Please refer to the CHANGELOG.md list.

Contributing

Please refer to the guidelines in CONTRIBUTING.md for information on how to contribute to Orion.

License

Orion is licensed under the MIT license. See the LICENSE file for more information.