Crate rscrypto

Expand description

Pure Rust cryptography, hardware-accelerated on ten architectures. no_std first.

rscrypto is a single-crate cryptography stack: hashes, AEADs, MACs, KDFs, password hashing, signatures, key exchange, and checksums. Enable one leaf feature for a minimal build (sha2, aes-gcm, ed25519, anything) or full for the entire primitive set. Zero default dependencies; getrandom, serde, and rayon are opt-in.

The portable Rust path is the byte-for-byte authority. SIMD and ASM kernels are accelerators, differential-tested against the portable path on every release. Three-tier dispatch (compile-time target_feature → runtime detection → portable fallback) picks the fastest safe backend at runtime; without std, only the compile-time tier runs.

[dependencies]
rscrypto = { version = "0.1", default-features = false, features = ["sha2"] }

§Guides

Repository README: https://github.com/loadingalias/rscrypto#readme
Runnable examples: https://github.com/loadingalias/rscrypto/tree/main/examples
Additional docs: https://github.com/loadingalias/rscrypto/tree/main/docs
Security guidance: https://github.com/loadingalias/rscrypto/blob/main/docs/security.md

§API Shape

Checksums: Type::checksum(data) or new / update / finalize.
Digests: Type::digest(data) or new / update / finalize.
XOFs: Type::xof(data) or new / update / finalize_xof.
MACs: Type::mac(key, data) and Type::verify_tag(key, data, tag).
AEADs: typed keys and nonces, with combined and detached APIs.

§Quick Start

use rscrypto::{Digest, Sha256};

let digest = Sha256::digest(b"hello world");

let mut h = Sha256::new();
h.update(b"hello ");
h.update(b"world");
assert_eq!(h.finalize(), digest);

§AEAD

use rscrypto::{Aead, ChaCha20Poly1305, ChaCha20Poly1305Key, aead::Nonce96};

let key = ChaCha20Poly1305Key::from_bytes([0x11; 32]);
let nonce = Nonce96::from_bytes([0x22; Nonce96::LENGTH]);
let cipher = ChaCha20Poly1305::new(&key);

let mut buffer = *b"data";
let tag = cipher.encrypt_in_place(&nonce, b"aad", &mut buffer)?;
cipher.decrypt_in_place(&nonce, b"aad", &mut buffer, &tag)?;
assert_eq!(&buffer, b"data");

§Password Hashing

use rscrypto::{Argon2Params, Argon2VerifyPolicy, Argon2id};

let params = Argon2Params::new().build()?;
let encoded = Argon2id::hash_string(&params, b"correct horse battery staple")?;

assert!(
  Argon2id::verify_string_with_policy(
    b"correct horse battery staple",
    &encoded,
    &Argon2VerifyPolicy::default(),
  )
  .is_ok()
);

§Feature Groups

checksums: CRC families.
hashes: SHA-2, SHA-3, BLAKE2, BLAKE3, Ascon, XXH3, RapidHash.
auth: MACs, KDFs, password hashing, Ed25519, X25519.
aead: AES-GCM, AES-GCM-SIV, ChaCha20-Poly1305, XChaCha20-Poly1305, AEGIS-256, Ascon-AEAD128.
full: all public primitive families.

Leaf features are available for size-conscious builds.

§Security Posture

Constant-time MAC, AEAD, and signature verification with black_box barriers. Opaque verification errors that leak no failure detail. Zeroize on drop for every secret-bearing type. strict_* arithmetic on counters and lengths; release builds keep overflow-checks = true. Continuous libFuzzer with corpus replay in CI; Miri on the portable backends.

rscrypto is a primitives crate, not a FIPS 140-3 validated module. It exposes FIPS-aligned primitives (AES-256-GCM, SHA-2, SHA-3 / SHAKE, HMAC, KMAC, HKDF, PBKDF2) alongside non-FIPS ones. The portable-only feature flag forces dispatch to the constant-time portable backend for FIPS / DO-178C / ISO 26262 / IEC 62443 deployments. See the security guidance for nonce lifecycle, PHC verification limits, and platform fallback notes.

Re-exports§

pub use aead::AeadBufferError;aead
pub use aead::OpenError;aead
pub use aead::Aegis256;aegis256
pub use aead::Aegis256Key;aegis256
pub use aead::Aegis256Tag;aegis256
pub use aead::Aes256Gcm;aes-gcm
pub use aead::Aes256GcmKey;aes-gcm
pub use aead::Aes256GcmTag;aes-gcm
pub use aead::Aes256GcmSiv;aes-gcm-siv
pub use aead::Aes256GcmSivKey;aes-gcm-siv
pub use aead::Aes256GcmSivTag;aes-gcm-siv
pub use aead::AsconAead128;ascon-aead
pub use aead::AsconAead128Key;ascon-aead
pub use aead::AsconAead128Tag;ascon-aead
pub use aead::ChaCha20Poly1305;chacha20poly1305
pub use aead::ChaCha20Poly1305Key;chacha20poly1305
pub use aead::ChaCha20Poly1305Tag;chacha20poly1305
pub use aead::XChaCha20Poly1305;xchacha20poly1305
pub use aead::XChaCha20Poly1305Key;xchacha20poly1305
pub use aead::XChaCha20Poly1305Tag;xchacha20poly1305
pub use auth::HkdfOutputLengthError;hkdf
pub use auth::Kmac256;kmac
pub use auth::PhcError;phc-strings
pub use auth::Argon2Error;argon2
pub use auth::Argon2Params;argon2
pub use auth::Argon2VerifyPolicy;argon2
pub use auth::Argon2Version;argon2
pub use auth::Argon2d;argon2
pub use auth::Argon2i;argon2
pub use auth::Argon2id;argon2
pub use auth::Ed25519Keypair;ed25519
pub use auth::Ed25519PublicKey;ed25519
pub use auth::Ed25519SecretKey;ed25519
pub use auth::Ed25519Signature;ed25519
pub use auth::HkdfSha256;hkdf
pub use auth::HkdfSha384;hkdf
pub use auth::HmacSha256;hmac
pub use auth::HmacSha384;hmac
pub use auth::HmacSha512;hmac
pub use auth::Pbkdf2Error;pbkdf2
pub use auth::Pbkdf2Sha256;pbkdf2
pub use auth::Pbkdf2Sha512;pbkdf2
pub use auth::Scrypt;scrypt
pub use auth::ScryptError;scrypt
pub use auth::ScryptParams;scrypt
pub use auth::ScryptVerifyPolicy;scrypt
pub use auth::X25519Error;x25519
pub use auth::X25519PublicKey;x25519
pub use auth::X25519SecretKey;x25519
pub use auth::X25519SharedSecret;x25519
pub use checksum::Crc24OpenPgp;crc24
pub use checksum::Crc16Ccitt;crc16
pub use checksum::Crc16Ibm;crc16
pub use checksum::Crc32;crc32
pub use checksum::Crc32C;crc32
pub use checksum::Crc64;crc64
pub use checksum::Crc64Nvme;crc64
pub use hashes::crypto::ascon::AsconCxofCustomizationError;ascon-hash
pub use hashes::crypto::AsconCxof128;ascon-hash
pub use hashes::crypto::AsconCxof128Reader;ascon-hash
pub use hashes::crypto::AsconHash256;ascon-hash
pub use hashes::crypto::AsconXof;ascon-hash
pub use hashes::crypto::AsconXofReader;ascon-hash
pub use hashes::crypto::Blake2b;blake2b
pub use hashes::crypto::Blake2b256;blake2b
pub use hashes::crypto::Blake2b512;blake2b
pub use hashes::crypto::Blake2bParams;blake2b
pub use hashes::crypto::Blake2s128;blake2s
pub use hashes::crypto::Blake2s256;blake2s
pub use hashes::crypto::Blake2sParams;blake2s
pub use hashes::crypto::Blake3;blake3
pub use hashes::crypto::Blake3XofReader;blake3
pub use hashes::crypto::Cshake256;sha3
pub use hashes::crypto::Cshake256XofReader;sha3
pub use hashes::crypto::Sha3_224;sha3
pub use hashes::crypto::Sha3_256;sha3
pub use hashes::crypto::Sha3_384;sha3
pub use hashes::crypto::Sha3_512;sha3
pub use hashes::crypto::Shake128;sha3
pub use hashes::crypto::Shake128XofReader;sha3
pub use hashes::crypto::Shake256;sha3
pub use hashes::crypto::Shake256XofReader;sha3
pub use hashes::crypto::Sha224;sha2
pub use hashes::crypto::Sha256;sha2
pub use hashes::crypto::Sha384;sha2
pub use hashes::crypto::Sha512;sha2
pub use hashes::crypto::Sha512_256;sha2
pub use hashes::fast::RapidBuildHasher;rapidhash and alloc
pub use hashes::fast::RapidHasher;rapidhash and alloc
pub use hashes::fast::RapidHash;rapidhash
pub use hashes::fast::RapidHash128;rapidhash
pub use hashes::fast::RapidHashFast64;rapidhash
pub use hashes::fast::RapidHashFast128;rapidhash
pub use hashes::fast::Xxh3;xxh3
pub use hashes::fast::Xxh3_128;xxh3
pub use hashes::fast::Xxh3BuildHasher;xxh3 and alloc
pub use hashes::fast::Xxh3Hasher;xxh3 and alloc
pub use traits::Aead;aes-gcm or aes-gcm-siv or chacha20poly1305 or xchacha20poly1305 or aegis256 or ascon-aead
pub use traits::Checksum;
pub use traits::ChecksumCombine;
pub use traits::ConstantTimeEq;
pub use traits::Mac;
pub use traits::VerificationError;
pub use traits::ct;
pub use traits::Digest;sha2 or sha3 or blake2b or blake2s or blake3 or ascon-hash or xxh3 or rapidhash
pub use traits::FastHash;sha2 or sha3 or blake2b or blake2s or blake3 or ascon-hash or xxh3 or rapidhash
pub use traits::Xof;sha2 or sha3 or blake2b or blake2s or blake3 or ascon-hash or xxh3 or rapidhash

Modules§

aeadaes-gcm or aes-gcm-siv or chacha20poly1305 or xchacha20poly1305 or aegis256 or ascon-aead: Authenticated encryption with associated data foundations.
authhmac or hkdf or kmac or ed25519 or x25519 or phc-strings or argon2 or scrypt: Authentication and key-derivation primitives.
checksumcrc16 or crc24 or crc32 or crc64: High-performance CRC checksums.
hashessha2 or sha3 or blake2b or blake2s or blake3 or ascon-hash or xxh3 or rapidhash: Cryptographic digests and fast non-cryptographic hashes.
platform: CPU detection and capability reporting.
traits: Core cryptographic traits for rscrypto.

Structs§

DisplaySecretaes-gcm or aes-gcm-siv or chacha20poly1305 or xchacha20poly1305 or aegis256 or ascon-aead or ed25519 or x25519: Explicit opt-in wrapper for displaying secret key bytes as hex.
SecretBytes: Owned secret bytes that zeroize on drop.

Enums§

InvalidHexErroraes-gcm or aes-gcm-siv or chacha20poly1305 or xchacha20poly1305 or aegis256 or ascon-aead or ed25519 or x25519: Hex decoding error.

Crate rscrypto

Crate rscrypto Copy item path

§Guides

§API Shape

§Quick Start

§AEAD

§Password Hashing

§Feature Groups

§Security Posture

Re-exports§

Modules§

Structs§

Enums§

Crate rscrypto