Expand description
§Rust Crypto Utils v2.0
Production-ready, memory-safe cryptographic utilities for financial systems and secure applications.
§Features
- Memory Safety: Automatic zeroization of sensitive data
- Secure Password Hashing: Argon2id with configurable parameters
- AES-256-GCM Encryption: Authenticated encryption with associated data
- ChaCha20-Poly1305: Alternative AEAD cipher for cross-platform use (v2.0)
- Key Derivation: PBKDF2, HKDF, and Argon2 (NIST SP 800-132, RFC 5869)
- Digital Signatures: Ed25519 and HMAC-SHA256/SHA3
- Key Exchange: X25519 Diffie-Hellman key exchange (v2.0)
- Key Management: Secure key storage with rotation policies
- Secure Random Generation: Cryptographically secure random number generation
- Hash Functions: SHA-256, SHA-3, BLAKE3 for high-performance hashing (v2.0)
- Constant-Time Operations: Timing attack resistant comparisons (v2.0)
- Key Wrapping: Secure key wrapping for key hierarchies (v2.0)
§Alignment with Federal Guidance
Implements cryptographic best practices recommended by NIST and aligns with 2024 CISA/FBI guidance for memory-safe cryptographic implementations.
§What’s New in v2.0
- ChaCha20-Poly1305: Cross-platform authenticated encryption
- X25519 Key Exchange: Secure key agreement protocol
- BLAKE3 Hashing: High-performance cryptographic hashing
- SHA-3 Support: NIST-approved hash function family
- Key Wrapping: AES-KW for secure key storage
- Enhanced Key Rotation: Automatic key rotation with versioning
- Audit Logging: Cryptographic operation audit trail
Re-exports§
pub use keyderivation::DerivedKey;pub use keyderivation::Hkdf;pub use keyderivation::PasswordStrength;pub use keyderivation::Pbkdf2;pub use keymanagement::KeyMetadata;pub use keymanagement::KeyStore;pub use keymanagement::RotationPolicy;pub use signatures::Ed25519KeyPair;pub use signatures::Ed25519PublicKey;pub use signatures::HmacKey;pub use signatures::SignatureSuite;pub use keyexchange::X25519KeyPair;pub use keyexchange::X25519PublicKey;pub use hashing::HashAlgorithm;pub use hashing::Hasher;pub use hashing::HashOutput;pub use keywrap::KeyWrapper;pub use keywrap::WrappedKey;
Modules§
- encryption
- Encryption utilities using AES-256-GCM
- hashing
- Cryptographic hashing module v2.0
- hmac_
ops - HMAC-SHA256 utilities for message authentication
- keyderivation
- Key derivation functions (PBKDF2, HKDF)
- keyexchange
- X25519 Key Exchange module for secure key agreement v2.0
- keymanagement
- Secure key management and storage
- keywrap
- Key wrapping module for secure key storage v2.0
- password
- Password hashing utilities using Argon2id
- random
- Secure random number generation
- secure_
compare - Secure comparison utilities
- signatures
- Digital signatures using Ed25519 and HMAC
Structs§
- Secure
Key - Secure encryption key with automatic zeroization
- Secure
Password - Secure password with automatic zeroization
Enums§
- Crypto
Error - Cryptographic errors