9 releases
0.2.3 | Aug 18, 2021 |
---|---|
0.2.2 | Dec 17, 2020 |
0.2.1 | Sep 25, 2020 |
0.1.4 | Dec 21, 2019 |
0.1.1 | Apr 21, 2019 |
#824 in Cryptography
238 downloads per month
Used in 15 crates
(9 directly)
50KB
890 lines
ssb-crypto
This crate provides the cryptographic functionality needed to implement the Secure Scuttlebutt networking protocols and content signing and encryption.
See the documentation for more information.
lib.rs
:
This crate provides the cryptographic functionality needed to implement the Secure Scuttlebutt networking protocols and content signing and encryption.
There are two implementations of the crypto operations available; one that uses libsodium C library (via the sodiumoxide crate), and a pure-rust implementation that uses dalek and RustCrypto crates (which is the default). You can select which implementation to use via Cargo.toml feature flags (see below).
Features
If you only need the struct definitions and basic operations, disable default features, and (optionally) enable b64.
[dependencies.ssb-crypto]
version = "0.2"
default_features = false
features = ["b64"]
dalek
On by default. Use the dalek/RustCrypto implementation of the crypto operations.
The crypto functionality is exposed via convenient methods, eg Keypair::sign
and
PublicKey::verify
. If neither dalek
nor sodium
features are enabled,
these methods won't be available.
rand
On by default. Provide functions to generate keys and nonces with user-specified
cryptographically-secure random number generator (Eg. Nonce::generate_with_rng
).
These functions can be used in no_std
environments that aren't supported by getrandom
.
Enabled if dalek
is enabled.
getrandom
On by default. Provide functions to generate keys and nonces using the OS-provided
cryptographically-secure random number generator (via the getrandom crate).
For environments that aren't supported by getrandom, disable this feature and
use the generate_with_rng()
functions instead.
b64
On by default. Enable from_base64
functions for Keypair
, PublicKey
, Signature
, Hash
, and NetworkKey
.
Also enabled by alloc
.
alloc
On by default. Enable as_base64() -> String
functions for Keypair
, PublicKey
, Signature
, and Hash
.
sodium
Use the libsodium/sodiumoxide implementation of the crypto operations.
If the sodium
and dalek
features are both enabled, struct methods (eg. Keypair::sign
)
will use the dalek implementation. Note that this can happen if multiple dependencies
use ssb-crypto, some preferring sodium
, and others preferring dalek
.
To force the methods to use the sodium implementation, enable the force_sodium
feature.
WARNING: if you use the sodium implementation, you must call ssb_crypto::sodium::init(). If you don't, libsodium's random-number generation and key-generation functions are not thread-safe.
[dependencies.ssb-crypto]
version = "0.2"
default_features = false
features = ["sodium", "b64"]
sodium_module
Enable the sodium
module, which contains standalone functions
for all the crypto operations, implemented using libsodium/sodiumoxide.
This is mostly useful for testing; eg. cargo test --features sodium_module
will test the dalek and sodium implementations for compatibility.
Note that the sodium and dalek modules are hidden from the docs; you'll have
to look at the code if you want to use them directly.
no_std
support
To build for an embedded (aka no_std
) environment, disable default features,
enable dalek
and optionally b64
.
For example:
cargo build --no-default-features --features dalek,b64 --target thumbv7em-none-eabihf
Dependencies
~2.3–8.5MB
~87K SLoC