ssb-crypto

This crate provides the cryptographic functionality needed to implement the Secure Scuttlebutt networking protocols and content signing and encryption.

See the documentation for more information.

lib.rs:

This crate provides the cryptographic functionality needed to implement the Secure Scuttlebutt networking protocols and content signing and encryption.

There are two implementations of the crypto operations available; one that uses libsodium C library (via the sodiumoxide crate), and a pure-rust implementation that uses dalek and RustCrypto crates (which is the default). You can select which implementation to use via Cargo.toml feature flags (see below).

Features

If you only need the struct definitions and basic operations, disable default features, and (optionally) enable b64.

[dependencies.ssb-crypto]
version = "0.2"
default_features = false
features = ["b64"]

dalek

On by default. Use the dalek/RustCrypto implementation of the crypto operations. The crypto functionality is exposed via convenient methods, eg Keypair::sign and PublicKey::verify. If neither dalek nor sodium features are enabled, these methods won't be available.

rand

On by default. Provide functions to generate keys and nonces with user-specified cryptographically-secure random number generator (Eg. Nonce::generate_with_rng). These functions can be used in no_std environments that aren't supported by getrandom. Enabled if dalek is enabled.

getrandom

On by default. Provide functions to generate keys and nonces using the OS-provided cryptographically-secure random number generator (via the getrandom crate). For environments that aren't supported by getrandom, disable this feature and use the generate_with_rng() functions instead.

b64

On by default. Enable from_base64 functions for Keypair, PublicKey, Signature, Hash, and NetworkKey. Also enabled by alloc.

alloc

On by default. Enable as_base64() -> String functions for Keypair, PublicKey, Signature, and Hash.

sodium

Use the libsodium/sodiumoxide implementation of the crypto operations. If the sodium and dalek features are both enabled, struct methods (eg. Keypair::sign) will use the dalek implementation. Note that this can happen if multiple dependencies use ssb-crypto, some preferring sodium, and others preferring dalek. To force the methods to use the sodium implementation, enable the force_sodium feature.

WARNING: if you use the sodium implementation, you must call ssb_crypto::sodium::init(). If you don't, libsodium's random-number generation and key-generation functions are not thread-safe.

[dependencies.ssb-crypto]
version = "0.2"
default_features = false
features = ["sodium", "b64"]

sodium_module

Enable the sodium module, which contains standalone functions for all the crypto operations, implemented using libsodium/sodiumoxide. This is mostly useful for testing; eg. cargo test --features sodium_module will test the dalek and sodium implementations for compatibility. Note that the sodium and dalek modules are hidden from the docs; you'll have to look at the code if you want to use them directly.

no_std support

To build for an embedded (aka no_std) environment, disable default features, enable dalek and optionally b64. For example:

cargo build --no-default-features --features dalek,b64 --target thumbv7em-none-eabihf