#crypto #aes #rijndael #block-cipher

no-std aesni

AES (Rijndael) block ciphers implementation using AES-NI

16 unstable releases (3 breaking)

0.4.1 Aug 7, 2018
0.4.0 Jul 27, 2018
0.3.5 Jun 22, 2018
0.3.1 Mar 6, 2018
0.1.1 Jul 31, 2017

#66 in Cryptography

Download history 28/week @ 2018-07-09 158/week @ 2018-07-16 71/week @ 2018-07-23 155/week @ 2018-07-30 262/week @ 2018-08-06 136/week @ 2018-08-13 167/week @ 2018-08-20 94/week @ 2018-08-27 89/week @ 2018-09-03 192/week @ 2018-09-10 198/week @ 2018-09-17 211/week @ 2018-09-24 172/week @ 2018-10-01

425 downloads per month
Used in 21 crates (6 directly)


1.5K SLoC

RustCrypto's block ciphers Build Status

Collection of block cipher algorithms written in pure Rust.


Currently only aesni and aes-soft crates provide constant-time implementation. If you do not really know what you are doing it's generally recommended not to use other cipher implementations in this repository.

Additionally crates in this repository have not yet received any formal cryptographic and security reviews.


Supported algorithms

Name Alt name Crates.io Documentation
AES Rijndael crates.io crates.io Documentation Documentation
Blowfish crates.io Documentation
DES crates.io Documentation
Kuznyechik GOST R 34.12-2015 crates.io Documentation
Magma GOST 28147-89 and GOST R 34.12-2015 crates.io Documentation
RC2 ARC2 crates.io Documentation
Twofish crates.io Documentation

Minimum Rust version

All crates in this repository support Rust 1.22 or higher. (except aesni, which requires Rust 1.27) In future minimally supported version of Rust can be changed, but it will be done with the minor version bump.


Block cipher crates provide only bare block cipher implementations. For most applications you will need to use some block cipher mode of operation which are generically implemented in the block-modes crate.

Lets use AES128-ECB with PKCS7 padding to show an example:

extern crate aes_soft as aes;
extern crate block_modes;

use block_modes::{BlockMode, BlockModeIv, Cbc};
use block_modes::block_padding::Pkcs7;
use aes::Aes128;

// create an alias for convinience
type Aes128Cbc = Cbc<Aes128, Pkcs7>;

let mut cipher = Aes128Cbc::new_varkey(key, iv).unwrap();
// buffer must have enough space for message+padding
let mut buffer = [0u8; 32];
// copy message to the buffer
let encrypted_msg = cipher.encrypt_pad(&mut buffer, msg_len).unwrap();

let mut cipher = Aes128Cbc::new_varkey(key, iv).unwrap();
let decrypted_msg = cipher.decrypt_pad(encrypted_data).unwrap();

Note that this example does not use any authentification which can lead to serious vulnarabilities! For Message Authentication Code implementations take a look at RustCrypto/MACs repository.


All crates licensed under either of

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.