32 releases (5 breaking)
|0.6.1||Sep 5, 2018|
|0.5.2||Aug 22, 2018|
|0.4.2||Jul 26, 2018|
#62 in Cryptography
360 downloads per month
Used in 1 crate
orion is a cryptography library written in pure-Rust which aims to provide easy and usable crypto. 'Usable' meaning exposing high-level API's that are easy to use and hard to misuse. You can read more about orion in the wiki.
- AEAD: ChaCha20Poly1305, XChaCha20Poly1305
- Stream ciphers: ChaCha20, XChaCha20
- KDF: HKDF-HMAC-SHA512
- Password hashing: PBKDF2-HMAC-SHA512
- MAC: HMAC-SHA512, Poly1305
- XOF: cSHAKE256
This library is not suitable for production code and usage is at own risk.
More information about security regarding orion is available in the wiki.
By default orion targets stable Rust and in this case, extra dependency specifications are not required. Using orion with stable Rust does however depend on a C compiler to be available on the system. Features
no_stddo not have this dependency.
no_std: To use orion in a
no_stdcontext, you need to specify the dependency as such:
[dependencies.orion] version = "*" # Replace * with the most recent version default-features = false features = ["no_std"]
no_std requires Rust nightly and benefits from the same inline assembly features as when using the
When orion is used in a
no_std context, access to nearly all functionality, except for that in
hazardous, is not available. This is because the high-level functionality depends on the
which is not available in
nightly: The nightly feature enables the use of inline assembly for memory wiping and constant-time comparisons. Using
nightlyis recommended for security. Specify the dependency as such, to use the
[dependencies.orion] version = "*" # Replace * with the most recent version default-features = false features = ["nightly"]
nightly requires Rust nightly.
Can be viewed here or built with:
cargo doc --no-deps
The wiki has details on how orion is tested. To run all tests:
Fuzzing is done using libFuzzer with cargo-fuzz. Fuzzing targets can be run with:
cargo +nightly fuzz run -O fuzz_target
The library can be benchmarked as below. All benchmarking tests are located in
cargo +nightly bench
Can be found here.
- ring (HMAC, HKDF, PBKDF2, AEAD ChaCha20Poly1305)
- RustCrypto HMAC
- RustCrypto HKDF
- RustCrypto PBKDF2
- sp800-185 (cSHAKE)
- chacha (ChaCha20, XChaCha20)
orion is licensed under the MIT license. See the
LICENSE file for more information.