Warning: There are no guarantees for the security of these implementations. Use at your own risk.
Cryptographic functions implemented in Rust, with a simple API.
Currently contains: * HMAC with SHA2(256, 384, 512). * HKDF with the above HMAC options. * PBKDF2 with the above HMAC options.
Include it in your Cargo.toml file:
[dependencies]
orion = ">=0.2.11"
Use it like this:
```
extern crate orion
use orion::{default, util};
// HMAC-SHA512 let key = util::genrandkey(64); let msg = "Some message.".as_bytes();
let expectedhmac = default::hmac(&key, msg); // Verifying an HMAC-SHA512 asserteq!(default::hmacvalidate(&expectedhmac, &key, &msg), true);
// HKDF-HMAC-SHA512 let salt = util::genrandkey(64); let data = "Some data.".asbytes(); let info = "Some info.".asbytes();
let hkdf = default::hkdf(&salt, data, info, 64);
// PBKDF2-HMAC-SHA512 let salt = util::genrandkey(64);
let derivedpassword = default::pbkdf2("Secret password".asbytes(), &salt); // Verifying a derived key asserteq!(default::pbkdf2verify("Secret password".asbytes(), &salt, &derivedpassword), true); ```
All unit-tests are located in the same file as the functions they are testing.
To run tests: cargo test.
``` PBKDF2-HMAC-SHA256, iterations = 1: 0.000008269002137240022 seconds PBKDF2-HMAC-SHA256, iterations = 10000: 0.023377304001769517 seconds PBKDF2-HMAC-SHA256, iterations = 16777216: 36.364124953997816 seconds
HKDF-HMAC-SHA256: 0.000008642000466352329 seconds HKDF-HMAC-SHA384: 0.000011432999599492177 seconds HKDF-HMAC-SHA512: 0.000007079997885739431 seconds
HMAC-SHA256: 0.0000030190021789167076 seconds HMAC-SHA384: 0.000003324999852338806 seconds HMAC-SHA512: 0.000003296998329460621 seconds ``` Tested on an Intel® Core™ i7-4790.
Thanks to @defuse for a quick audit of the code.
orion is licensed under the MIT license. See the LICENSE file for more information.