Warning: There are no guarantees for the security of these implementations. Use at your own risk.
Cryptographic functions implemented in Rust, with a simple API.
Currently contains: * HMAC with SHA2(256, 384, 512). * HKDF with the above HMAC options. * PBKDF2 with the above HMAC options.
Use it like this: ``` extern crate orion use orion::{default, util};
// HMAC-SHA512 let key = util::genrandkey(64); let msg = "Some message.".as_bytes();
let expectedhmac = default::hmac(&key, msg); // Verifying an HMAC-SHA512 asserteq!(default::hmacverify(&expectedhmac, &key, &msg), true);
// HKDF-HMAC-SHA512 let salt = util::genrandkey(64); let data = "Some data.".asbytes(); let info = "Some info.".asbytes();
let hkdf = default::hkdf(&salt, data, info, 64); // Verifying an HKDF HMAC-SHA512 asserteq!(default::hkdfverify(&hkdf, &salt, data, info, 64), true);
// PBKDF2-HMAC-SHA512 let salt = util::genrandkey(64);
let derivedpassword = default::pbkdf2("Secret password".asbytes(), &salt); // Verifying a derived key asserteq!(default::pbkdf2verify(&derivedpassword, "Secret password".asbytes(), &salt), true); ```
To build the most recent: cargo doc --no-deps or view here.
Unit tests are located in the same file as what is being tested, apart from implementation verification tests - these are in tests.
To run all tests: cargo test.
``` PBKDF2-HMAC-SHA256, iterations = 1: 0.000009282000974053517 seconds PBKDF2-HMAC-SHA256, iterations = 10000: 0.017861276000985526 seconds PBKDF2-HMAC-SHA256, iterations = 16777216: 28.345894931999283 seconds
HKDF-HMAC-SHA256: 0.00002259599932585843 seconds HKDF-HMAC-SHA384: 0.00001884199991764035 seconds HKDF-HMAC-SHA512: 0.000005493000571732409 seconds
HMAC-SHA256: 0.00000212700069823768 seconds HMAC-SHA384: 0.0000023610009520780295 seconds HMAC-SHA512: 0.0000024699984351173043 seconds ``` Tested on an Intel® Core™ i7-4790.
Thanks to @defuse for a quick audit of the code.
orion is licensed under the MIT license. See the LICENSE file for more information.