orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code. You can read more about orion in the wiki.
Currently supports:
- AEAD: (X)ChaCha20Poly1305.
- Stream ciphers: (X)ChaCha20.
- KDF: HKDF-HMAC-SHA512, PBKDF2-HMAC-SHA512, Argon2i.
- MAC: HMAC-SHA512, Poly1305.
- Hashing: BLAKE2b, SHA512.
This library has not undergone any third-party security audit. Usage is at own risk.
More information about security regarding orion is available in the wiki.
Rust 1.41 or later is supported however, the majority of testing happens with latest stable Rust.
MSRV may be changed at any point and will not be considered a SemVer breaking change.
By default orion targets stable Rust with std. To use orion in a no_std context, you need to specify the dependency as such:
orion = { version = "*", default-features = false }
# Replace * with the most recent versionWhen orion is used in a no_std context, the high-level API is not available, since it relies on access to the systems random number generator.
Argon2i is not available with no_std by default, but can be by enabling the alloc feature:
[dependencies.orion]
version = "*" # Replace * with the most recent version
default-features = false
features = ["alloc"]Can be viewed here or built with:
cargo doc --no-deps
The wiki has details on how orion is tested. To run all tests:
cargo test
Fuzzing is done using honggfuzz-rs in orion-fuzz. See orion-fuzz on how to start fuzzing orion.
Constant-time execution tests can be found at orion-dudect and orion-sidefuzz.
An overview of the performance that can be expected from orion can be seen here.
The library can be benchmarked with Criterion as below. All benchmarking tests are located in benches/.
cargo bench
Please refer to the CHANGELOG.md list.
Please refer to the guidelines in CONTRIBUTING.md for information on how to contribute to orion.
orion is licensed under the MIT license. See the LICENSE file for more information.