mirror of
https://github.com/spacedriveapp/spacedrive
synced 2024-06-30 12:33:31 +00:00
| .. | ||
| assets | ||
| benches | ||
| examples | ||
| src | ||
| Cargo.toml | ||
| README.md | ||
Crypto
This crate contains Spacedrive's cryptographic modules.
This includes things such as:
- The key manager
- Encryption and decryption
- Encrypted file header formats (with extremely fast serialization and deserialization)
- Key hashing and derivation
- Keyring interfaces to access native OS keystores
It has support for the following cryptographic functions:
Argon2idBalloonhashingBLAKE3key derivationXChaCha20-Poly1305AES-256-GCM-SIV
It aims to be (relatively) lightweight, easy to maintain and platform-agnostic where possible. It does contain some platform-specific code, although it's only built if the target matches.
Features
A list of all features can be found below (NOTE: none of these features are enabled by default)
serde- provides integration withserdeandserde_json
tokio- provides integration with thetokiocratespecta- provides integration with thespectacratebincode- provides integration with thebincodecrate (this will likely become part of the crate)keyring- provides a unified interface for interacting with OS-keyrings (currently only supports MacOS/iOS/Linuxkeyutils).keyutilsis not persistent, so is best used in a headless server/docker environment, as keys are wiped on-reboot. The Secret Service API is not practically available in headless environments.secret-service- enableskeyringbut also enables the Secret Service API (a persistent keyring targeted at Gnome/KDE (viagnome-keyringandkwalletrespectively)). Is a pretty heavy dependency.
Security Notice
This crate has NOT received any security audit - however, a couple of our upstream libraries (provided by RustCrypto) have.
You may find them below:
- AES-GCM and XChaCha20-Poly1305 audit by NCC group (link)
Breaking changes are very likely! Use at your own risk - no stability or security is guaranteed.