orion is a crypto library written in pure Rust, which tries to minimize the use of unsafe code.
It’s been about four months since I last posted an update (at least on /r/rust), about orion. A decent amount of time and energy has been put into trying to improve it since then. An overview of some important updates:
- Support added for: Poly1305, ChaCha20Poly1305, XChaCha20, XChaCha20Poly1305, BLAKE2b and SHA512.
- Various bugfixes, including one security-related logicbug, which was a result of my inexperience.
- The entire high-level interface was redesigned, integrating newtypes with opaque Debug and various other beneficial trait implementations.
- Major improvements to the documentation and a wiki going over things like design, dependencies, security and testing-suite.
- Error propagation improvements (before virtually non-existent).
- Improvements to: performance, benchmarking, testing (generally overall and additionally with quickcheck).
- AddressSanitizer and LeakSanitizer in CI.
- Improvements to fuzzing with both cargo-fuzz and honggfuzz-rs.
- 3 dependencies dropped, drastically reducing the amount of unsafe code in the dependencies.
If anybody has anything they think could be improved, don’t hesitate to say so! I’m open to suggestions and greatly appreciate any and all feedback.