Rust encryption

I am a newbi, and not sure if this is the place to ask for help.
I want a encrypt/decrypt function,
fn encrypt(a: &str) -> String
fn decrypt(a: &str) -> String

I want to use des, or aes ( not even sure what they mean), but it seems really difficult to create such functions, I asked AI, googled libraries, but they all seems supriingly complicated, and I can not make the compiler happy, simply because some type does not exist in some lib even AI said so.
Any help with a complete example of encryption?
Thanks,

Check out https://cryptopals.com/ for a fairly complete self directed training course on writing encryption.

Do you specifically need to write the encryption yourself, or are you looking for a library that supports encryption?

If the latter, consider using either rustls, aws-lc, or rust-crypto, depending on your needs.

Beware that functions exactly like the ones you specified will most likely do only encoding, which is not encryption, and isn't ensuring security/privacy of the data.

Encryption always requires some form of secret or private key. If you're not providing a key/secret, you're not encrypting.

Encrypted data usually needs additional information about parameters used when encrypting, as well as a digest/hash/mac/checksum that ensures the encrypted data hasn't been manipulated. This is why you end up with more complex APIs and output that is more than just a string.

I assume you mean the RustCrypto GitHub organization, rust-crypto is an unmaintained crate. Important difference

Yes, that's exactly what I meant. Thank you for clarifying.

topic was moved here from IRLO

DES is the "Data Encryption Standard" and it's hilariously obsolete, being from 1975 and demonstrably broken since 1999. It is sometimes used as a shorthand for the also obsolete, but slightly less so, "Triple DES" or 3DES. Don't use either.

AES is the "Advanced Encryption Standard" and is the current "default" encryption standard for symmetric cyphers - that is where both sides know the secret, as opposed to asymmetric cyphers like RSA or Elliptic Curve you might see for uses like signing.

Yep, at first glance there's a lot more than you might expect, but when you break it down it's not too scary:

Like most symmetric cyphers, AES is a block cypher: you need to give it a certain size of data to encode fixed by the algorithm, leading to "padding" standards to fill out the rest of the last block without introducing other security flaws. Also this means each block should be encrypted using a different key, or you could determine things about the encrypted data just by looking for patterns in the encrypted blocks, this leads to "cypher modes" that determine the next key to use, such as CBC "Cypher Block Chaining".

There's also a bunch of details about secure key storage, but otherwise that's pretty much it.

Pick a specific, up to date, recommendation from an authority like NIST, and just plug in those values.

Depends what you mean; just following the specifications it isn't too hard to get the right result writing the primitives (AES in particular is just a bunch of shuffling bits around, additions and xor, if I remember correctly) - but doing it actually securely in a production system is much harder (a big issue is it's practically impossible to take exactly the same amount of time regardless of input, which can slowly leak the key to an attacker - this is a big deal for RSA in particular, I'm not sure about AES).

Worse, it's extremely easy to incorrectly use these primitives when building a higher level encryption, forgetting to use a secure random source for an initialization vector, using incorrect padding, generating weak keys, and so on. Many famously broken encryption implementations were due to not following the instructions!

That's not surprising. Even when a model knows about a specific library, it will often be significantly out of date, and worse, can mix up details between different but related libraries very easily. Read documentation first, where it's available, and in the worst case, read the source. It's fine to ask an AI something, so long as you remember they're not actually a source of truth, and more like a particularly dumb dog that's read everything. More useful than you'd think that would be, but don't let it do your job.

This crate has a simplified API for encryption cocoon - Rust

crypto libraries are designed for general data, you seems to want text message encryption/decryption? I think your use case is better served via rpc or cli of tools like GPG.

gpgme (GnuPGMadeEasy) probably has the closest API to your expectation, for example, to call encrypt(), you just need a key, a plain text input, and a cipher text output:

it's the easiest API to quickly encrypt and decrypt some messages, as long as you already have your GPG set up properly.