I'm looking for something that:
-
works in wasm
-
relatively secure
-
has a brain dead API of:
key.encrypt(src: &[u8]) -> Vec<u8>
key.decrypt(src: &[u8]) -> Vec<u8>
Crate suggestions ?
#2 rules out rot26
#1/#3 rules out openssl
I don't know cryptography, but does RustCrypto's AES-GCM-SIV look simple enough?
If you prefer to give up
removes many of the “sharp edges” of AES-GCM, providing significantly better security bounds while simultaneously eliminating the most catastrophic risks of nonce reuse that exist in AES-GCM
to avoid the
No security audits of this crate have ever been performed. [...] USE AT YOUR OWN RISK!
then there's also AES-GCM — Rust crypto library // Lib.rs from the same organization.
These are pure Rust libraries, whereas Sodium Oxide is bindings to C. (I've never compiled to WASM and don't know whether that matters.)
RustCrypto also has a Rust implementation of XSalsa20Poly1305 — Rust crypto library // Lib.rs, the algorithm used in sodiumoxide::secretbox, which they say is obsoleted by
They say that's "amenable to fast, constant-time implementations in software", which I guess WASM likely will use.
2 Likes
This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.