{"id":27202505,"url":"https://github.com/rozbb/rust-hpke","last_synced_at":"2025-04-09T22:00:17.149Z","repository":{"id":41990251,"uuid":"249319182","full_name":"rozbb/rust-hpke","owner":"rozbb","description":"An implementation of the HPKE hybrid encryption standard (RFC 9180)","archived":false,"fork":false,"pushed_at":"2025-02-28T14:47:51.000Z","size":7459,"stargazers_count":70,"open_issues_count":9,"forks_count":32,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-04-09T21:59:53.682Z","etag":null,"topics":["cryptography","rust"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rozbb.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-03-23T02:41:15.000Z","updated_at":"2025-04-08T15:26:42.000Z","dependencies_parsed_at":"2022-09-07T16:03:27.586Z","dependency_job_id":"b5ac6689-75d1-40de-8e9d-164dfeebd609","html_url":"https://github.com/rozbb/rust-hpke","commit_stats":{"total_commits":200,"total_committers":9,"mean_commits":22.22222222222222,"dds":0.06000000000000005,"last_synced_commit":"2867b0ae90a36f27e2c312fe741f268ad558abbd"},"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozbb%2Frust-hpke","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozbb%2Frust-hpke/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozbb%2Frust-hpke/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rozbb%2Frust-hpke/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rozbb","download_url":"https://codeload.github.com/rozbb/rust-hpke/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248119311,"owners_count":21050754,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","rust"],"created_at":"2025-04-09T22:00:16.007Z","updated_at":"2025-04-09T22:00:16.990Z","avatar_url":"https://github.com/rozbb.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"rust-hpke\n=========\n[![Version](https://img.shields.io/crates/v/hpke.svg)](https://crates.io/crates/hpke)\n[![Docs](https://docs.rs/hpke/badge.svg)](https://docs.rs/hpke)\n[![CI](https://github.com/rozbb/rust-hpke/workflows/CI/badge.svg)](https://github.com/rozbb/rust-hpke/actions)\n\nThis is an implementation of the [HPKE](https://www.rfc-editor.org/rfc/rfc9180.html) hybrid encryption standard (RFC 9180).\n\nWarning\n-------\n\nThis crate has not been formally audited. Cloudflare [did a security](https://blog.cloudflare.com/using-hpke-to-encrypt-request-payloads/) review of version 0.8, though:\n\n\u003e The HPKE implementation we decided on comes with the caveat of not yet being\n\u003e formally audited, so we performed our own internal security review. We\n\u003e analyzed the cryptography primitives being used and the corresponding\n\u003e libraries. Between the composition of said primitives and secure programming\n\u003e practices like correctly zeroing memory and safe usage of random number\n\u003e generators, we found no security issues.\n\nWhat it implements\n------------------\n\nThis implementation complies with the [HPKE standard](https://www.rfc-editor.org/rfc/rfc9180.html) (RFC 9180).\n\nHere are all the primitives listed in the spec. The primitives with checked boxes are the ones that are implemented.\n\n* KEMs\n    - [X] DHKEM(Curve25519, HKDF-SHA256)\n    - [ ] DHKEM(Curve448, HKDF-SHA512)\n    - [X] DHKEM(P-256, HKDF-SHA256)\n    - [X] DHKEM(P-384, HKDF-SHA384)\n    - [X] DHKEM(P-521, HKDF-SHA512)\n* KDFs\n    - [X] HKDF-SHA256\n    - [X] HKDF-SHA384\n    - [X] HKDF-SHA512\n* AEADs\n    - [X] AES-GCM-128\n    - [X] AES-GCM-256\n    - [X] ChaCha20Poly1305\n\nCrate Features\n--------------\n\nDefault features flags: `alloc`, `x25519`, `p256`.\n\nFeature flag list:\n\n* `alloc` - Includes allocating methods like `AeadCtxR::open()` and `AeadCtxS::seal()`\n* `x25519` - Enables X25519-based KEMs\n* `p256` - Enables NIST P-256-based KEMs\n* `p384` - Enables NIST P-384-based KEMs\n* `p521` - Enables NIST P-521-based KEMs\n* `std` - Includes an implementation of `std::error::Error` for `HpkeError`. Also does what `alloc` does.\n\nFor info on how to omit or include feature flags, see the [cargo docs on features](https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html#choosing-features).\n\nUsage Examples\n--------------\n\nSee the [client-server](examples/client_server.rs) example for an idea of how to use HPKE.\n\nBreaking changes\n----------------\n\n### Breaking changes in v0.13\n\n* `PskBundle` now has a constructor that validates that the inputs are either both empty or nonempty.\n* `rand_core` was updated to v0.9\n\n### Breaking changes in v0.12\n\nThe `serde_impls` feature was removed. If you were using this and require backwards compatible serialization/deserialization, see the wiki page [here](https://github.com/rozbb/rust-hpke/wiki/Migrating-away-from-the-serde_impls-feature).\n\nMSRV\n----\n\nThe current minimum supported Rust version (MSRV) is 1.65.0 (897e37553 2022-11-02).\n\nChangelog\n---------\n\nSee [CHANGELOG.md](CHANGELOG.md) for a list of changes made throughout past versions.\n\nTests\n-----\n\nTo run all tests, execute `cargo test --all-features`. This includes known-answer tests, which test against `test-vector-COMMIT_ID.json`,where `COMMIT_ID` is the short commit of the version of the [spec](https://github.com/cfrg/draft-irtf-cfrg-hpke) that the test vectors came from. The finalized spec uses commit 5f503c5. See the [reference implementation](https://github.com/cisco/go-hpke) for information on how to generate a test vector.\n\nBenchmarks\n----------\n\nTo run all benchmarks, execute `cargo bench --all-features`. If you set your own feature flags, the benchmarks will still work, and run the subset of benches that it is able to. The results of a benchmark can be read as a neat webpage at `target/criterion/report/index.html`.\n\nCiphersuites benchmarked:\n\n* NIST Ciphersuite with 128-bit security: AES-GCM-128, HKDF-SHA256, ECDH-P256\n* Non-NIST Ciphersuite with 128-bit security: ChaCha20-Poly1305, HKDF-SHA256, X25519\n\nFunctions benchmarked in each ciphersuite:\n\n* `Kem::gen_keypair`\n* `setup_sender` with OpModes of Base, Auth, Psk, and AuthPsk\n* `setup_receiver` with OpModes of Base, Auth, Psk, and AuthPsk\n* `AeadCtxS::seal` with plaintext length 64 and AAD length 64\n* `AeadCtxR::open` with ciphertext length 64 and AAD length 64\n\nAgility\n-------\n\nA definition: *crypto agility* refers to the ability of a cryptosystem or protocol to vary its underlying primitives. For example, TLS has \"crypto agility\" in that you can run the protocol with many different ciphersuites.\n\nThis crate does not support crypto agility out of the box. This is because the cryptographic primitives are encoded as types satisfying certain constraints, and types need to be determined at compile time (broadly speaking). That said, there is nothing preventing you from implementing agility yourself. There is a [sample implementation](examples/agility.rs) in the examples folder. The sample implementation is messy because agility is messy.\n\nLicense\n-------\n\nLicensed under either of\n\n * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE))\n * MIT license ([LICENSE-MIT](LICENSE-MIT))\n\nat your option.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frozbb%2Frust-hpke","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frozbb%2Frust-hpke","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frozbb%2Frust-hpke/lists"}