{"id":16819555,"url":"https://github.com/slowli/secret-tree","last_synced_at":"2025-03-22T03:31:34.068Z","repository":{"id":41947353,"uuid":"161673863","full_name":"slowli/secret-tree","owner":"slowli","description":"Hierarchical secret derivation with Blake2b and RNGs","archived":false,"fork":false,"pushed_at":"2025-02-06T03:53:08.000Z","size":1188,"stargazers_count":3,"open_issues_count":1,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-18T07:43:13.426Z","etag":null,"topics":["cryptography","key-derivation"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/slowli.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-13T17:39:33.000Z","updated_at":"2024-11-10T15:21:20.000Z","dependencies_parsed_at":"2023-11-13T21:27:12.629Z","dependency_job_id":"9b64ac97-40cf-452d-bdfa-5d9177d4afac","html_url":"https://github.com/slowli/secret-tree","commit_stats":{"total_commits":104,"total_committers":4,"mean_commits":26.0,"dds":0.08653846153846156,"last_synced_commit":"7e8513b364963317316ed8cb79befd74122856b4"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slowli%2Fsecret-tree","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slowli%2Fsecret-tree/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slowli%2Fsecret-tree/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/slowli%2Fsecret-tree/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/slowli","download_url":"https://codeload.github.com/slowli/secret-tree/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244902929,"owners_count":20529114,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","key-derivation"],"created_at":"2024-10-13T10:53:48.768Z","updated_at":"2025-03-22T03:31:33.651Z","avatar_url":"https://github.com/slowli.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Hierarchical secret derivation with Blake2b\n\n[![Build Status](https://github.com/slowli/secret-tree/workflows/CI/badge.svg?branch=master)](https://github.com/slowli/secret-tree/actions)\n[![License: Apache-2.0](https://img.shields.io/github/license/slowli/secret-tree.svg)](https://github.com/slowli/secret-tree/blob/master/LICENSE)\n![rust 1.70+ required](https://img.shields.io/badge/rust-1.70+-blue.svg)\n![no_std supported](https://img.shields.io/badge/no__std-tested-green.svg)\n\n**Documentation:** [![Docs.rs](https://docs.rs/secret-tree/badge.svg)](https://docs.rs/secret-tree/)\n[![crate docs (master)](https://img.shields.io/badge/master-yellow.svg?label=docs)](https://slowli.github.io/secret-tree/secret_tree/) \n\n`secret-tree` allows deriving multiple secrets from a single seed value\nin a secure and forward-compatible way.\nThe derivation procedure is hierarchical: a seed can be used to derive child seeds,\nwhich have the same functionality as the original.\n\n## Features\n\n- **Compact:** the seed takes 32 bytes regardless of the number and size\n  of derived secrets.\n- **Forward-compatible:** it's possible to add new and/or remove\n  existing derived secrets without regenerating the seed\n  or littering the codebase.\n- **Versatile:** the crate provides API to derive a virtually unbounded\n  number of secrets (via indexing) and secrets with complex internal structure\n  (thanks to a cryptographically secure pseudo-random number generator\n  that can be derived from the seed).\n\n## Usage\n\nAdd this to your `Crate.toml`:\n\n```toml\n[dependencies]\nsecret-tree = \"0.5.0\"\n```\n\nBasic usage:\n\n```rust\nuse secret_tree::{SecretTree, Name};\nuse rand::{Rng, thread_rng};\nuse secrecy::SecretBox;\n\nlet tree = SecretTree::new(\u0026mut thread_rng());\n// Create 2 children from the tree: an ordinary secret\n// and a CSPRNG with a fixed seed.\nlet secret: SecretBox\u003c[u8; 32]\u003e = tree\n    .child(Name::new(\"secret\"))\n    .create_secret();\nlet other_secret_rng = tree\n    .child(Name::new(\"other_secret\"))\n    .rng();\n```\n\nSee crate documentation for more details how to use the crate.\n\n## Implementation\n\nBlake2b is used to derive secrets in a similar (and mostly compatible) way\nit is used for key derivation in [libsodium]. Derived CSPRNGs are based\non the [ChaCha cipher], which has been extensively studied and has\nmuch smaller state size that alternatives (~160 bytes vs several kilobytes),\nlimiting the threat of state leakage.\n\nCrate documentation provides more implementation details.\n\n## Contributing\n\nAll contributions are welcome! See [the contributing guide](CONTRIBUTING.md) to help\nyou get involved.\n\n## License\n\nLicensed under the [Apache-2.0 license](LICENSE).\n\nUnless you explicitly state otherwise, any contribution intentionally submitted\nfor inclusion in `secret-tree` by you, as defined in the Apache-2.0 license,\nshall be licensed as above, without any additional terms or conditions.\n\n[libsodium]: https://download.libsodium.org/doc/key_derivation\n[ChaCha cipher]: https://tools.ietf.org/html/rfc7539\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslowli%2Fsecret-tree","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fslowli%2Fsecret-tree","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fslowli%2Fsecret-tree/lists"}