1. 10

orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code.

GitHub: https://github.com/orion-rs/orion Crates.io: https://crates.io/crates/orion

Orion now supports X25519 (Diffie-Hellman over Curve25519), which uses formally-verified field arithmetic generated by fiat-crypto. Additionally, a lot of focus was put into hardening the CI/CD of the crate along with added support for serde. This work was championed by @vlmutolo.

My sincerest thanks to all the new contributors that contributed other, but equally important improvements to these versions! Special thanks to @vlmutolo for his continuing work throughout this project, it is immensely appreciated!

  1.  

  2. 3

    Reposting my Reddit comment.


    I was surprised by how well it worked to integrate the fiat-crypto library into Orion. Fiat’s an impressive project. Now, Orion has X25519 with much less effort than a from-scratch implementation would have required, and while avoiding a huge class of vulnerabilities.

    1. 2

      Very cool! IMO the README sells it short — the formally-verified arithmetic and X25519 support are worth calling out.

      Very cool that you use strong typing in the API, as this is a pet peeve of mine with C crypto APIs. They give you a box of delicate machinery whose misuse can leave your code vulnerable to attack, but then declare all the parameters as void*. That’s like trying to hook up a time bomb whose wires are all the same color.

      1. 2

        IMO the README sells it short — the formally-verified arithmetic and X25519 support are worth calling out.

        Thanks, we’ll get this added!

        Very cool that you use strong typing in the API, as this is a pet peeve of mine with C crypto APIs.

        Something else that’s pretty cool, is the use of the ownership model, in the high-level key-exchange API that gives compile-time guarantees that a private key can only be used once, for ephemeral key-exchange (unless intentionally misused).