mcginty / snow

A Rust implementation of the Noise Protocol Framework
Apache License 2.0
893 stars 119 forks source link
crypto cryptography noise noise-protocol noise-protocol-framework rust security

Snow

Crates.io Docs.rs Build Status dependency status

totally official snow logo

An implementation of Trevor Perrin's Noise Protocol that is designed to be Hard To Fuck Upβ„’.

πŸ”₯ Warning πŸ”₯ This library has not received any formal audit.

What's it look like?

See examples/simple.rs for a more complete TCP client/server example.

let mut noise = snow::Builder::new("Noise_NN_25519_ChaChaPoly_BLAKE2s".parse()?)
                    .build_initiator()?;

let mut buf = [0u8; 65535];

// write first handshake message
noise.write_message(&[], &mut buf)?;

// receive response message
let incoming = receive_message_from_the_mysterious_ether();
noise.read_message(&incoming, &mut buf)?;

// complete handshake, and transition the state machine into transport mode
let mut noise = noise.into_transport_mode()?;

See the full documentation at https://docs.rs/snow.

Implemented

Snow is currently tracking against Noise spec revision 34.

However, a not all features have been implemented yet (pull requests welcome):

Crypto

Cryptographic providers are swappable through Builder::with_resolver(), but by default it chooses select, artisanal pure-Rust implementations (see Cargo.toml for a quick overview).

Other Providers

ring

ring is a crypto library based off of BoringSSL and is significantly faster than most of the pure-Rust implementations.

If you enable the ring-resolver feature, Snow will include a resolvers::ring module as well as a RingAcceleratedResolver available to be used with Builder::with_resolver().

If you enable the ring-accelerated feature, Snow will default to choosing ring's crypto implementations when available.

Resolver primitives supported

default ring
CSPRNG βœ” βœ”
25519 βœ” βœ”
448
AESGCM βœ” βœ”
ChaChaPoly βœ” βœ”
SHA256 βœ” βœ”
SHA512 βœ” βœ”
BLAKE2s βœ”
BLAKE2b βœ”

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.