Lib.rs

Cryptography
#authentication #aes-gcm #encryption #x25519 #hmac-sha256 #apfsds #ed25519 #cryptographic-primitives #key-exchange

apfsds-crypto

Cryptographic primitives for APFSDS (X25519, AES-GCM, Ed25519)

Owned by rand0mdevel0per.

4 releases (breaking)

Uses new Rust 2024

0.4.0 Feb 5, 2026
0.3.0 Feb 4, 2026
0.2.0 Jan 18, 2026
0.1.0 Jan 17, 2026

#2439 in Cryptography


Used in 3 crates

MIT license

26KB
573 lines

apfsds-crypto

Cryptographic primitives for APFSDS.

Features

  • AES-256-GCM: Authenticated encryption with associated data
  • Ed25519: Digital signatures and verification
  • X25519 ECDH: Elliptic curve Diffie-Hellman key exchange
  • HMAC-SHA256: Token authentication and integrity verification
  • XOR Filter: Efficient replay protection

Usage

use apfsds_crypto::{AesGcmCipher, Ed25519Keypair, HmacAuth};

// AES-256-GCM encryption
let cipher = AesGcmCipher::new(&key);
let ciphertext = cipher.encrypt(plaintext)?;
let plaintext = cipher.decrypt(&ciphertext)?;

// Ed25519 signing
let keypair = Ed25519Keypair::generate();
let signature = keypair.sign(message);
assert!(keypair.verify(message, &signature));

// HMAC authentication
let auth = HmacAuth::new(&secret);
let token = auth.generate_token(user_id, expiry);
assert!(auth.verify_token(&token));

Security Notes

  • All keys are securely generated using rand
  • AES-GCM uses random 12-byte nonces
  • Ed25519 provides 128-bit security level

License

MIT

Dependencies

~8.5MB
~149K SLoC