gaia-crypt
| Crates.io | gaia-crypt |
| lib.rs | gaia-crypt |
| version | |
| source | src |
| created_at | 2025-03-15 00:16:40.814241+00 |
| updated_at | 2025-03-15 00:16:40.814241+00 |
| description | A cryptographic library for secure communication in the GaiaNet ecosystem |
| homepage | |
| repository | https://github.com/GaiaNet-AI/gaia-crypt |
| max_upload_size | |
| id | 1592882 |
| Cargo.toml error: | TOML parse error at line 18, column 1 | 18 | autolib = false | ^^^^^^^ unknown field `autolib`, expected one of `name`, `version`, `edition`, `authors`, `description`, `readme`, `license`, `repository`, `homepage`, `documentation`, `build`, `resolver`, `links`, `default-run`, `default_dash_run`, `rust-version`, `rust_dash_version`, `rust_version`, `license-file`, `license_dash_file`, `license_file`, `licenseFile`, `license_capital_file`, `forced-target`, `forced_dash_target`, `autobins`, `autotests`, `autoexamples`, `autobenches`, `publish`, `metadata`, `keywords`, `categories`, `exclude`, `include` |
| size | 0 |
DarumaDocker!! (DarumaDocker)
documentation
https://docs.rs/gaia-crypt
README
gaia-crypt
A hybrid encryption library in Rust that provides secure RSA + AES-GCM encryption and decryption functionality.
Overview
gaia-crypt implements a modern hybrid cryptographic system that combines:
- RSA encryption for secure key exchange
- AES-256-GCM for efficient data encryption with authentication
This approach leverages the strengths of both algorithms: RSA's security for key exchange and AES's performance for bulk data encryption.
Features
- Hybrid encryption model (RSA + AES-GCM)
- Strong 2048-bit RSA key generation
- AES-256-GCM authenticated encryption
- PEM key format support
- Rust-native implementation with minimal dependencies
- Comprehensive error handling
Installation
Add this to your Cargo.toml:
[dependencies]
gaia-crypt = "0.1.0"
Usage Examples
Generate a Key Pair
use gaia_crypt::generate_rsa_keypair;
fn main() -> Result<(), Box<dyn std::error::Error>> {
let (private_key, public_key) = generate_rsa_keypair()?;
// Keys can be converted to PEM strings for storage/transmission
let private_key_pem = private_key.to_pkcs1_pem()?;
let public_key_pem = public_key.to_public_key_pem()?;
println!("Generated RSA key pair successfully");
Ok(())
}
Encrypt and Decrypt Data
use gaia_crypt::{encrypt, decrypt};
fn main() -> Result<(), Box<dyn std::error::Error>> {
// In a real application, you would load these from secure storage
let public_key_pem = "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----";
let private_key_pem = "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----";
// Data to encrypt
let data = b"This is a secret message";
// Encrypt using the recipient's public key
let encrypted_data = encrypt(public_key_pem, data)?;
println!("Encrypted data size: {} bytes", encrypted_data.len());
// Decrypt using the recipient's private key
let decrypted_data = decrypt(private_key_pem, &encrypted_data)?;
assert_eq!(data, &decrypted_data[..]);
println!("Successfully decrypted: {}", String::from_utf8_lossy(&decrypted_data));
Ok(())
}
How It Works
-
Encryption Process:
- A random AES-256 key is generated
- The plaintext is encrypted using AES-GCM with this key
- The AES key is encrypted using the recipient's RSA public key
- The encrypted key, nonce, and ciphertext are bundled and serialized
-
Decryption Process:
- The bundle is deserialized to extract components
- The AES key is decrypted using the recipient's RSA private key
- The ciphertext is decrypted using the recovered AES key and nonce
This approach securely encrypts data of arbitrary size while maintaining performance.
Security Considerations
- Uses standard, well-vetted cryptographic algorithms
- RSA keys are 2048 bits (sufficient for most use cases)
- AES-GCM provides authenticated encryption
- Nonces are generated randomly for each encryption
- No padding oracle vulnerabilities (uses PKCS#1 v1.5 for RSA)