An implementation of Trevor Perrin's Noise Protocol that is designed to be Hard To Fuck Upβ’.
π₯ Warning π₯ This library has not received any formal audit.
See examples/simple.rs
for a more complete TCP client/server example.
let mut noise = snow::Builder::new("Noise_NN_25519_ChaChaPoly_BLAKE2s".parse()?)
.build_initiator()?;
let mut buf = [0u8; 65535];
// write first handshake message
noise.write_message(&[], &mut buf)?;
// receive response message
let incoming = receive_message_from_the_mysterious_ether();
noise.read_message(&incoming, &mut buf)?;
// complete handshake, and transition the state machine into transport mode
let mut noise = noise.into_transport_mode()?;
See the full documentation at https://docs.rs/snow.
Snow is currently tracking against Noise spec revision 34.
However, a not all features have been implemented yet (pull requests welcome):
Cryptographic providers are swappable through Builder::with_resolver()
, but by default
it chooses select, artisanal pure-Rust implementations (see Cargo.toml
for a quick
overview).
ring is a crypto library based off of BoringSSL and is significantly faster than most of the pure-Rust implementations.
If you enable the ring-resolver
feature, Snow will include a resolvers::ring
module
as well as a RingAcceleratedResolver
available to be used with
Builder::with_resolver()
.
If you enable the ring-accelerated
feature, Snow will default to choosing ring
's
crypto implementations when available.
default | ring | |
---|---|---|
CSPRNG | βοΈ | βοΈ |
25519 | βοΈ | βοΈ |
448 | ||
P-256π | βοΈ | |
AESGCM | βοΈ | βοΈ |
ChaChaPoly | βοΈ | βοΈ |
XChaChaPolyπ | βοΈ | |
SHA256 | βοΈ | βοΈ |
SHA512 | βοΈ | βοΈ |
BLAKE2s | βοΈ | |
BLAKE2b | βοΈ |
Note
π P-256 and XChaChaPoly are not in the official specification of Noise, and thus need to be enabled
via the feature flags use-p256
and use-xchacha20poly1305
, respectively.
Snow can be used in no_std
environments if alloc
is provided.
By default, Snow uses the standard library, default crypto resolver and a selected collection
of crypto primitives. To use Snow in no_std
environments or make other kinds of customized
setups, use Snow with default-features = false
. This way you will individually select
the components you wish to use. default-resolver
is the only built-in resolver that
currently supports no_std
.
To use a custom setup with default-resolver
, enable your desired selection of cryptographic primitives:
Primitive | Feature flag | |
---|---|---|
DHs | Curve25519 | use-curve25519 |
P-256π | use-p256 |
|
Ciphers | AES-GCM | use-aes-gcm |
ChaChaPoly | use-chacha20poly1305 |
|
XChaChaPolyπ | use-xchacha20poly1305 |
|
Hashes | SHA-256 | use-sha2 |
SHA-512 | use-sha2 |
|
BLAKE2s | use-blake2 |
|
BLAKE2b | use-blake2 |
Note
π XChaChaPoly and P-256 are not in the official specification of Noise, but they are supported by Snow.
Curve25519 + AES-GCM + SHA-2 with standard library features.
default-features = false
features = [
"use-curve25519",
"use-aes-gcm",
"use-sha2",
"std",
]
Curve25519 + ChaChaPoly + BLAKE2 without standard library.
default-features = false
features = [
"use-curve25519",
"use-chacha20poly1305",
"use-blake2",
]
Most crypto implementations supported by default-resolver
will require
getrandom
.
If your target platform is not directly supported you might have to provide a custom implementation in your crate root. Check out their documentation for details.
snow
is offered with a dual choice-of-license between:
where you may choose either of these licenses to follow for this work.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.