/snow

A Rust implementation of the Noise Protocol Framework

Primary LanguageRustApache License 2.0Apache-2.0

Snow

Crates.io Docs.rs Build Status dependency status

totally official snow logo

An implementation of Trevor Perrin's Noise Protocol that is designed to be Hard To Fuck Upâ„¢.

🔥 Warning 🔥 This library has not received any formal audit.

What's it look like?

See examples/simple.rs for a more complete TCP client/server example.

let mut noise = snow::Builder::new("Noise_NN_25519_ChaChaPoly_BLAKE2s".parse()?)
                    .build_initiator()?;

let mut buf = [0u8; 65535];

// write first handshake message
noise.write_message(&[], &mut buf)?;

// receive response message
let incoming = receive_message_from_the_mysterious_ether();
noise.read_message(&incoming, &mut buf)?;

// complete handshake, and transition the state machine into transport mode
let mut noise = noise.into_transport_mode()?;

See the full documentation at https://docs.rs/snow.

Implemented

Snow is currently tracking against Noise spec revision 34.

However, a not all features have been implemented yet (pull requests welcome):

Crypto

Cryptographic providers are swappable through Builder::with_resolver(), but by default it chooses select, artisanal pure-Rust implementations (see Cargo.toml for a quick overview).

Other Providers

ring

ring is a crypto library based off of BoringSSL and is significantly faster than most of the pure-Rust implementations.

If you enable the ring-resolver feature, Snow will include a resolvers::ring module as well as a RingAcceleratedResolver available to be used with Builder::with_resolver().

If you enable the ring-accelerated feature, Snow will default to choosing ring's crypto implementations when available.

libsodium

libsodium is a fork of NaCl focused on improved usability and regular maintenance.

Compatibility caveat

libsodium blacklists a set of low-order points that it deems unsafe because they would output an all-zeroes result.

Noise does not validate Curve25519 points, so if another Noise implementation provides an all-zero (or another low-order) public key for some reason (be it testing, or a real life foot-shot), if you use the libsodium backend of snow, it will error in a way that's not fully compatible with the specification.

Resolver primitives supported

default ring libsodium
CSPRNG ✔ ✔ ✔
25519 ✔ ✔ ✔
448
AESGCM ✔ ✔
ChaChaPoly ✔ ✔ ✔
SHA256 ✔ ✔ ✔
SHA512 ✔ ✔
BLAKE2s ✔
BLAKE2b ✔

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.