Introduction
Last updated
Last updated
Geralt is a modern cryptographic library for based on and inspired by .
Simple: an easy-to-learn API with descriptive naming. Only one algorithm for each task is provided when possible.
Modern: the latest and greatest cryptographic algorithms, such as AEGIS-128L/AEGIS-256, (X)ChaCha20-Poly1305, BLAKE2b, Argon2id, X25519, and Ed25519.
Secure: libsodium was in 2017 and is the library of choice for of projects and large companies.
Fast: libsodium is than many other cryptographic libraries. Furthermore, Geralt uses buffers to avoid memory allocations.
Geralt is available as a package. It's supported on the following :
win-x64
linux-x64
osx-x64
ios-arm64
win-x86
linux-musl-x64
osx-arm64
tvos
win-arm64
linux-arm64
maccatalyst
linux-arm
You can find the source code on .
Descriptive naming: BLAKE2b, not GenericHash.
Same vocabulary for everything: key, nonce, salt, input keying material, output keying material, etc.
Minimal parameters: no key parameter for an unkeyed hash.
Consistent parameter ordering: buffers come first.
Public constants: easy to create buffers.
One algorithm for each task: (X)ChaCha20-Poly1305, BLAKE2b, Argon2id, X25519, and Ed25519.
Full misuse resistance (e.g. no nonces or optional nonces). This can limit the user, doesn't work well with spans, and overcomplicates code.
Duplicate methods that return byte arrays.
Unnecessary 'convenience' functions, like GenerateKey()
in almost every class.
I'd like to say a big thanks to:
Geralt is licensed under the license.
all the things: enables the secure erasure of bytes and boosts performance.
Some low-level functions: useful for .
Solving the key reuse problem (e.g. a for everything or instead of raw bytes). I'm convinced either tactic works, and it again adds complexity.
Old APIs, such as crypto_box
. These be used.
Other primitives unless they solve a problem. AES-GCM causes problems (e.g. it hardware support). solves problems (e.g. it's and supports random nonces whilst being / than AES-GCM).
Experimental ideas/custom constructions (e.g. anything without an RFC or Internet-Draft), which can go in a .
Internal , which performance and are unnecessary for very short-lived secrets.
Support for versions of .NET.
for donating a free Pro account.
for donating their private email service.
for writing the library.
for writing the library.
for creating and doing .NET for libsodium.
for creating the library.
and everyone who contributed to the library.
Everyone who has to, used, or provided feedback about Geralt.