Rust API Reference

Complete API documentation for MetaMUI Crypto Primitives in Rust.

Installation

Add to your Cargo.toml:

[dependencies]
metamui-crypto = "3.0.0"

Quick Start

use metamui_crypto::{Ed25519, ChaCha20Poly1305, Blake3, Argon2};

// Generate keypair
let keypair = Ed25519::generate_keypair();

// Sign message
let signature = keypair.sign(b"Hello");

// Verify signature
let is_valid = keypair.public_key().verify(&signature, b"Hello");

API Documentation

For detailed API documentation, see:

Available Modules

Core Traits

pub trait Hasher {
    fn new() -> Self;
    fn update(&mut self, data: &[u8]);
    fn finalize(self) -> Vec<u8>;
}

pub trait Signer {
    type PublicKey;
    type Signature;
    
    fn sign(&self, message: &[u8]) -> Self::Signature;
    fn verify(&self, signature: &Self::Signature, message: &[u8]) -> bool;
}

Hash Functions

use metamui_crypto::hash::{Sha256, Sha512, Blake2b, Blake3};

let hash = Sha256::hash(b"data");
let hash = Blake3::hash(b"data");

Digital Signatures

use metamui_crypto::signatures::{Ed25519, Sr25519, Dilithium};

let keypair = Ed25519::generate();
let signature = keypair.sign(b"message");
assert!(keypair.verify(&signature, b"message"));

Encryption

use metamui_crypto::encryption::{ChaCha20Poly1305, Aes256Gcm};

let key = ChaCha20Poly1305::generate_key();
let cipher = ChaCha20Poly1305::new(&key);
let (ciphertext, nonce) = cipher.encrypt(b"plaintext")?;
let plaintext = cipher.decrypt(&ciphertext, &nonce)?;

Key Exchange

use metamui_crypto::kex::{X25519, MlKem768};

// Classical ECDH
let alice = X25519::generate();
let bob = X25519::generate();
let shared_secret = alice.compute_shared_secret(&bob.public_key());

// Post-quantum KEM
let keypair = MlKem768::generate();
let (ciphertext, shared_secret) = MlKem768::encapsulate(&keypair.public_key());
let shared_secret2 = keypair.decapsulate(&ciphertext)?;

Error Handling

use metamui_crypto::{Result, CryptoError};

fn encrypt_data(data: &[u8], key: &[u8]) -> Result<Vec<u8>> {
    let cipher = ChaCha20Poly1305::new(key)
        .map_err(|_| CryptoError::InvalidKey)?;
    
    cipher.encrypt(data)
        .map_err(|_| CryptoError::EncryptionFailed)
}

Zero-Copy Operations

use metamui_crypto::Blake3;

// Hash without copying
let data = vec![0u8; 1_000_000];
let hash = Blake3::hash(&data); // No copy

// In-place operations
let mut buffer = vec![0u8; 1024];
cipher.encrypt_in_place(&mut buffer)?;

Feature Flags

[dependencies]
metamui-crypto = { 
    version = "3.0.0",
    features = ["std", "serde", "parallel"]
}

# Available features:
# - std (default): Standard library support
# - alloc: Allocation support without std
# - serde: Serialization support
# - parallel: Parallel operations
# - simd: SIMD optimizations

No-std Support

#![no_std]
extern crate alloc;

use metamui_crypto::no_std::{Ed25519, Blake3};
use alloc::vec::Vec;

let keypair = Ed25519::generate_with_rng(&mut rng);
let hash = Blake3::hash(b"data");

Async Support

use metamui_crypto::async_ops::{Argon2Async, Blake3Async};

async fn hash_password(password: &str) -> Vec<u8> {
    Argon2Async::hash(password.as_bytes()).await
}

async fn hash_file(path: &Path) -> Result<Vec<u8>> {
    Blake3Async::hash_file(path).await
}

Performance

SIMD Optimizations

#[cfg(target_arch = "x86_64")]
use metamui_crypto::simd::{Blake3Simd, ChaCha20Simd};

let hash = Blake3Simd::hash_parallel(&chunks);

Batch Operations

let signatures: Vec<_> = messages.iter()
    .map(|msg| keypair.sign(msg))
    .collect();

let results = Ed25519::batch_verify(&signatures, &messages, &public_keys);

Security

Constant-Time Operations

use metamui_crypto::constant_time::{ct_select, ct_compare};

// Constant-time comparison
let equal = ct_compare(&computed_mac, &expected_mac);

// Constant-time selection
let value = ct_select(condition, &a, &b);

Secure Memory

use metamui_crypto::secure::{SecureVec, Zeroize};

// Automatic clearing
{
    let mut key = SecureVec::new(32);
    // Use key...
} // Automatically zeroed

// Manual clearing
let mut secret = vec![0u8; 32];
secret.zeroize();

Examples

Complete Example

use metamui_crypto::{
    MlKem768, ChaCha20Poly1305, Blake3, Ed25519,
    Result, CryptoError
};

fn secure_communication() -> Result<()> {
    // Generate post-quantum KEM keypair
    let kem_keypair = MlKem768::generate();
    
    // Sender: Create shared secret
    let (ciphertext, shared_secret) = MlKem768::encapsulate(
        &kem_keypair.public_key()
    );
    
    // Use shared secret for symmetric encryption
    let cipher = ChaCha20Poly1305::new(&shared_secret[..32])?;
    let (encrypted, nonce) = cipher.encrypt(b"Secret message")?;
    
    // Sign the ciphertext
    let signing_key = Ed25519::generate();
    let signature = signing_key.sign(&encrypted);
    
    Ok(())
}

See Also