Cmooon/pegasus
1
1
Fork 0
Code Issues 1 Pull requests Activity
A simple to use crypto library for Gleam
7 commits 2 branches 0 tags 156 KiB
  • Gleam 47.4%
  • Rust 40%
  • Erlang 9.5%
  • Nix 3.1%
Find a file
Simon 16e19589b3 Add images for fun
2025-02-27 16:10:19 +01:00
.github/workflows Init 2025-02-24 11:17:58 +01:00
img Add images for fun 2025-02-27 16:10:19 +01:00
native Testing claude coder and let it implement xchacha20 api 2025-02-27 12:54:37 +01:00
src Cleanup some of what Claude did 2025-02-27 15:07:20 +01:00
test Add images for fun 2025-02-27 16:10:19 +01:00
.gitignore Init 2025-02-24 11:17:58 +01:00
CLAUDE.md Testing claude coder and let it implement xchacha20 api 2025-02-27 12:54:37 +01:00
flake.lock Init 2025-02-24 11:17:58 +01:00
flake.nix Init 2025-02-24 11:17:58 +01:00
gleam.toml Rename library to pegasus_crypto as pegasus is taken on hex 2025-02-27 15:53:34 +01:00
manifest.toml Init 2025-02-24 11:17:58 +01:00
README.md Add images for fun 2025-02-27 16:10:19 +01:00

README.md

Pegasus

Package Version Hex Docs

Wide logo

A modern cryptography library for Gleam, built with safety and ease of use in mind.

gleam add pegasus_crypto

Features

  • Hash: Secure hashing using BLAKE2b
  • Authentication: Message authentication (HMAC)
  • Encryption: XChaCha20 encryption

Pegasus is backed by the Orion Rust cryptography library (via NIFs), providing high-performance cryptographic primitives.

Examples

Hashing

import pegasus/hash
import gleam/bit_array

pub fn main() {
  let data = bit_array.from_string("Hello, world!")
  
  // Create a secure hash
  let assert Ok(digest) = hash.digest(data)
  
  // Use digest...
}

Authentication

import pegasus/authentication
import gleam/bit_array

pub fn main() {
  let data = bit_array.from_string("Message to authenticate")
  
  // Create a key from raw bytes
  let key_data = bit_array.from_string("AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHH")
  let key = authentication.key_from_bitarray(key_data)
  
  // Create authentication tag
  let assert Ok(tag) = authentication.authenticate(data, key)
  
  // Verify the authentication tag
  let assert Ok(_) = authentication.verify(data, key, tag)
}

Encryption

import pegasus/xchacha20
import gleam/bit_array

pub fn main() {
  let plaintext = bit_array.from_string("Secret message")
  
  // Generate key and nonce
  let assert Ok(key) = xchacha20.generate_key()
  let assert Ok(nonce) = xchacha20.generate_nonce()
  
  // Encrypt data
  let assert Ok(ciphertext) = xchacha20.encrypt(key, nonce, plaintext)
  
  // Decrypt data
  let assert Ok(decrypted) = xchacha20.decrypt(key, nonce, ciphertext)
}

Safety

Pegasus inherits strong security properties from Orion:

  • Memory zeroization to prevent sensitive data leakage
  • Constant-time implementations to prevent timing attacks
  • Side-channel resistance

Additionally, Pegasus emphasizes safety through:

  • Strong typing for cryptographic keys and operations
  • Result types for proper error handling

License

Pegasus is MIT licensed. The underlying cryptographic library, Orion, is also MIT licensed.

Roadmap

Pegasus aims to support all cryptographic primitives available in the Orion library:

  • AEAD:
    • XChaCha20-Poly1305
    • ChaCha20-Poly1305
  • Hashing:
    • BLAKE2b
    • SHA2
    • SHA3
  • XOF:
    • SHAKE128
    • SHAKE256
  • KDF:
    • HKDF
    • PBKDF2
    • Argon2i
  • Key exchange:
    • X25519
  • MAC:
    • HMAC (via BLAKE2b)
    • Poly1305
  • Stream ciphers:
    • XChaCha20
    • ChaCha20
  • KEM:
    • ML-KEM
    • DHKEM(X25519, HKDF-SHA256)

Development

gleam run   # Run the project
gleam test  # Run the tests
cd native && cargo build --release  # Build Rust components
cp native/target/release/libpegasus_native.so priv/  # Copy NIF to priv directory for Erlang

Further documentation can be found at https://hexdocs.pm/pegasus.