polycrypt-rs is a multi-language cryptographic library wrapper designed to provide a standardized encryption and decryption solution for organizations dealing with sensitive data, such as Protected Health Information (PHI) in healthcare settings.
A systems-level cryptographic library with cross-language FFI capabilities, designed for backend infrastructure and security-critical applications.
polycrypt-rs was developed in response to the complex challenges faced by a healthcare company with stringent data protection requirements:
- Enable the creation of a secure data lake with 100% field-level encryption of PHI at rest and in transit.
- Secure sensitive data flowing through event buses and queues without compromising system performance.
- Provide developers the freedom to write solutions and services in their preferred languages while maintaining consistent encryption standards.
- Eliminate the need for a distributed de/encryption service, which could introduce latency and become a single point of failure.
- Avoid the complexity and maintenance overhead of implementing separate encryption libraries for each programming language used within the organization.
- Language Agnostic: Allows developers to work in their preferred languages (currently supporting Rust, Go, and Python) while maintaining consistent encryption standards.
- Performance: Written in Rust, ensuring high performance, low memory footprint, and the potential for future optimizations through concurrency.
- Scalability: Handles large volumes of data efficiently by running in the same process, avoiding network overhead.
- Flexibility: Supports field-level encryption in JSON objects, ideal for securing specific data elements in complex structures.
- Compliance Ready: Designed to meet stringent data protection requirements, such as 100% PHI encryption in healthcare settings.
- Future-Proof: The Rust foundation provides a pathway for future performance enhancements and feature additions.
- Big Data Friendly: Efficient encryption and decryption make it suitable for big data querying and processing scenarios.
- AES encryption & decryption
- Field-level encryption & decryption for JSON objects
- Batch encryption & decryption for multiple records
- FFI (Foreign Function Interface) bindings for Go and Python
- Native language wrappers for Go and Python
- Logging functionality
As part of our commitment to making polycrypt-rs easily accessible across different programming languages, we now maintain native language libraries for Go and Python. These libraries provide a more idiomatic interface to the underlying Rust functionality:
- Go: Located in
examples/go/polycrypt/polycrypt.go
- Python: Located in
examples/python/polycrypt/polycrypt.py
These native libraries wrap the FFI calls and provide a more natural API for each language, making it easier for developers to integrate polycrypt-rs into their projects without dealing with the complexities of FFI directly.
- Rust 1.55 or higher
- Go 1.22 or higher (for Go bindings)
- Python 3.6 or higher (for Python bindings)
- Criterion 0.6.0 or higher (for benchmarking)
- Linux build-essentials (for building on Linux)
# Install the musl cross-compiler
brew install FiloSottile/musl-cross/musl-cross
# Add the musl target to rust
rustup target add x86_64-unknown-linux-musl
-
Clone the repository:
git clone https://github.com/HenryOwenz/polycrypt-rs.git cd polycrypt-rs
-
Build the Rust library:
make build
The project includes a Makefile that simplifies common tasks. Here are some useful commands:
make build
: Build the project in release modemake debug
: Build the project in debug modemake test
: Run Rust testsmake go-test
: Run Go testsmake py-test
: Run Python testsmake test-all
: Run all tests (Rust, Go, and Python)make go-run
: Run the Go examplemake py-run
: Run the Python examplemake clean
: Clean the projectmake doc
: Generate documentation
To use these commands, simply run make <command>
in the project root directory.
The examples
directory contains sample code for using polycrypt-rs with Go and Python:
examples/go/main.go
: Demonstrates usage of the library in Goexamples/python/main.py
: Demonstrates usage of the library in Python
To run the examples:
- For Go:
make go-run
- For Python:
make py-run
The project includes tests for Rust, Go, and Python implementations:
- Rust tests: Located in
src
andtests
directories - Go tests: Located in
examples/go/main_test.go
- Python tests: Located in
examples/python/main_test.py
To run the tests:
- For Rust:
make test
- For Go:
make go-test
- For Python:
make py-test
- For all tests:
make test-all
This project is licensed under the MIT License - see the LICENSE file for details.
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature
) - Commit your changes (
git commit -m 'Add some AmazingFeature'
) - Push to the branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
- Ugochukwu Henry Onwuzurike - Initial work - GitHub
- The Rust community for providing excellent cryptographic libraries