Boo encrypts literal data in the final binary, at compile time, preventing static analysis tools from
reading values.
At runtime, decrypted data is exposed in memory only for the shortest possible time.
It supports many literal types beyond strings, including numbers, characters, byte strings,
C-strings,
arrays, tuples, nested structures...
Use the boo!() macro to effortlessly encrypt your data.
Add the dependency:
[dependencies]
boo-rs = "0.1"Set an optional encryption key (or fallback to a 64-byte randomly generated one):
export BOO_KEY="secret-key"Example:
extern crate alloc;
#[macro_use]
extern crate boo_rs;
boo_init!();
#[allow(unused_variables)]
fn main() {
let n = boo!(3);
let text = boo!("hello");
let bytes = boo!(b"\x01\x02\x03");
let pair = boo!(("host", 443));
let nested = boo!([[1, 2], [3, 4]]);
}boo_init!() must be called once before using the boo!() macro.
After that, the macro can be used anywhere to encrypt almost all Rust literal values.
Boo supports:
- booleans
- bytes
- integers and floats
- characters
- strings
- byte strings (
b"...") - C-strings (
c"...") - tuples (containing any mix of supported types)
- arrays and nested arrays (containing any of supported types)
For a full reference, see the showcase file.
Decryption happens on the stack. The cost is O(n), where n is the length of the data in bytes.
- All decrypted types except
StringandCStrare stored on the stack without performance overhead. &strand&CStrdecryption are stored into their heap-allocated variants.- Special case: binary strings are decrypted into owned
[u8]arrays.
- Stack allocated str using a wrapper struct around a fixed
u8array. - Stack allocated Cstr using a wrapper struct around a fixed
u8array. - Numeric suffix support (ex.
1u8,1u16,0f32) usingsyn::Lit::suffix(). - Wide string support using the custom syntax:
w"Wide null terminated".
MIT - See LICENSE for details.
- LITCRYPT, for being the first crate proposing compile-time string encryption