An intuitive crypto lib recommendation

Hi all.

I’d like to write a simple command line password manager for myself as a fun project.
What’s a good crypto lib to use? Hopefully with examples.

I actually haven’t seen any encryption libraries that are as easy to use as Dream’s functions: Dream — Tidy, feature-complete web framework

Of course there are other more powerful libraries, but Dream’s encrypt and decrypt seem good enough for a lot of use cases. You may be able to copy over the relevant parts of the source code if you don’t want the entire Dream dependency cone, of course.

If you are familiar with tweetnacl. There are bindings here.

Thanks, I will have a look.

Thanks a lot, I will have a look.

didn’t try it myself, but Argon2 is specifically tailored for passwords

(passwords should be hashed and not encrypted)

1 Like

@msbic wants to write a password manager, not store the user passwords of a service (in which case you are right).

1 Like

There are also some bindings to Monocypher: eris/ocaml-monocypher -

1 Like

Not sure it is intuitive, especially because it has an object interface instead
of a functional one, but it does the job:


Good suggestion. the RSA module seems like a nice functional API for asymmetric encryption.

1 Like

This RSA module exposes only very low level primitives. It’s not something you should directly use to store encrypted passwords.

1 Like

Great suggestions. Thanks everyone!
I will evaluate them all

Why not? It looks like I can create a keypair and use it to encrypt a string into ciphertext. Can’t I then just store that ciphertext string?

Look at the docs (or implementation) for encrypt: it can only encrypt data shorter than the key, which means you’ll need a padding algorithm and couple it with a symmetric cipher to do hybrid encryption. In every of these steps you can shoot yourself in the foot.
Not to say that it’s not valuable or that people shouldn’t try to do these things, but that’s a different project. It’s not “an intuitive crypto lib”.
If you’re interested, Cryptopals set 6 explores problems with RSA.