Nettle (cryptographic library)


Nettle is a cryptographic library designed to fit easily in a wide range of toolkits and applications. It began as a collection of low-level cryptography functions from lsh in 2001. Since June 2009 Nettle is a GNU package.

Features

Since version 3, nettle provides the AES block cipher , the ARCFOUR stream cipher, the ARCTWO stream cipher, BLOWFISH, CAMELLIA, CAST-128, DES and 3DES block ciphers, the ChaCha stream cipher, GOSTHASH94, the MD2, MD4, and MD5 digests, the PBKDF2 key derivation function, the POLY1305 and UMAC message authentication codes, RIPEMD160, the Salsa20 stream cipher, the SERPENT block cipher, SHA-1, the SHA-2 digests, SHA-3, the TWOFISH block cipher, RSA, DSA and ECDSA public-key algorithms, the Yarrow pRNG. Version 3.1 introduced support for Curve25519 and EdDSA operations. The public-key algorithms use GMP.
Nettle is used by GnuTLS.

Licence and motivation

An API which fits one application well may not work well in a different context resulting in a proliferation of cryptographic libraries designed for particular applications. Nettle is an attempt to avoid this problem by doing one thing and providing a simple and general interface to it. In particular, Nettle doesn't do algorithm selection, memory allocation or any I/O. Thus Nettle is intended to provide a core cryptography library upon which numerous application and context specific interfaces can be built. The code, test cases, benchmarks, documentation, etc. of these interfaces can then be shared without having to replicate Nettle's cryptographic code.
Nettle is primarily licensed under a dual licence scheme comprising The GNU General Public License version 2 or later and The GNU Lesser General Public License version 3 or later. A few individual files are licensed under more permissive licences or in the public domain. The copyright notices at the top of the library's source files precisely define the licence status of particular files.
"is in the public domain" and may be used and reproduced freely.