kryptos

A cryptography library for Gleam targeting both Erlang and JavaScript runtimes.

Why kryptos?

• Dual-runtime support — Works on both Erlang and JavaScript (Node.js), wrapping each platform's native crypto APIs for consistent behavior.
• No custom cryptography — All cryptographic operations delegate to the runtime's battle-tested implementations (Erlang's crypto module, Node.js crypto module). This library is a wrapper, not a reimplementation.
• Misuse-resistant API — Inspired by Go's crypto library, the API guides you toward safe defaults and makes dangerous operations explicit.
• Tested against Wycheproof — Validated against Google's Wycheproof test vectors to catch edge-case vulnerabilities.

[!NOTE] Browser JavaScript is not supported. The WebCrypto API is promise-based, which doesn't fit the synchronous FFI model. For browser crypto, see plinth which provides Gleam bindings to WebCrypto using promises.

Installation

gleam add kryptos

Requirements

• Erlang/OTP 27+ — Required for the Erlang target
• Node.js 22+ — Required for the JavaScript target

Features

Getting Started

Encrypt and decrypt data using AES-GCM:

import kryptos/aead
import kryptos/block
import kryptos/crypto

pub fn main() {
  // Generate a random 256-bit key
  let assert Ok(cipher) = block.aes_256(crypto.random_bytes(32))
  let ctx = aead.gcm(cipher)

  // Generate a random nonce (never reuse with the same key!)
  let nonce = crypto.random_bytes(aead.nonce_size(ctx))

  // Encrypt
  let plaintext = <<"hello, world!":utf8>>
  let assert Ok(#(ciphertext, tag)) = aead.seal(ctx, nonce:, plaintext:)

  // Decrypt
  let assert Ok(decrypted) = aead.open(ctx, nonce:, ciphertext:, tag:)
  // decrypted == plaintext
}

Security

For guidance on choosing cryptographic primitives, see Cryptographic Right Answers.