ring-native-ossl 0.1.10

A ring-compatible API backed by native-ossl (OpenSSL)
Documentation
  • Coverage
  • 53.66%
    66 out of 123 items documented1 out of 86 items with examples
  • Size
  • Source code size: 62.89 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 1.85 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 36s Average build duration of successful builds.
  • all releases: 1m 23s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Repository
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • abbra

OpenSSL-backed implementation of a ring-compatible cryptography API.

This crate mirrors the public surface of several ring modules so that code written against ring can be compiled against OpenSSL instead, without pulling in ring itself. All cryptographic operations are delegated to OpenSSL through the native-ossl crate.

Modules mirrored

Module ring counterpart
[aead] ring::aead
[agreement] ring::agreement
[digest] ring::digest
[error] ring::error
[hkdf] ring::hkdf
[hmac] ring::hmac
[rand] ring::rand
[signature] ring::signature

The internal spki module is not public; it holds the shared SubjectPublicKeyInfo DER header constants used by agreement and signature.

What is not included

This crate does not reproduce ring-internal sealed-trait hierarchies. The [rand::SecureRandom] trait is defined in this crate and is used as a bound in [agreement] and [signature]; callers should use it in place of ring::rand::SecureRandom.

RSA key generation is not implemented; RSA keys can be loaded from PKCS#8 or PKCS#1 DER through the [signature] types.

Example

use ring_native_ossl::{digest, hmac, rand, agreement};

// One-shot digest
let hash = digest::digest(&digest::SHA256, b"hello world");
assert_eq!(hash.as_ref().len(), 32);

// HMAC sign and verify
let key = hmac::Key::new(hmac::HMAC_SHA256, b"my-key");
let tag = hmac::sign(&key, b"data");
hmac::verify(&key, b"data", tag.as_ref()).unwrap();

// X25519 ephemeral key agreement
let rng = rand::SystemRandom::new();
let alice = agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng).unwrap();
let alice_pub = alice.compute_public_key().unwrap();