tink-ffi 0.1.3

Safe Rust bindings to Google Tink cryptography library
Documentation

tink-ffi

Safe Rust bindings to Google Tink cryptography library via FFI, built against tink-cc v2.5.0.

Tink is a multi-language, cross-platform cryptographic library that provides secure, easy-to-use APIs for common cryptographic operations. This crate wraps the C++ implementation through a thin C shim, giving Rust programs access to the full set of Tink primitives.

Supported Primitives

  • AEAD (AES-GCM, AES-EAX, AES-GCM-SIV, XChaCha20-Poly1305, AES-CTR-HMAC)
  • Deterministic AEAD (AES-SIV)
  • Streaming AEAD (AES-GCM-HKDF, AES-CTR-HMAC)
  • MAC (HMAC, AES-CMAC)
  • Digital Signatures (ECDSA, RSA-SSA-PKCS1, RSA-SSA-PSS, Ed25519)
  • Hybrid Encryption (ECIES, HPKE)
  • JWT (HMAC, ECDSA, RSA-SSA-PKCS1, RSA-SSA-PSS)
  • PRF (HKDF, HMAC, AES-CMAC)
  • Key Derivation (PRF-based keyset derivation)

Prerequisites

  • Rust toolchain (stable)
  • CMake 3.22+
  • C++17 compiler (Clang or GCC)

Building

tink-cc is bundled as a git submodule. After cloning, initialize it and build:

git submodule update --init
cargo build

To use a different tink-cc source tree, set TINK_CC_DIR:

export TINK_CC_DIR=/path/to/tink-cc
cargo build

Quick Example

use tink_ffi::{register_all, Aead, AeadPrimitive, KeyTemplate, KeysetHandle, Primitive};

fn main() -> tink_ffi::Result<()> {
    register_all()?;

    // Generate a new keyset
    let handle = KeysetHandle::generate_new(KeyTemplate::Aes256Gcm)?;

    // Get an AEAD primitive from the keyset
    let aead: AeadPrimitive = handle.primitive()?;

    // Encrypt
    let ciphertext = aead.encrypt(b"hello world", b"associated data")?;

    // Decrypt
    let plaintext = aead.decrypt(&ciphertext, b"associated data")?;
    assert_eq!(plaintext, b"hello world");

    Ok(())
}

Crate Structure

tink-ffi/
  tink-ffi-sys/       Raw FFI bindings and C++ shim
    ffi/              C++ shim wrapping tink-cc
    src/lib.rs        extern "C" declarations
  tink-ffi/           Safe Rust API
    src/              Typed primitives, keyset management, error handling
  testing-server/     gRPC testing server for cross-language compatibility tests

tink-ffi-sys

Low-level crate that builds the C++ shim via CMake and exposes raw extern "C" function bindings. Handles linking against tink-cc and all its dependencies (abseil, protobuf, boringssl).

tink-ffi

Safe, idiomatic Rust wrapper. Provides typed primitives (AeadPrimitive, MacPrimitive, etc.) behind trait interfaces, KeysetHandle for key management, and KeyTemplate enum for key generation.

testing-server

A gRPC server implementing the Tink cross-language testing protocol. Used to verify interoperability with other Tink implementations (C++, Java, Go, Python).

Cross-Language Testing

The testing server can be registered with the tink-cross-lang-tests framework. See testing-server/ for details on building and running the server.

License

Apache License 2.0