Crate ring

source ·
Expand description

Safe, fast, small crypto using Rust with BoringSSL’s cryptography primitives.

Feature Flags

Feature Description
alloc (default) Enable features that require use of the heap, RSA in particular.
dev_urandom_fallback (default) This is only applicable to Linux. On Linux, by default, ring::rand::SystemRandom will fall back to reading from /dev/urandom if the getrandom() syscall isn't supported at runtime. When the dev_urandom_fallback feature is disabled, such fallbacks will not occur. See the documentation for rand::SystemRandom for more details.
std Enable features that use libstd, in particular std::error::Error integration. Implies `alloc`.
wasm32_c Enables features that require a C compiler on wasm32 targets, such as the constant_time module, HMAC verification, and PBKDF2 verification. Without this feature, only a subset of functionality is provided to wasm32 targets so that a C compiler isn't needed. A typical invocation would be: TARGET_CC=clang-10 TARGET_AR=llvm-ar-10 cargo test --target=wasm32-unknown-unknown --features=wasm32_c with llvm-ar-10 and clang-10 in $PATH. (Going forward more functionality should be enabled by default, without requiring these hacks, and without requiring a C compiler.)

Modules

  • Authenticated Encryption with Associated Data (AEAD).
  • Key Agreement: ECDH, including X25519.
  • Constant-time operations.
  • SHA-2 and the legacy SHA-1 digest algorithm.
  • Error reporting.
  • HMAC-based Extract-and-Expand Key Derivation Function.
  • HMAC is specified in RFC 2104.
  • Serialization and deserialization.
  • PBKDF2 derivation and verification.
  • PKCS#8 is specified in RFC 5958.
  • Cryptographic pseudo-random number generation.
  • Public key signatures: signing and verification.
  • Testing framework.

Macros