We are excited to announce the 1.0.0 release of the wolfssl-wolfcrypt Rust crate, now officially published to crates.io!
This release signifies a major milestone, offering stable, secure, and efficient cryptographic wrappers for Rust developers leveraging the power of wolfCrypt. The crate provides a direct, user-friendly interface to wolfCrypt’s robust cryptographic primitives, ensuring your Rust applications are built on a foundation of high-performance and audited security.
Download wolfSSL →
What is wolfssl-wolfcrypt?
The wolfssl-wolfcrypt crate provides safe Rust wrappers for the wolfCrypt library. wolfCrypt is the lightweight, fast, and feature-rich cryptography library that forms the core of wolfSSL. It is designed for maximum speed and portability, making it ideal for embedded systems, IoT, and high-performance server applications.
By using the wolfssl-wolfcrypt crate, Rust developers can:
- Access a wide array of cryptographic algorithms, including AES, SHA-256, RSA, and ECC.
- Benefit from wolfCrypt’s strong security posture, including FIPS 140-2 certification readiness.
- Integrate cryptography with minimal performance overhead.
API Coverage
The wolfssl-wolfcrypt crate provides a wrapper API for the following wolfCrypt C library functionality:
- AES
- CBC, CCM, CFB, CTR, EAX, ECB, GCM, OFB, XTS
- CMAC
- DH
- ECC
- Ed448
- Ed25519
- HKDF
- HMAC
- PBKDF2
- PKCS #12 PBKDF
- PRF
- RSA
- RNG
- SHA
- SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256
- SRTP/SRTCP KDF
- SSH KDF
- TLSv1.3 HKDF
Getting Started
Integrating the wolfssl-wolfcrypt crate into your Rust project is straightforward. Add the following to your Cargo.toml file:
[dependencies] wolfssl-wolfcrypt = "1.0"
Examples
To demonstrate the simplicity and power of the new crate, here are a few examples showcasing some common cryptographic operations.
Example 1: Random Number Generation
This example shows how to perform random number generation.
use wolfssl_wolfcrypt::random::RNG;
fn main() {
// Create a RNG instance.
let mut rng = RNG::new().expect("Failed to create RNG");
// Generate a single random byte value.
let byte = rng.generate_byte().expect("Failed to generate a single byte");
// Generate a random block.
let mut buffer = [0u32; 8];
rng.generate_block(&mut buffer).expect("Failed to generate a block");
}
Example 2: Hashing with SHA-256
This example shows how to perform a SHA-256 hash operation.
use wolfssl_wolfcrypt::sha::SHA256;
fn main() {
// Create a SHA256 instance.
let mut sha = SHA256::new().expect("Error with new()");
// Feed input data (can be called multiple times).
sha.update(b"input").expect("Error with update()");
// Retrieve the final SHA-256 hash.
let mut hash = [0u8; SHA256::DIGEST_SIZE];
sha.finalize(&mut hash).expect("Error with finalize()");
}
Example 3: ECC
This example shows how to generate an ECC key and use it to sign a buffer.
use wolfssl_wolfcrypt::random::RNG;
use wolfssl_wolfcrypt::ecc::ECC;
fn main () {
let mut rng = RNG::new().expect("Failed to create RNG");
// Generate a new ECC key.
let mut ecc = ECC::generate(32, &mut rng, None, None).expect("Error with generate()");
let hash = [0x42u8; 32];
let mut signature = [0u8; 128];
// Sign a hash with the ECC key.
let signature_length = ecc.sign_hash(&hash, &mut signature, &mut rng).expect("Error with sign_hash()");
let signature = &signature[0..signature_length];
}
Next Steps and Contribution
We encourage all Rust developers to try out the wolfssl-wolfcrypt crate and provide feedback. You can find the source code on GitHub.
We are continuously working on improving the crate and expanding its features. We welcome contributions from the community. If you encounter any issues or have suggestions, please open an issue on the GitHub repository.
Happy coding!
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now