#hashing #security #ssl #no-alloc #no-std

yanked rs_ssl

A comprehensive Rust library providing robust and efficient implementations of cryptographic hash functions including SHA and Keccak families, and HMAC, suitable for no_std environments. Compliant with the GPL-2.0-only license.

0.1.2 Jun 4, 2023
0.1.1 Jun 4, 2023
0.1.0 May 30, 2023

#78 in #ssl

26 downloads per month

GPL-2.0-only

9MB

RustySSL rs_ssl

An OpenSSL inspired Rust based encryption library

Documentation GitHub Workflow Status

Vision

RustySSL seeks to establish the Rust language self-sufficency by offering an API that is fully compatible with Rust's core library , although not restricted to it. RustySSL aims to provide a reliable, user-friendly, standards-compliant, and platform-agnostic suite of encryption tools.

How To Use

See the implementation documentation for examples.

Testing against NIST Test Vectors

All the NIST-approved and published algorithms implemented in RustySSL are thoroughly tested against the respective NIST test vectors. This rigorous testing assures the correctness and reliability of our implementations, providing a robust security foundation for any application built using RustySSL.

RoadMap

  1. The initial objective of RustySSL is to port all OpenSSL algorithms to the Rust ecosystem.
  2. Following the port, RustySSL will continue to expand and incorporate additional cryptographic algorithms.
  3. Although the current implementations are not the fastest, there is considerable room for improvement. There will probably a competitive performance boost once the SIMD module stabilizes;

After that the plan will be to implement some cryptocurrencies hashing algorithms like Equihash, Ethereum's Keccak-256 and others.

Why This Project?

The benefits of RustySSL include:

  • Minimal Dependencies and Supply Chain Security: By relying solely on Rust's core library, RustySSL minimizes the risk of dependency-related issues and provides an increased level of supply chain security. Trust is only required in the Rust core library team;
  • No alloc extern crate and Platform-Agnostic: RustySSL avoids the alloc crate, enabling it to function without assuming the host has a heap allocator and enabling more embedded applications and kernel-level use saces. Additionally, leveraging Rust's libcore ensures cross-platform reliability, reducing complexity for the end-user;
  • Consolidated Design Pattern: By adhering to the Hash, Hasher, and BuildHasher design pattern from Rust's core library, users can interchangeably use any algorithm with a basic understanding of these traits;
  • Ecosystem Self-Sufficiency: The project strengthens the Rust ecosystem's self-sufficiency by relying on its own implementations, reducing reliance on external variables through FFI calls.

Philosophy

Inspired by the Unix philosophy, but adapting to the purpose of this project:

  1. Do One Thing Well: Each implementation should focus on a single responsibility. If responsibilities diverge, a new crate should be created.
  2. Avoid Dependency Breakage: Changing implementations should not break dependencies. If new traits are required, they should benefit all project implementations.
  3. Self-Support: Implementations should be able to function solely with Rust's libcore and be backward compatible with it.
  4. Clarity Over Efficiency: Clear, understandable code is prioritized over highly optimized but obscure solutions.

Supported Algorithms

Ciphers Hashing Functions Public-key
AES - coming soon BLAKE2 - coming soon DSA - coming soon
Blowfish - coming soon Generic Keccak {200, 400, 800, 1600} - rs_keccak_nbits Diffie-Hellman key exchange - coming soon
Camellia - coming soon GOST R 34.11-94 - coming soon Ed25519 - coming soon
CAST-128 - coming soon HMAC - rs_hmac Ed448 - coming soon
Chacha20 - coming soon MD2 - coming soon Elliptic curve - coming soon
DES - coming soon MD4 - coming soon GOST R 34.10-2001 - coming soon
GOST 28147-89 - coming soon MD5 - coming soon RSA - coming soon
IDEA - coming soon MDC-2 - coming soon SM2 - coming soon
Poly1305 - coming soon RIPEMD-160 - coming soon X25519 - coming soon
RC2 - coming soon SHA-1 - rs_sha1 X448 - coming soon
RC4 - coming soon SHA-224 - rs_sha224
RC5 - coming soon SHA-256 - rs_sha256
SEED - coming soon SHA-384 - rs_sha384
SM4 - coming soon SHA-512 - rs_sha512
Triple DES - coming soon SHA-512/224 - rs_sha512_224
SHA-512/256 - rs_sha512_256
SHA3-224 - rs_sha3_224
SHA3-256 - rs_sha3_256
SHA3-384 - rs_sha3_384
SHA3-512 - rs_sha3_512
SHAKE128 - rs_shake128
SHAKE256 - rs_shake256
SM3 - coming soon
Whirlpool - coming soon

Contributing

Contributions are very much welcomed from everyone.

If you have a suggestion of an algorithm that you want to see included in this project, please open an issue proposing it.

To contribute, please follow the contribution guidelines.

Code of Conduct

The participation of each member of the Rust community is valued, and everyone is expected to have an enjoyable and fulfilling experience. For this reason, all participants, maintainers, and contributors must abide by the Code of Conduct.

License

RustySSL is licensed under GPL-2.0-only.

In plain English, this means you are free to use, modify, and distribute the software, provided that any modification must also be licensed under GPL-2.0-only. Or, if more convenient, for a modification that is an improvement and conforms to the contribution guidelines to bring it to the project.

Dependencies