11 releases (6 major breaking)
| 128.0.1 | Jul 8, 2024 |
|---|---|
| 127.0.1 | May 30, 2024 |
| 125.0.1 | Mar 28, 2024 |
| 123.0.1 | Feb 1, 2024 |
| 97.5.1 | Apr 17, 2023 |
#685 in Cryptography
607 stars & 48 watchers
200KB
4.5K
SLoC
rc_crypto
The rc_crypto crate, like its name implies, handles all of our cryptographic needs.
For consumers, it pretty much follows the very rust-idiomatic ring crate API and offers the following functionality:
- Cryptographically secure pseudorandom number generation.
- Cryptographic digests, hmac, and hkdf.
- Authenticated encryption (AEAD) routines.
- ECDH key agreement.
- ECDSA signature verification.
- Constant-time string comparison.
- HTTP Hawk Authentication through the rust-hawk crate.
- HTTP Encrypted Content-Encoding through the ece crate.
Under the hood, it is backed by Mozilla's NSS library, through bindings in the nss crate. This has a number of advantages for our use-case:
- Uses Mozilla-owned-and-audited crypto primitives.
- Decouples us from ring's fast-moving versioning and stability policy.
Rust features
geckowill avoid linking against libsqlite3_sys's libsqlite. See #2882 for context.
Dependencies
~0.5–1.5MB
~30K SLoC