Crate ring

source
Expand description

Safe, fast, small crypto using Rust with BoringSSL’s cryptography primitives.

§Feature Flags

Feature Description
alloc (default) Enable features that require use of the heap, RSA in particular.
dev_urandom_fallback (default) This is only applicable to Linux. On Linux, by default, ring::rand::SystemRandom will fall back to reading from /dev/urandom if the getrandom() syscall isn't supported at runtime. When the dev_urandom_fallback feature is disabled, such fallbacks will not occur. See the documentation for rand::SystemRandom for more details.
std Enable features that use libstd, in particular std::error::Error integration. Implies `alloc`.
wasm32_c Enables features that require a C compiler on wasm32 targets, such as the constant_time module, HMAC verification, and PBKDF2 verification. Without this feature, only a subset of functionality is provided to wasm32 targets so that a C compiler isn't needed. A typical invocation would be: TARGET_CC=clang-10 TARGET_AR=llvm-ar-10 cargo test --target=wasm32-unknown-unknown --features=wasm32_c with llvm-ar-10 and clang-10 in $PATH. (Going forward more functionality should be enabled by default, without requiring these hacks, and without requiring a C compiler.)

Modules§

  • Authenticated Encryption with Associated Data (AEAD).
  • Key Agreement: ECDH, including X25519.
  • Constant-time operations.
  • SHA-2 and the legacy SHA-1 digest algorithm.
  • Error reporting.
  • HMAC-based Extract-and-Expand Key Derivation Function.
  • HMAC is specified in RFC 2104.
  • Serialization and deserialization.
  • PBKDF2 derivation and verification.
  • PKCS#8 is specified in RFC 5958.
  • Cryptographic pseudo-random number generation.
  • Public key signatures: signing and verification.
  • Testing framework.

Macros§