mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 10:00:52 +02:00
Update wolfssl-wolfcrypt Rust crate to v2.0.0
This commit is contained in:
@@ -1,5 +1,31 @@
|
||||
# wolfssl-wolfcrypt Change Log
|
||||
|
||||
## v2.0.0
|
||||
|
||||
New features:
|
||||
|
||||
- Add RustCrypto trait support: digest, signature, mac, cipher, aead, rand_core,
|
||||
kem, and password-hash traits
|
||||
- Add RSA-OAEP API
|
||||
- Add scrypt KDF support and scrypt password-hash trait implementation
|
||||
- Add BLAKE2 digest module (blake2_digest)
|
||||
- Add BLAKE2 MAC module (blake2_mac)
|
||||
- Add Aes192Ccm and Aes192Gcm
|
||||
- Implement Clone for HMAC types
|
||||
- Improve cross-compilation and bare-metal target support in build.rs
|
||||
|
||||
Fixes and improvements:
|
||||
|
||||
- LMS fixes and improvements
|
||||
- Replace Lms::sigs_left() with Lms::has_sigs_left()
|
||||
- Fix CFB::encrypt1 and CFB::decrypt1 to take size in bits
|
||||
- Dilithium: fix context-length API to take length in bytes
|
||||
- Handle MAC_CMP_FAILED_E from CMAC::verify{,_ex}()
|
||||
- Numerous memory-safety, zeroization, and buffer-length validation hardening
|
||||
fixes (zeroize structs on drop, check slice/buffer length conversions, avoid
|
||||
uninitialized and overlapping buffers, fix possible ECC resource leaks)
|
||||
- Document minimum wolfSSL version requirement
|
||||
|
||||
## v1.2.0
|
||||
|
||||
- Add LMS wrapper (wolfssl_wolfcrypt::lms module)
|
||||
|
||||
+1
-1
@@ -485,7 +485,7 @@ checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486"
|
||||
|
||||
[[package]]
|
||||
name = "wolfssl-wolfcrypt"
|
||||
version = "1.2.0"
|
||||
version = "2.0.0"
|
||||
dependencies = [
|
||||
"aead",
|
||||
"bindgen",
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "wolfssl-wolfcrypt"
|
||||
version = "1.2.0"
|
||||
version = "2.0.0"
|
||||
edition = "2024"
|
||||
description = "Rust wrapper for wolfssl C library cryptographic functionality"
|
||||
license = "GPL-3.0"
|
||||
|
||||
@@ -5,6 +5,12 @@ algorithms portion of the wolfSSL C library.
|
||||
|
||||
This crate requires wolfSSL version 5.9.0 or newer.
|
||||
|
||||
The crate uses `no_std` so that no Rust standard library is required.
|
||||
This makes it well-suited for embedded/bare-metal environments.
|
||||
|
||||
There is an optional `alloc` feature that enables APIs which require heap
|
||||
allocation.
|
||||
|
||||
## Installation
|
||||
|
||||
The `wolfssl` C library must be installed to be used by the Rust crate.
|
||||
@@ -16,7 +22,7 @@ For example:
|
||||
|
||||
```
|
||||
[dependencies]
|
||||
wolfssl-wolfcrypt = "1.0"
|
||||
wolfssl-wolfcrypt = "2.0"
|
||||
```
|
||||
|
||||
## API Coverage
|
||||
@@ -44,6 +50,7 @@ functionality:
|
||||
* PRF
|
||||
* RNG
|
||||
* RSA
|
||||
* scrypt
|
||||
* SHA
|
||||
* SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384,
|
||||
SHA3-512, SHAKE128, SHAKE256
|
||||
@@ -51,6 +58,35 @@ functionality:
|
||||
* SSH KDF
|
||||
* TLSv1.3 HKDF
|
||||
|
||||
## RustCrypto Trait Support
|
||||
|
||||
In addition to its native API, this crate can implement the common
|
||||
[RustCrypto](https://github.com/RustCrypto) traits for wolfCrypt-backed types.
|
||||
Each set of trait implementations is gated behind a Cargo feature so that
|
||||
projects only pull in the dependencies they need. All features are off by
|
||||
default.
|
||||
|
||||
| Feature | RustCrypto crate | wolfCrypt types |
|
||||
| --------------- | ---------------- | ------------------------------------- |
|
||||
| `digest` | `digest` | SHA (sha_digest), BLAKE2 (blake2_digest) |
|
||||
| `mac` | `digest` (mac) | HMAC (hmac_mac), CMAC (cmac_mac), BLAKE2 (blake2_mac) |
|
||||
| `signature` | `signature` | ECDSA (ecdsa), RSA PKCS#1 v1.5 (rsa_pkcs1v15) |
|
||||
| `cipher` | `cipher` | AES (aes) |
|
||||
| `aead` | `aead` | AES-GCM/CCM/EAX (aes), ChaCha20-Poly1305 |
|
||||
| `rand_core` | `rand_core` | RNG (random) |
|
||||
| `kem` | `kem` | ML-KEM (mlkem_kem) |
|
||||
| `password-hash` | `password-hash` | PBKDF2 (pbkdf2_password_hash), scrypt (scrypt_password_hash) |
|
||||
|
||||
The BLAKE2, CMAC, and HMAC trait modules additionally require the corresponding
|
||||
algorithm support to be enabled in the wolfSSL C library.
|
||||
|
||||
Enable features in your `Cargo.toml`, for example:
|
||||
|
||||
```
|
||||
[dependencies]
|
||||
wolfssl-wolfcrypt = { version = "2.0", features = ["digest", "signature"] }
|
||||
```
|
||||
|
||||
## Build Notes
|
||||
|
||||
### WOLFSSL_PREFIX
|
||||
|
||||
Reference in New Issue
Block a user