#fips #bindings #aws #aws-security #aws-lc #validate

sys aws-lc-fips-sys

AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. This is the FIPS validated version of AWS-LC.

30 releases

new 0.12.13 Oct 11, 2024
0.12.11 Jul 29, 2024
0.12.5 Mar 8, 2024
0.11.2 Nov 20, 2023
0.0.1 Nov 10, 2022

#593 in Cryptography

Download history 16973/week @ 2024-06-21 17947/week @ 2024-06-28 18931/week @ 2024-07-05 18413/week @ 2024-07-12 16026/week @ 2024-07-19 16508/week @ 2024-07-26 16521/week @ 2024-08-02 19520/week @ 2024-08-09 18677/week @ 2024-08-16 21620/week @ 2024-08-23 28612/week @ 2024-08-30 23871/week @ 2024-09-06 21236/week @ 2024-09-13 23586/week @ 2024-09-20 23302/week @ 2024-09-27 18765/week @ 2024-10-04

91,802 downloads per month
Used in 38 crates (via aws-lc-rs)

ISC AND (Apache-2.0 OR ISC) AND OpenSSL

34MB
1M SLoC

GNU Style Assembly 490K SLoC // 0.0% comments Rust 168K SLoC // 0.0% comments C 86K SLoC // 0.2% comments C++ 82K SLoC // 0.1% comments Perl 80K SLoC // 0.1% comments Assembly 71K SLoC // 0.0% comments Go 50K SLoC // 0.1% comments Bitbake 7K SLoC Batch 38 SLoC

aws-lc-fips-sys

crates.io GitHub

Autogenerated low-level AWS-LC FIPS bindings for the Rust programming language. We do not recommend directly relying on these bindings.

Documentation.

FIPS

This crate provides bindings to AWS-LC-FIPS 2.x, which has completed FIPS validation testing by an accredited lab and has been submitted to NIST for certification. The static build of AWS-LC-FIPS is used.

Supported Targets
x86_64-unknown-linux-gnu
aarch64-unknown-linux-gnu

Refer to the NIST Cryptographic Module Validation Program's Modules In Progress List for the latest status of the static or dynamic AWS-LC Cryptographic Module. A complete list of supported operating environments will be made available in the vendor security policy once the validation certificate has been issued. We will also update our release notes and documentation to reflect any changes in FIPS certification status.

Release Support

This crate pulls in the source code of the latest AWS-LC FIPS branch to build with it. Bindings for platforms we officially support are pre-generated. The platforms which aws-lc-fips-sys builds on is limited to the platforms where the AWS-LC FIPS static build is supported.

Pregenerated Bindings Availability

Targets

aarch64_apple_darwin aarch64_unknown_linux_gnu aarch64_unknown_linux_musl x86_64_apple_darwin x86_64_unknown_linux_gnu x86_64_unknown_linux_musl

Prebuilt NASM objects

Prebuilt NASM objects are not available for this crate.

Tested AWS-LC FIPS Build Environments

aws-lc-fips-sys currently relies on the AWS-LC FIPS static build, please see our CI documentation at AWS-LC.

Build Prerequisites

Since this crate builds AWS-LC as a native library, all build tools needed to build AWS-LC are applicable to aws-lc-fips-sys as well. This includes Go and Perl, which are hard dependencies for the AWS-LC FIPS build.

Building AWS-LC

If you use a different build combination for FIPS and would like us to support it, please open an issue to us at AWS-LC.

Security Notification Process

If you discover a potential security issue in AWS-LC or aws-lc-fips-sys, we ask that you notify AWS Security via our vulnerability reporting page. Please do not create a public GitHub issue.

If you package or distribute aws-lc-fips-sys, or use aws-lc-fips-sys as part of a large multi-user service, you may be eligible for pre-notification of future aws-lc-fips-sys releases. Please contact aws-lc-pre-notifications@amazon.com.

Contribution

See contributing file at AWS-LC

Licensing

See license at AWS-LC

Dependencies