19 releases (10 breaking)

0.12.0 Oct 16, 2023
0.10.0 Mar 15, 2023
0.9.3 Sep 2, 2022
0.9.2 Feb 16, 2022
0.3.0 Jul 14, 2020

#2074 in Cryptography

Download history 287/week @ 2024-07-23 471/week @ 2024-07-30 397/week @ 2024-08-06 479/week @ 2024-08-13 411/week @ 2024-08-20 538/week @ 2024-08-27 571/week @ 2024-09-03 454/week @ 2024-09-10 332/week @ 2024-09-17 488/week @ 2024-09-24 704/week @ 2024-10-01 690/week @ 2024-10-08 509/week @ 2024-10-15 646/week @ 2024-10-22 596/week @ 2024-10-29 622/week @ 2024-11-05

2,471 downloads per month
Used in 6 crates (via psa-crypto)

Apache-2.0

6MB
128K SLoC

C 99K SLoC // 0.1% comments Shell 12K SLoC // 0.1% comments Visual Studio Project 9K SLoC Python 4.5K SLoC // 0.4% comments Perl 1.5K SLoC // 0.3% comments Rust 850 SLoC // 0.1% comments Visual Studio Solution 704 SLoC C++ 73 SLoC // 0.2% comments Batch 25 SLoC GDB Script 22 SLoC // 0.7% comments Bitbake 7 SLoC TCL 4 SLoC

PSA Cryptography API Rust Wrapper

This is the lower-level wrapper that exposes a minimal low-level C interface to Rust.

Crates.io Code documentation CI tests

Dependencies

This crate exposes an interface for the PSA Crypto API and thus links to libraries that expose this interface. The expected name of the library is derived from the reference implementation of the API - mbedcrypto.

If the library and its headers folder are already installed locally you can specify their location (the full absolute path) using the MBEDTLS_LIB_DIR and MBEDTLS_INCLUDE_DIR environment variables at build time. By default dynamic linking is attempted - if you wish to link statically you can enable the static feature or pass the MBEDCRYPTO_STATIC environment variable, set to any value.

Alternatively, the crate will attempt to build the library from scratch and link against it statically. In this use case enabling the static feature makes no difference and there is no way to allow dynamic linking. The requirements for configuring and building MbedTLS can be found on their repository homepage.

By default, the mbedcrypto library itself and the shim library (which is needed for inline functions) will not have not have any prefixes. If the prefix feature is enabled, both the libraries are renamed by adding a prefix of the form psa_crypto_X_Y_Z_. Also every globally defined symbol in those libraries has that prefix added. This is to avoid link-time collisions with other crates that might use the same library, including other versions of this crate. The renaming of symbols uses the nm and objcopy commands.

Linking and generating implementation-specific APIs is controlled by the operations feature that is enabled by default. Therefore, if you require only the specification-defined bits of the API (namely the constants and types) you can simply disable default features.

You might want to only use the interface part (including the implementation-defined bits) of this crate to build for example a PSA Secure Element Driver. With the feature interface, this crate will only produce the implementation-defined types and their helpers/accessors using the MBEDTLS_INCLUDE_DIR variable that you need to pass.

Cross-compilation

The interface and operations features need a C toolchain. When cross-compiling, the appropriate C toolchain will automatically be selected. Compilation will fail if it is not available on your system.

The CI currently tests cross-compilation for the following targets:

  • aarch64-unknown-linux-gnu
  • armv7-unknown-linux-gnueabihf

No runtime deps