13 releases

new 0.5.3 Dec 10, 2024
0.5.1 Oct 13, 2024
0.5.0 Mar 7, 2024
0.4.0 Dec 2, 2023
0.3.0 Jul 24, 2022

#1117 in Cryptography

Download history 85/week @ 2024-08-22 70/week @ 2024-08-29 41/week @ 2024-09-05 41/week @ 2024-09-12 36/week @ 2024-09-19 87/week @ 2024-09-26 150/week @ 2024-10-03 213/week @ 2024-10-10 86/week @ 2024-10-17 107/week @ 2024-10-24 129/week @ 2024-10-31 157/week @ 2024-11-07 125/week @ 2024-11-14 152/week @ 2024-11-21 203/week @ 2024-11-28 342/week @ 2024-12-05

854 downloads per month

MIT/Apache

31KB
701 lines

Windows CNG bridge for rustls

github actions crates license license docs.rs

This crate allows you to use the Windows CNG private keys together with rustls for both the client and server sides of the TLS channel.

Rationale: In many situations, it is required to use non-exportable private certificate chains from the Windows certificate store instead of the external PKCS8 file. rustls-cng can use such chains in the rustls context.

Supported key/certificate types: RSA, ECDSA/ECDH. Supported elliptic curves: secp256r1 (prime256v1), secp384r1.

Documentation.

Usage

The central struct to use in rustls-cng is CngSigningKey, which can be constructed from the low-level NCryptKey handle. The instance of CngSigningKey can then be used in rustls in the custom ResolvesServerCert or ResolvesClientCert implementation.

See the examples directory for usage examples.

License

Licensed under the MIT or Apache licenses (LICENSE-MIT or LICENSE-APACHE)

Dependencies

~79MB
~2M SLoC