#boring-ssl #tls #boring #api-bindings #rust

superboring

A reimplementation of the 'boring' crate in pure Rust

5 releases

new 0.1.4 Dec 9, 2024
0.1.3 Sep 17, 2024
0.1.2 Dec 17, 2023
0.1.1 Dec 17, 2023
0.1.0 Dec 17, 2023

#374 in Cryptography

Download history 19407/week @ 2024-08-19 18406/week @ 2024-08-26 18487/week @ 2024-09-02 20748/week @ 2024-09-09 20939/week @ 2024-09-16 19967/week @ 2024-09-23 19779/week @ 2024-09-30 18813/week @ 2024-10-07 16607/week @ 2024-10-14 22611/week @ 2024-10-21 20503/week @ 2024-10-28 23532/week @ 2024-11-04 21067/week @ 2024-11-11 23092/week @ 2024-11-18 19789/week @ 2024-11-25 21622/week @ 2024-12-02

86,252 downloads per month
Used in 19 crates (2 directly)

ISC license

200KB
886 lines

Superboring

A Boring(SSL)-compatible API abstraction for Rust cryptographic implementations.

What is Superboring?

Superboring hides the complexity, diversity and instability of cryptographic implementations written in Rust behind an emulation of the boring API (Rust excellent wrappers for BoringSSL).

This allows applications written using the boring API to be able to also use pure Rust implementations without having to maintain two code bases.

Why use emulation instead of always using boring?

Here are valid reasons why using boring may sometimes not be an option.

All of them are just features that haven't been implemented in the boring crate yet, and that the boring maintainers would probably love getting help with, rather than people finding workarounds.

WebAssembly

While BoringSSL itself can be compiled to WebAssembly, the boring crate currently doesn't support this.

Symbol collisions with OpenSSL

OpenSSL and BoringSSL share a lot of symbols, which can cause collisions.

BoringSSL has the ability to prefix symbols in order to avoid this. But the boring crate currently doesn't support this.

Static builds

The real boring crate supports static builds using musl, so emulation is not required. Just use cargo-zigbuild:

cargo zigbuild --target=x86_64-unknown-linux-musl

What is currently implemented?

Superboring currently implements pretty much everything required to handle RSA signatures.

Dependencies

~0–1MB
~19K SLoC