WASI Cryptography APIs

This repository is for development of Cryptography API proposals for the WASI Subgroup of the WebAssembly Community Group.

Please refer to those groups' documentation for more information on their processes, goals, scope, and deliverables.

• High-level goals
• Security design document
• Specification
• Interface definitions:
  • common types and functions (witx, doc)
  • symmetric operations (witx, doc)
  • common types and functions for asymmetric operations (witx, doc)
  • signatures (witx, doc)
  • key exchange (witx, doc)
  • external secrets (witx, doc)
• Concise API overview
• Wasmtime implementation - Wasmtime fork with wasi-crypto integration
• Example AssemblyScript bindings
• Example Rust bindings

Testing the API

The example implementation exports:

• A Rust interface CryptoCtx modeled after the witx file, but that can be directly used without a WebAssembly runtime.
• A thin WasiCryptoCtx layer that directly maps that API to the WASI calling conventions, using wiggle.

CryptoCtx can be used to quickly experiment with the API in Rust.

Other languages can use the wasmtime fork above as a WebAssembly runtime in order to access the crypto API.

In that configuration, the API can be accessed via the exported wasi_ephemeral_crypto module.

See the AssemblyScript and Rust bindings as an example.

Currently supported algorithms as a proof of concept:

• ECDSA_P256_SHA256
• ECDSA_K256_SHA256
• Ed25519
• RSA_PKCS1_2048_SHA256
• RSA_PKCS1_2048_SHA384
• RSA_PKCS1_2048_SHA512
• RSA_PKCS1_3072_SHA384
• RSA_PKCS1_3072_SHA512
• RSA_PKCS1_4096_SHA512
• RSA_PSS_2048_SHA256
• RSA_PSS_2048_SHA384
• RSA_PSS_2048_SHA512
• RSA_PSS_3072_SHA384
• RSA_PSS_3072_SHA512
• RSA_PSS_4096_SHA512
• HKDF-EXTRACT/SHA-256
• HKDF-EXTRACT/SHA-512
• HKDF-EXPAND/SHA-256
• HKDF-EXPAND/SHA-512
• HMAC/SHA-256
• HMAC/SHA-512
• SHA-256
• SHA-512
• SHA-512/256
• AES-128-GCM
• AES-256-GCM
• CHACHA20-POLY1305
• XCHACHA20-POLY1305
• XOODYAK-128
• XOODYAK-160
• X25519
• KYBER768