#webassembly #preview #key #wasm


WASI crypto module proposal

2 releases

0.1.1 Oct 15, 2020
0.1.0 Oct 15, 2020

#2236 in Cryptography

Apache-2.0 WITH LLVM-exception


WASI Cryptography APIs

This repository is for development of Cryptography API proposals for the WASI Subgroup of the WebAssembly Community Group.

Please refer to those groups' documentation for more information on their processes, goals, scope, and deliverables.

Testing the API

The example implementation exports:

  • A Rust interface CryptoCtx modeled after the witx file, but that can be directly used without a WebAssembly runtime.
  • A thin WasiCryptoCtx layer that directly maps that API to the WASI calling conventions, using wiggle.

CryptoCtx can be used to quickly experiment with the API in Rust.

Other languages can use the wasmtime fork above as a WebAssembly runtime in order to access the crypto API.

In that configuration, the API can be accessed via the exported wasi_ephemeral_crypto module.

See the AssemblyScript and Rust bindings as an example.

Currently supported algorithms as a proof of concept:

  • ECDSA_P256_SHA256
  • ECDSA_K256_SHA256
  • Ed25519
  • RSA_PKCS1_2048_SHA256
  • RSA_PKCS1_2048_SHA384
  • RSA_PKCS1_2048_SHA512
  • RSA_PKCS1_3072_SHA384
  • RSA_PKCS1_3072_SHA512
  • RSA_PKCS1_4096_SHA512
  • RSA_PSS_2048_SHA256
  • RSA_PSS_2048_SHA384
  • RSA_PSS_2048_SHA512
  • RSA_PSS_3072_SHA384
  • RSA_PSS_3072_SHA512
  • RSA_PSS_4096_SHA512
  • HMAC/SHA-256
  • HMAC/SHA-512
  • SHA-256
  • SHA-512
  • SHA-512/256
  • AES-128-GCM
  • AES-256-GCM
  • CHACHA20-POLY1305
  • XCHACHA20-POLY1305
  • XOODYAK-128
  • XOODYAK-160
  • X25519
  • KYBER768


~1M SLoC