jedisct1

How to embed C/C++ code in a Rust project targeting WebAssembly

When targeting WebAssembly, C/C++ code can be compiled as a library, and then get statically linked to a Rust project.

Step 1

Install the Zig toolchain in order to compile C and C++ code to WebAssembly.

zig cc is available for many platforms including Windows, and makes it easy to switch back and forth between native and wasm targets. WebAssembly is a Tier-1 target, and it was successfully used to port libraries such as ffmpeg, zlib, openssl, boringssl and libsodium.

jedisct1

use flate2::Compression;
use std::io::prelude::*;

use benchmark_simple::*;

fn memusage() -> usize {
    #[cfg(target_arch = "wasm32")]
    let z = core::arch::wasm32::memory_grow(0, 0);

    #[cfg(not(target_arch = "wasm32"))]

jedisct1

package main

import (
	"crypto/aes"
	"net"
)

func EncryptIp(key []byte, ip net.IP) net.IP {
	cipher, err := aes.NewCipher(key)
	if err != nil {

jedisct1

std.crypto changes

New features

• Salsa20: round-reduced variants can now be used.
• The POLYVAL universal hash function was added.
• AEGIS: support for 256-bit tags was added.
• A MAC API was added to AEGIS (std.crypto.auth.aegis) - AEGIS can be used as a high-performance MAC on systems with hardware AES support. Note that this is not a hash function; a secret key is absolutely required in order to authenticate untrusted messages.
• Edwards25519: a rejectLowOrder() function was added to quickly reject low-order points.
• HKDF: with extractInit(), a PRK can now be initialized with only a salt, the keying material being added later, possibly as multiple chunks.

jedisct1

diff --git a/lib/std/crypto/ecdsa.zig b/lib/std/crypto/ecdsa.zig
index 1a5335b07..b78cf6f6e 100644
--- a/lib/std/crypto/ecdsa.zig
+++ b/lib/std/crypto/ecdsa.zig
@@ -196,8 +196,11 @@ pub fn Ecdsa(comptime Curve: type, comptime Hash: type) type {
                 self.h.update(data);
             }
 
-            /// Compute a signature over the entire message.
-            pub fn finalize(self: *Signer) (IdentityElementError || NonCanonicalError)!Signature {

jedisct1

use aegis::aegis128l::Aegis128L;

const ENCRYPTED_MESSAGE_PREFIX: &[u8] = b"E:aegis128l:";

pub fn encrypt_message(data: &[u8], key: &[u8; 16]) -> Result<Vec<u8>, getrandom::Error> {
    let mut nonce = [0; 16];
    getrandom::getrandom(&mut nonce)?;

    let cipher = Aegis128L::<32>::new(key, &nonce);
    let (encrypted, tag) = cipher.encrypt(data, &[]);

jedisct1

const std = @import("std");
const HmacSha256 = std.crypto.auth.hmac.sha2.HmacSha256;

pub fn main() !void {
    var out: [HmacSha256.mac_length]u8 = undefined;
    HmacSha256.create(&out, "The quick brown fox jumps over the lazy dog", "key");
    std.debug.print("{s}\n", .{std.fmt.bytesToHex(&out, .lower)});
}

jedisct1

diff --git a/Cargo.toml b/Cargo.toml
index 5f580b6..d0f55d0 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,12 @@
 [package]
 name = "prio"
 version = "0.12.2"
-authors = ["Josh Aas <jaas@kflag.net>", "Tim Geoghegan <timg@letsencrypt.org>", "Christopher Patton <cpatton@cloudflare.com", "Karl Tarbe <tarbe@apple.com>"]
+authors = [

jedisct1

diff --git a/Cargo.toml b/Cargo.toml
index 5f580b6..d0f55d0 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,12 @@
 [package]
 name = "prio"
 version = "0.12.2"
-authors = ["Josh Aas <jaas@kflag.net>", "Tim Geoghegan <timg@letsencrypt.org>", "Christopher Patton <cpatton@cloudflare.com", "Karl Tarbe <tarbe@apple.com>"]
+authors = [

jedisct1

diff --git a/Cargo.toml b/Cargo.toml
index 5f580b6..984b476 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -35,7 +35,7 @@ rayon = { version = "1.7.0", optional = true }
 
 # dependencies required if feature "prio2" is enabled
 aes-gcm = { version = "^0.10", optional = true }
-ring = { version = "0.16.20", optional = true }
+ring = { package = "ring-wasi", version = "0.16.25", optional = true }