V OpenVet
cargo / aws-lc-rs

aws-lc-rs

cargo

aws-lc-rs is a cryptographic library using AWS-LC for its cryptographic operations. This library strives to be API-compatible with the popular Rust library named ring.

1 audit github.com/aws/aws-lc-rs

Audits

PE Patrick Elsen 2026-05-28

aws-lc-rs@1.17.0

aws-lc-rs 1.17.0 is Amazon's safe-Rust, ring-compatible crypto API: a typed FFI wrapper over the vendored AWS-LC C library, used as a rustls provider. Source is byte-equivalent to upstream. Crypto is implemented in C, not Rust; the Rust attack surface is 354 FFI unsafe blocks, with no network, filesystem, process, or runtime-environment access and a small benign build script. The AEAD, RNG, pointer, and key-zeroization paths reviewed are sound. C-library correctness was out of scope. No findings.

build-exec-deterministicbuild-exec-minimalbuild-exec-no-networkbuild-exec-no-write-outbuild-exec-safeconcurrency-documentedconcurrency-safeenvironment-safehas-binarieshas-build-exechas-fuzz-testshas-install-exechas-integration-testshas-property-testshas-unit-testsimpl-algorithmimpl-concurrencyimpl-cryptoimpl-datastructureimpl-interpreterimpl-jitimpl-parserimpl-protocolis-benignuses-concurrencyuses-cryptouses-environmentuses-execuses-filesystemuses-interpreteruses-jituses-networkuses-unsafe