[robmor]

Is that right?

From the AWS-LC README: https://github.com/aws/aws-lc

> A portable C implementation of all algorithms is included and optimized assembly implementations of select algorithms is included for some x86 and Arm CPUs.

It also states that it kind of forked BoringSSL and OpenSSL.

You’re right though that most of the memory safety attack surface has been replaced with Rust.

[jaas]

I think what you're quoting says what I was saying - assembly with some C around it, wrapped in a Rust API. At least for the "select" (read: most important) algorithms. The details of the C/asm boundary in aws-lc are hard to summarize.

Ideally the C would eventually move to Rust, but I think aws-lc needs to work in many contexts where a Rust toolchain is not available so it might be a while.

Graviola is an interesting option under development, in part because it gets rid of the C:

https://github.com/ctz/graviola

[toast0]

TLS in X, cryptography from OpenSSL (in C and assembly) is a common, useful pattern for integrating TLS in other languages.

TLS is the protocol generation and parsing, hopefully (but not always) including certificate parsing.

Crypto tends to have clear, fixed buffer sizes, and OpenSSL tends to have good implementations of it with reasonable interfaces.

Protocol parsing and certificate parsing and validation are where many more problems happen that memory safety can reduce. High profile crypto problems are generally information leaks from non-constant time algorithms leaking information; although information leaks also happen from protocol code too.