What is wasm_web_crypto?
wasm_web_crypto is a Rust crate that wraps the Web Crypto API for WebAssembly targets.
Rather than reimplementing cryptographic algorithms in Rust, this crate calls the runtime's native implementation through web-sys bindings. The browser, Cloudflare Workers, Deno, or Node.js provides the actual cryptographic operations -- this crate makes them accessible with Rust-native types.
Why not pure Rust crypto?
This crate does not reimplement cryptographic algorithms in Rust. It delegates to the runtime's native Web Crypto API, so side-channel resistance and implementation correctness are the runtime vendor's responsibility, not yours. The wasm binary stays small since no crypto code is bundled -- only a thin wrapper around web-sys calls.
What it covers
Crypto--getRandomValues()andrandomUUID()SubtleCrypto-- all 12 methods:sign,verify,encrypt,decrypt,digest,generateKey,importKey,exportKey,deriveKey,deriveBits,wrapKey,unwrapKey
Supported algorithms
| Category | Algorithms |
|---|---|
| Signature | RSASSA-PKCS1-v1_5, RSA-PSS, ECDSA, Ed25519 |
| Encryption | RSA-OAEP, AES-CTR, AES-CBC, AES-GCM |
| Key wrapping | AES-KW |
| Key derivation | ECDH, X25519, HKDF, PBKDF2 |
| MAC | HMAC |
| Hash | SHA-1, SHA-256, SHA-384, SHA-512 |
Runtime compatibility
Works on any runtime that exposes crypto.subtle:
- Browsers (Chrome, Firefox, Safari)
- Cloudflare Workers
- Deno
- Node.js 20+