{"id":28577194,"url":"https://github.com/op-engineering/op-aws-lc","last_synced_at":"2026-03-01T13:03:04.245Z","repository":{"id":279085558,"uuid":"922592849","full_name":"OP-Engineering/op-aws-lc","owner":"OP-Engineering","description":"AWS-LC Crypto Library for React Native with FIPS enabled by @ospfranco","archived":false,"fork":false,"pushed_at":"2025-12-10T10:38:22.000Z","size":8346,"stargazers_count":21,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-10T10:55:56.560Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OP-Engineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-01-26T16:15:24.000Z","updated_at":"2025-12-10T10:33:52.000Z","dependencies_parsed_at":"2025-06-11T00:30:39.805Z","dependency_job_id":"f5137965-d869-4a0c-b5bc-dbae642b816f","html_url":"https://github.com/OP-Engineering/op-aws-lc","commit_stats":null,"previous_names":["op-engineering/op-aws-lc"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/OP-Engineering/op-aws-lc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OP-Engineering%2Fop-aws-lc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OP-Engineering%2Fop-aws-lc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OP-Engineering%2Fop-aws-lc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OP-Engineering%2Fop-aws-lc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OP-Engineering","download_url":"https://codeload.github.com/OP-Engineering/op-aws-lc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OP-Engineering%2Fop-aws-lc/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29969700,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T12:56:10.327Z","status":"ssl_error","status_checked_at":"2026-03-01T12:55:24.744Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-11T00:30:25.919Z","updated_at":"2026-03-01T13:03:04.241Z","avatar_url":"https://github.com/OP-Engineering.png","language":"C++","readme":"# op-aws-lc\n\nAWS LC with FIPS for React Native. AWS-LC is Amazons LibCrypto. Besides being tailored for their specific use-cases, it is battle tested and constantly updated. This library uses the Rust version for ease of compiling but internally it runs the same code as the base AWS-LC version (it contains code from BoringSSL and handwritten assembly).\n\nAWS-LC-RS follows closely the Ring API, aiming to be a drop-in replacement, this library also tries to mimic the API in a JS idiomatic way.\n\n## Installation\n\n```sh\nnpm install @op-engineering/op-aws-lc\nnpx pod-install\n```\n\nOr if using Expo\n\n```sh\nnpm install @op-engineering/op-aws-lc\nnpx expo prebuild\n```\n\nUnfortunately, AWS-LC with FIPS does not compile for mac intel architectures, so if you add this library to your app it will not be able to be compiled for older Intel Macs.\n\n## Motivation\n\nThe main motivation is not to bring yet another crypto library to the ecosystem, but rather a FIPS certified one for hardened security requirements.\n\nFIPS (Federal Information Processing Standards) is a set of standards and guidelines for cryptographic modules, established by the US National Institute of Standards and Technology (NIST). FIPS 140-2/3 certification ensures that cryptographic modules meet rigorous security requirements for use in government and regulated industries.\n\nKey points about FIPS:\n\n- Required for US federal government systems\n- Industry standard for healthcare and financial sectors\n- Validates implementation of cryptographic algorithms\n- Ensures proper key management and module security\n- AWS-LC has obtained FIPS 140-2 Level 1 validation\n\nThis library binds the Rust version of AWS-LC with FIPS turned on.\n\n[![Amazon LC Fips](https://img.youtube.com/vi/WKNGnCkZiQE/0.jpg)](https://www.youtube.com/watch?v=WKNGnCkZiQE)\n\n## Usage\n\n### Hmac\n\n```ts\nimport { hmac, HmacAlgorithm } from \"@op-engineering/op-aws-lc\";\n\n// key is an ArrayBuffer that contains the raw bytes of the tag\nconst key = hmac.Key.generate(HmacAlgorithm.SHA256);\n\nconst signature = hmac.sign(key, \"hello\");\n\nconst verified = hmac.verify(key, \"hello\", signature);\n\n// There are also async versions when the data you are trying to verify is large\nconst signature = hmac.signAsync(key, \"hello\");\n\nconst verified = hmac.verifyAsync(key, \"hello\", signature);\n\nif (!verified) {\n  throw new Error(\"failed to pass hmac verfication\");\n}\n```\n\n### Rsa\n\nEncryption/Decryption of plaintext with Rsa works. As well as importing/exporting of the private/public key into DER PKCS8/X509 formats.\n\n````ts\nimport {rsa, RsaKeySize, RsaOaepEncryptionAlgorithm } from \"@op-engineering/op-aws-lc\";\n\nconst privateKey = rsa.Key.generatePrivateKey(RsaKeySize.Rsa2048);\nconst privateKeyBytes = rsa.Key.privateKeyToDERPKCS8Bytes(privateKey);\n\nexpect(privateKeyBytes instanceof ArrayBuffer).toBe(true);\n\nconst privateKeyFromBytes =\n  rsa.Key.privateKeyFromDERPKCS8Bytes(privateKeyBytes);\n\nconst publicKey = rsa.Key.generatePublicKey(privateKeyFromBytes);\nconst publicKeyBytes = rsa.Key.publicKeyToDERX509Bytes(publicKey);\n\nexpect(publicKeyBytes instanceof ArrayBuffer).toBe(true);\n\nconst publicKeyFromBytes =\n  rsa.Key.publicKeyFromDERX509Bytes(publicKeyBytes);\n\nconst ciphertext = rsa.oaepEncrypt({\n  algorithm: RsaOaepEncryptionAlgorithm.Sha512mgf1Sha512,\n  publicKey: publicKeyFromBytes,\n  plaintext: 'Hello world',\n});\nexpect(!!ciphertext).toBe(true);\nexpect(ciphertext instanceof ArrayBuffer).toBe(true);\n\nconst decrypted = rsa.oaepDecrypt({\n  algorithm: RsaOaepEncryptionAlgorithm.Sha512mgf1Sha512,\n  privateKey,\n  ciphertext,\n});\n\nexpect(decrypted).toBe('Hello world');\n```\n\n\n## Get in touch\n\nThe rest of the algorithms inside aws-lc still need to be bridged. Get in contact by [joining our Discord](https://discord.gg/W9XmqCQCKP) or write to ospfranco@gmail.com for further assistance.\n\nYou can see the [list of available funcitonality in the Rust crate here](https://docs.rs/aws-lc-rs/latest/aws_lc_rs/). Eventually op-aws-lc aims to cover all of these.\n\n## License\n\nMIT\n````\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fop-engineering%2Fop-aws-lc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fop-engineering%2Fop-aws-lc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fop-engineering%2Fop-aws-lc/lists"}