- Decentralized PKI(DPKI), DIDs, DKMS, and Credential Management
- End-to-End Encrypted Communication (TLS1.3)
- Programmable Hardware Root of Trust
- Overlay Routing
- Cloud Add-Ons for Real-time Data Flow and Processing
Hardware Root of Trust is the security foundation for an SoC, other semiconductor device or electronic system. The RoT contains the keys for cryptographic functions and is usually a part of the secure boot process providing the foundation for the software chain of trust. UNiD is a set of libraries written by Rust that can leverage the RoT and decentralized identity technology to autonomously generate key pairs, register the credentials on a decentralized PKI, and build end-to-end secure channel by the TLS handshake protocol. This capabilities reduce the development cost of device security, increase flexibilities, and facilitates real-time data flow and processing.
By abstracting every device and cloud as globally unique endpoints and building an E2E secure channel, each endpoint can send encrypted messages regardless of the network topology or routing hops.
- Install wasm-pack
curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
for more info: https://rustwasm.github.io/wasm-pack/installer/
- Build the rust code into wasm code
- For web:
wasm-pack build --target web
- For nodejs:
wasm-pack build --target nodejs
After you build for specific target, you can import the exported classes from 'pkg/cipher_lib.js'
Exported Classes and included methods:
encrypt given utf-8 text input with a secure utf-8 key input into a base64 encrypted string.
const encrypted = Cipher.encrypt("hello", "secret");
console.log(encrypted); //gives aes encrypted base64 string
decrypt given base64 encrypted string input with the correct secure utf-8 key input to get the original utf-8 text
const decrypted = Cipher.decrypt(encrypted, "secret"); //encrypted is base64 encrypted string from previous encryption
console.log(decrypted); //gives the original text i.e. "hello"
create base64 hash string from a given utf-8 text input and a secure utf-8 key input.
const hashed = Hasher.digest("hello", "secret");
console.log(hashed); //gives hmacsha512 hashed base64 string
verify if the given base64 hash string is the correct hash output for the given pair of utf-8 text input and secure utf-8 key input.
const isCorrectHashed = Hasher.verify("hello", hashed, "secret"); // hashed is base64 hashed string from previous hashing
console.log(isCorrectHashed); // returns true
sign a given utf-8 string input with a base64 string secret key and get a base64 string ecdsa signature.
verify if the given base64 string signature is the correct signature for the given pair of utf-8 string input and a base64 string public key.
encode a given object input with a base64 string secret key and get a base64 string ecdsa signature.
verify if the given base64 string signature is the correct signature for the given pair of object input and a base64 string public key.
5. Credential Signer
encode a given object input with signing suite object and get the signed object.
verify if the given signed object is valid or not.
There are two types of unit test depending on the target:
- Native test (excluding wasmbindgen's test)
- Wasm-pack test (only wasmbindgen's test)
wasm-pack test --node