| client.rs |
|
39861 |
| client_builder.rs |
Definitions to build a [`Client`].
See [`ClientBuilder`]. |
33546 |
| client_config.rs |
|
2483 |
| crypto.rs |
|
1362 |
| extension |
|
|
| extension.rs |
|
1426 |
| external_client |
|
|
| external_client.rs |
|
4732 |
| grease.rs |
|
7341 |
| group |
|
|
| hash_reference.rs |
|
5051 |
| identity |
|
|
| identity.rs |
|
6171 |
| iter.rs |
|
2223 |
| key_package |
|
|
| lib.rs |
An implementation of the [IETF Messaging Layer Security](https://messaginglayersecurity.rocks)
end-to-end encryption (E2EE) protocol.
## What is MLS?
MLS is a new IETF end-to-end encryption standard that is designed to
provide transport agnostic, asynchronous, and highly performant
communication between a group of clients.
## MLS Protocol Features
- Multi-party E2EE [group evolution](https://www.rfc-editor.org/rfc/rfc9420.html#name-cryptographic-state-and-evo)
via a propose-then-commit mechanism.
- Asynchronous by design with pre-computed [key packages](https://www.rfc-editor.org/rfc/rfc9420.html#name-key-packages),
allowing members to be added to a group while offline.
- Customizable credential system with built in support for X.509 certificates.
- [Extension system](https://www.rfc-editor.org/rfc/rfc9420.html#name-extensions)
allowing for application specific data to be negotiated via the protocol.
- Strong forward secrecy and post compromise security.
- Crypto agility via support for multiple [cipher suites](https://www.rfc-editor.org/rfc/rfc9420.html#name-cipher-suites).
- Pre-shared key support.
- Subgroup branching.
- Group reinitialization for breaking changes such as protocol upgrades.
## Features
- Easy to use client interface that can manage multiple MLS identities and groups.
- 100% RFC 9420 conformance with support for all default credential, proposal,
and extension types.
- Support for WASM builds.
- Configurable storage for key packages, secrets and group state
via traits along with provided "in memory" and SQLite implementations.
- Support for custom user proposal and extension types.
- Ability to create user defined credentials with custom validation
routines that can bridge to existing credential schemes.
- OpenSSL and Rust Crypto based cipher suite implementations.
- Crypto agility with support for user defined cipher suite.
- Extensive test suite including security and interop focused tests against
pre-computed test vectors.
## Crypto Providers
For cipher suite descriptions see the RFC documentation [here](https://www.rfc-editor.org/rfc/rfc9420.html#name-mls-cipher-suites)
| Name | Cipher Suites | X509 Support |
|------|---------------|--------------|
| OpenSSL | 1-7 | Stable |
| AWS-LC | 1,2,3,5,7 | Stable |
| Rust Crypto | 1,2,3 | ⚠️ Experimental |
## Security Notice
This library has been validated for conformance to the RFC 9420 specification but has not yet received a full security audit by a 3rd party. |
7222 |
| message.rs |
|
0 |
| psk |
|
|
| psk.rs |
|
6265 |
| signer.rs |
|
10999 |
| storage_provider |
|
|
| storage_provider.rs |
|
424 |
| test_utils |
|
|
| tree_kem |
|
|