Google Git
Sign in
android / platform / external / rust / crates / mls-rs / refs/heads/android15-automotiveos-dev
commit32e4d9dce6dcfd1b854ba1d8525846c4a8235255[log] [tgz]
authorAndroid Build Coastguard Worker <[email protected]>Thu Aug 08 01:13:14 2024 +0000
committerAndroid Build Coastguard Worker <[email protected]>Thu Aug 08 01:13:14 2024 +0000
tree37171c22be7a479ee14ae088cff731e91eac1052
parent42c61494938439923407e7ea01cd51b4c7da18ce [diff]
parent3637628b4bc91b1b5fa8e9badc869eed02c8ecec [diff]
Snap for 12199973 from 3637628b4bc91b1b5fa8e9badc869eed02c8ecec to 24Q4-release

Change-Id: I19d128fe7aadc2f8865b14d0f00a4f0ff6386796
tree: 37171c22be7a479ee14ae088cff731e91eac1052
  1. .cargo/
  2. benches/
  3. examples/
  4. src/
  5. test_utils/
  6. tests/
  7. LICENSELICENSE-apache
  8. .cargo_vcs_info.json
  9. Android.bp
  10. Cargo.lock
  11. Cargo.toml
  12. cargo_embargo.json
  13. LICENSE-apache
  14. LICENSE-mit
  15. METADATA
  16. MODULE_LICENSE_APACHE2
  17. OWNERS
  18. README.md
  19. webdriver.json
README.md

mls-rs   Build Status Latest Version API Documentation codecov

An implementation of the IETF Messaging Layer Security end-to-end encryption (E2EE) protocol.

What is MLS?

MLS is a new IETF end-to-end encryption standard that is designed to provide transport agnostic, asynchronous, and highly performant communication between a group of clients.

MLS Protocol Features

  • Multi-party E2EE group evolution via a propose-then-commit mechanism.
  • Asynchronous by design with pre-computed key packages, allowing members to be added to a group while offline.
  • Customizable credential system with built in support for X.509 certificates.
  • Extension system allowing for application specific data to be negotiated via the protocol.
  • Strong forward secrecy and post compromise security.
  • Crypto agility via support for multiple cipher suites.
  • Pre-shared key support.
  • Subgroup branching.
  • Group reinitialization for breaking changes such as protocol upgrades.

Features

  • Easy to use client interface that can manage multiple MLS identities and groups.
  • 100% RFC 9420 conformance with support for all default credential, proposal, and extension types.
  • Support for WASM builds.
  • Configurable storage for key packages, secrets and group state via traits along with provided “in memory” and SQLite implementations.
  • Support for custom user proposal and extension types.
  • Ability to create user defined credentials with custom validation routines that can bridge to existing credential schemes.
  • OpenSSL and Rust Crypto based cipher suite implementations.
  • Crypto agility with support for user defined cipher suite.
  • Extensive test suite including security and interop focused tests against pre-computed test vectors.

Crypto Providers

For cipher suite descriptions see the RFC documentation here

NameCipher SuitesX509 Support
OpenSSL1-7Stable
AWS-LC1,2,3,5,7Stable
Rust Crypto1,2,3⚠️ Experimental
Web Crypto⚠️ Experimental 2,5,7Unsupported

Security Notice

This library has been validated for conformance to the RFC 9420 specification but has not yet received a full security audit by a 3rd party.

License

This library is licensed under the Apache-2.0 or the MIT License.