mod hash;
mod hpke;
mod rand;
mod signature;
use self::hash::HashScheme;
use self::hpke::HpkeSuite;
use self::rand::RandChacha;
use self::signature::SignatureScheme;
use super::*;
use crate::crypto::*;
struct CipherSuiteDescription {
hash: HashScheme,
hpke: HpkeSuite,
signature: SignatureScheme,
}
static CIPHER_SUITE_DESCRIPTIONS: [CipherSuiteDescription; 7 ] = [
CipherSuiteDescription {
hash: HashScheme::SHA256,
hpke: HpkeSuite {
kem: Kem::KEM_X25519_HKDF_SHA256,
kdf: Kdf::KDF_HKDF_SHA256,
aead: Aead::AEAD_AES128GCM,
},
signature: SignatureScheme::Ed25519,
},
CipherSuiteDescription {
hash: HashScheme::SHA256,
hpke: HpkeSuite {
kem: Kem::KEM_P256_HKDF_SHA256,
kdf: Kdf::KDF_HKDF_SHA256,
aead: Aead::AEAD_AES128GCM,
},
signature: SignatureScheme::ECDSA_P256_SHA256,
},
CipherSuiteDescription {
hash: HashScheme::SHA256,
hpke: HpkeSuite {
kem: Kem::KEM_X25519_HKDF_SHA256,
kdf: Kdf::KDF_HKDF_SHA256,
aead: Aead::AEAD_ChaCha20Poly1305,
},
signature: SignatureScheme::Ed25519,
},
CipherSuiteDescription {
hash: HashScheme::SHA512,
hpke: HpkeSuite {
kem: Kem::KEM_X448_HKDF_SHA512,
kdf: Kdf::KDF_HKDF_SHA512,
aead: Aead::AEAD_AES256GCM,
},
signature: SignatureScheme::Ed448,
},
CipherSuiteDescription {
hash: HashScheme::SHA512,
hpke: HpkeSuite {
kem: Kem::KEM_P521_HKDF_SHA512,
kdf: Kdf::KDF_HKDF_SHA512,
aead: Aead::AEAD_AES256GCM,
},
signature: SignatureScheme::ECDSA_P521_SHA512,
},
CipherSuiteDescription {
hash: HashScheme::SHA512,
hpke: HpkeSuite {
kem: Kem::KEM_X448_HKDF_SHA512,
kdf: Kdf::KDF_HKDF_SHA512,
aead: Aead::AEAD_ChaCha20Poly1305,
},
signature: SignatureScheme::Ed448,
},
CipherSuiteDescription {
hash: HashScheme::SHA384,
hpke: HpkeSuite {
kem: Kem::KEM_P384_HKDF_SHA384,
kdf: Kdf::KDF_HKDF_SHA384,
aead: Aead::AEAD_AES256GCM,
},
signature: SignatureScheme::ECDSA_P384_SHA384,
},
];
#[derive(Default, Debug)]
pub struct RustCryptoProvider {
rand: RandChacha,
}
impl CryptoProvider for RustCryptoProvider {
fn supports(&self, cipher_suite: CipherSuite) -> bool {
matches!(
cipher_suite,
CipherSuite::MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519
| CipherSuite::MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519
| CipherSuite::MLS_128_DHKEMP256_AES128GCM_SHA256_P256
)
}
fn supported(&self) -> Vec<CipherSuite> {
vec![
CipherSuite::MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519,
CipherSuite::MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519,
CipherSuite::MLS_128_DHKEMP256_AES128GCM_SHA256_P256,
]
}
fn rand(&self) -> &dyn Rand {
&self.rand
}
fn hash(&self, cipher_suite: CipherSuite) -> &dyn Hash {
&CIPHER_SUITE_DESCRIPTIONS[cipher_suite as usize - 1].hash
}
fn hpke(&self, cipher_suite: CipherSuite) -> &dyn Hpke {
&CIPHER_SUITE_DESCRIPTIONS[cipher_suite as usize - 1].hpke
}
fn signature(&self, cipher_suite: CipherSuite) -> &dyn Signature {
&CIPHER_SUITE_DESCRIPTIONS[cipher_suite as usize - 1].signature
}
}