rustls-mbedtls-provider-utils 0.2.1

Utility code used in mbedtls based provider for rustls.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

# rustls-mbedtls-provider

This repository will contain code to allow [mbedtls](https://github.com/fortanix/rust-mbedtls) to be used
as the crypto and PKI provider for [rustls](https://github.com/rustls/rustls).

## Crypto provider

Implements following `rustls` traits:

- Hash algorithms through: [`Hash`] + [`Context`]
  - Support: `SHA256`, `SHA384`
- Hmac algorithms through: [`Hmac`] + [`Key`]
  - Support: `HMAC_SHA256`, `HMAC_SHA384`
- key-exchange groups through: [`SupportedKxGroup`] + [`ActiveKeyExchange`]
  - Support: `X25519`, `SECP256R1`, `SECP384R1`, `SECP521R1`, `FFDHE2048`, `FFDHE3072`, `FFDHE4096`, `FFDHE6144`, `FFDHE8192`
- [`CryptoProvider`]
- Aead algorithms though:[`Tls12AeadAlgorithm`] + [`Tls13AeadAlgorithm`] + [`MessageEncrypter`] + [`MessageDecrypter`]
  - Support: `AES128_GCM`, `AES256_GCM`, `CHACHA20_POLY1305`

Supports following ciphersuites:
- TLS 1.3
  - `TLS13_AES_256_GCM_SHA384`
  - `TLS13_AES_128_GCM_SHA256`
  - `TLS13_CHACHA20_POLY1305_SHA256`
- TLS 1.2
  - `TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384`
  - `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256`
  - `TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256`
  - `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`
  - `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
  - `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256`
  - `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256`
  - `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384`
  - `TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256`

## PKI provider

Implements [`ClientCertVerifier`](https://docs.rs/rustls/latest/rustls/server/trait.ClientCertVerifier.html) and [`ClientCertVerifier`](https://docs.rs/rustls/latest/rustls/client/trait.ServerCertVerifier.html) traits from `rustls` using mbedtls.

# Developing

## Code style

Use `cargo fmt` for code formatting.

Use `taplo fmt` for `Cargo.toml` formatting. Please check [Taplo Website](https://taplo.tamasfe.dev/) for installing the cli tool.

# Contributing

We gratefully accept bug reports and contributions from the community. By
participating in this community, you agree to abide by [Code of
Conduct](./CODE_OF_CONDUCT.md). All contributions are covered under the
Developer's Certificate of Origin (DCO).

## Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right
to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my
knowledge, is covered under an appropriate open source license and I have the
right under that license to submit that work with modifications, whether created
in whole or in part by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who
certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and
that a record of the contribution (including all personal information I submit
with it, including my sign-off) is maintained indefinitely and may be
redistributed consistent with this project or the open source license(s)
involved.

# License

This project is primarily distributed under the terms of the Mozilla Public
License (MPL) 2.0, see [LICENSE](./LICENSE) for details.


[`Hash`]: https://docs.rs/rustls/0.22.3/rustls/crypto/hash/trait.Hash.html
[`Context`]: https://docs.rs/rustls/0.22.3/rustls/crypto/hash/trait.Context.html
[`Hmac`]: https://docs.rs/rustls/0.22.3/rustls/crypto/hmac/trait.Hmac.html
[`Key`]: https://docs.rs/rustls/0.22.3/rustls/crypto/hmac/trait.Key.html
[`SupportedKxGroup`]: https://docs.rs/rustls/0.22.3/rustls/crypto/trait.SupportedKxGroup.html
[`ActiveKeyExchange`]: https://docs.rs/rustls/0.22.3/rustls/crypto/trait.ActiveKeyExchange.html
[`CryptoProvider`]: https://docs.rs/rustls/0.22.3/rustls/crypto/trait.CryptoProvider.html
[`Tls12AeadAlgorithm`]: https://docs.rs/rustls/0.22.3/rustls/crypto/cipher/trait.Tls12AeadAlgorithm.html
[`Tls13AeadAlgorithm`]: https://docs.rs/rustls/0.22.3/rustls/crypto/cipher/trait.Tls13AeadAlgorithm.html
[`MessageEncrypter`]: https://docs.rs/rustls/0.22.3/rustls/crypto/cipher/trait.MessageEncrypter.html
[`MessageDecrypter`]: https://docs.rs/rustls/0.22.3/rustls/crypto/cipher/trait.MessageDecrypter.html