Initial dump for a boring-rustls-provider

This is just a dump of me figuring out how to interface with boring and rustls. It works to establish a connection and exchange data but I haven't written real tests yet, nor did I cleanup the code or made the effort to make it look nice. There is probably some code in here that should rather live in the `boring` crate.
2023-11-19 17:41:54 +01:00 · 2023-11-19 17:41:54 +01:00 · 5c45b9426b
commit 5c45b9426b
parent db339f7161
24 changed files with 2355 additions and 0 deletions
--- a/Readme.md
+++ b/Readme.md
@ -0,0 +1,55 @@
+# boring-rustls-provider
+
+This is supposed to be the start to a [boringssl](https://github.com/cloudflare/boring)-based [rustls](https://github.com/rustls/rustls) crypto provider.
+
+## Status
+This is just a dump of me figuring out how to interface with boring and rustls.
+It works to establish a connection and exchange data but I haven't written real tests yet, nor did I cleanup the code or made the effort to make it look nice.
+There is probably some code in here that should rather live in the `boring` crate.
+
+Further, the rustls crypto provider API is still not stable it seems. This works currently with `rustls = 0.22.0-alpha.4`.
+
+### Supported ciphers
+Currently, supports only TLS 1.3:
+```
+AES_128_GCM_SHA256
+AES_256_GCM_SHA256
+CHACHA20_POLY1305_SHA256
+```
+
+### Key Exchange Algorithms
+ 
+`ECDHE` with curves:
+```
+X25519
+X448
+secp256r1
+secp384r1
+secp521r1
+```
+
+
+`FFDHE` with:
+```
+ffdhe2048
+```
+
+### Signature Generation / Verification
+
+```
+RSA_PKCS1_SHA256,
+RSA_PKCS1_SHA384,
+RSA_PKCS1_SHA512,
+RSA_PSS_SHA256,
+RSA_PSS_SHA384
+RSA_PSS_SHA512
+ECDSA_NISTP256_SHA256
+ECDSA_NISTP384_SHA384
+ECDSA_NISTP521_SHA512
+ED25519
+ED448
+```
+
+
+## License
+MIT