Fork of github.com/janrueth/boring-rustls-provider

Rust 99.7%
Makefile 0.3%

Find a file

Jan Rüth dfda846989 Rework KeyExchange types		2023-11-24 16:14:10 +01:00
.github/workflows	Create ci.yml	2023-11-24 16:11:18 +01:00
boring-additions	* Move ffi type container to boring-additions	2023-11-24 10:32:33 +01:00
boring-rustls-provider	Rework KeyExchange types	2023-11-24 16:14:10 +01:00
examples	Initial dump for a boring-rustls-provider	2023-11-19 17:49:03 +01:00
.gitignore	Initial dump for a boring-rustls-provider	2023-11-19 17:49:03 +01:00
Cargo.toml	Fix AES256 using wrong hash	2023-11-20 20:36:55 +01:00
LICENSE	Initial commit	2023-11-19 17:46:39 +01:00
Readme.md	Fix AES256 using wrong hash	2023-11-20 20:36:55 +01:00

Readme.md

boring-rustls-provider

This is supposed to be the start to a boringssl-based rustls crypto provider.

Status

This is just a dump of me figuring out how to interface with boring and rustls. It works to establish a connection and exchange data but I haven't written real tests yet, nor did I cleanup the code or made the effort to make it look nice. There is probably some code in here that should rather live in the boring crate.

Further, the rustls crypto provider API is still not stable it seems. This works currently with rustls = 0.22.0-alpha.4.

Supported ciphers

Currently, supports only TLS 1.3:

AES_128_GCM_SHA256
AES_256_GCM_SHA384
CHACHA20_POLY1305_SHA256

Key Exchange Algorithms

ECDHE with curves:

X25519
X448
secp256r1
secp384r1
secp521r1

FFDHE with:

ffdhe2048

Signature Generation / Verification

RSA_PKCS1_SHA256,
RSA_PKCS1_SHA384,
RSA_PKCS1_SHA512,
RSA_PSS_SHA256,
RSA_PSS_SHA384
RSA_PSS_SHA512
ECDSA_NISTP256_SHA256
ECDSA_NISTP384_SHA384
ECDSA_NISTP521_SHA512
ED25519
ED448

License

MIT