core-crypto

CoreCrypto Architecture

Components


Keystore

Purpose

The keystore’s purpose is to securely store the Client’s keying material on-device.

As such, its requirements are:

Implementation

On most platforms, the keystore relies on SQLCipher to persist & encrypt data On WebAssembly (TS/JS bindings for the web & electron), the keystore calls into the browser’s IndexedDB to persist data and AES256-GCM to encrypt data (via RustCrypto).

Status


MlsProvider

Purpose

Interfacing with the OpenMLSCryptoProvider trait to allow OpenMLS to call into our keystore

Implementation

Just implementing a single trait and instanciating the relevant structs, namely the crypto provider from RustCrypto and our Keystore


CoreCrypto

Purpose

Implements and abstracts differences between protocols (MLS, Proteus), and also erases the API inconsistences in those APIs. CoreCrypto basically aims at being as simple as possible, erasing protocol specifics and manipulating “layman” entities.

Implementation

Based around a Central concept (see MlsCentral in lib.rs), where a single object holds ownership over what is needed at runtime.

A couple of other concepts are used:


CoreCryptoFFI

Purpose

Allows other programming languages and platforms to embed and interact with CoreCrypto

Implementation