Introduction
OpenMLS is a Rust implementation of the Messaging Layer Security (MLS) protocol, as specified in RFC 9420. OpenMLS provides a high-level API to create and manage MLS groups. It supports basic ciphersuites and an interchangeable cryptographic provider, key store, and random number generator.
This book provides guidance on using OpenMLS and its MlsGroup
API to perform basic group operations, illustrated with examples.
Supported ciphersuites
- MLS_128_HPKEX25519_AES128GCM_SHA256_Ed25519 (MTI)
- MLS_128_DHKEMP256_AES128GCM_SHA256_P256
- MLS_128_HPKEX25519_CHACHA20POLY1305_SHA256_Ed25519
Supported platforms
OpenMLS is built and tested on the Github CI for the following rust targets.
- x86_64-unknown-linux-gnu
- i686-unknown-linux-gnu
- x86_64-pc-windows-msvc
- i686-pc-windows-msvc
- x86_64-apple-darwin
Unsupported, but built on CI
The Github CI also builds (but doesn't test) the following rust targets.
- aarch64-apple-darwin
- aarch64-unknown-linux-gnu
- aarch64-linux-android
- aarch64-apple-ios
- aarch64-apple-ios-sim
- wasm32-unknown-unknown
- armv7-linux-androideabi
- x86_64-linux-android
- i686-linux-android
OpenMLS supports 32 bit platforms and above.
Cryptography Dependencies
OpenMLS does not implement its own cryptographic primitives. Instead, it relies on existing implementations of the cryptographic primitives used by MLS. There are two different cryptography providers implemented right now. But consumers can bring their own implementation. See traits for more details.
Working on OpenMLS
For more details when working on OpenMLS itself please see the Developer.md.
Maintenance & Support
OpenMLS is maintained and developed by Phoenix R&D and Cryspen.
Acknowledgements
Zulip graciously provides the OpenMLS community with a "Zulip Cloud Standard" tier Zulip instance.