A crypto provider that abstracts over different crypto implementations, mainly the Rust implementations by RustCrypto, OpenSSL and BoringSSL.
crypto_providerOur own abstraction on top of crypto implementations, including functionalities like AES, SHA2, X25519 and P256 ECDH, HKDF, HMAC, etc.
Two implementations are currently provided, crypto_provider_rustcrypto and crypto_provider_openssl.
crypto_provider::aesAbstraction on top plain AES, including AES-CTR and AES-CBC.
Since we know we‘ll have multiple AES implementations in practice (an embedded device might want to use mbed, but a phone or server might use BoringSSL, etc), it’s nice to define our own minimal AES interface that exposes only what we need and is easy to use from FFI (when we get to that point).
crypto_provider_rustcryptoImplementations of crypto_provider types using the convenient pure-Rust primitives from Rust Crypto.
crypto_provider_opensslImplementations of crypto_provider types using the openSSL Rust crate, which is a Rust wrapper for openSSL.
crypto_provider_openssl can also be made to use BoringSSL via the boringssl feature. This translates to using the openssl and openssl-sys crates' unstable_boringssl feature. Since the depenedency bssl-sys is not on crates.io, to test the BoringSSL integration, you'll need to run cargo run -- build-boringssl, which clones BoringSSL. Then, to use the Android version of rust-openssl, run cargo run -- prepare-rust-openssl.
cargo run -- build-boringssl to setup the workspacecargo --config=.cargo/config-boringssl.toml test --features=boringssl to test the crypto provider implementations.cargo --config=.cargo/config-boringssl.toml run -p <package> --features=openssl,boringssl --no-default-features on FFI, JNI, or shell targets to make them use BoringSSL.See nearby/presence/README.md for machine setup instructions.