Documentation Index
Fetch the complete documentation index at: https://mintlify.com/openmls/openmls/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Ciphersuites define the cryptographic algorithms used in MLS protocol operations. Each ciphersuite specifies a combination of:
- HPKE KEM (Key Encapsulation Mechanism)
- AEAD (Authenticated Encryption with Associated Data)
- Hash algorithm
- Signature scheme
Supported Ciphersuites
OpenMLS supports the following ciphersuites:
- MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519 (MTI - Mandatory to Implement)
- MLS_128_DHKEMP256_AES128GCM_SHA256_P256
- MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519
Ciphersuite
The main ciphersuite enum defining all supported cryptographic configurations.
MLS ciphersuite enumeration
MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519
DH KEM x25519 | AES-GCM 128 | SHA2-256 | Ed25519 (Mandatory to Implement)
MLS_128_DHKEMP256_AES128GCM_SHA256_P256
DH KEM P256 | AES-GCM 128 | SHA2-256 | EcDSA P256
MLS_128_DHKEMX25519_CHACHA20POLY1305_SHA256_Ed25519
DH KEM x25519 | Chacha20Poly1305 | SHA2-256 | Ed25519
MLS_256_DHKEMX448_AES256GCM_SHA512_Ed448
DH KEM x448 | AES-GCM 256 | SHA2-512 | Ed448
MLS_256_DHKEMP521_AES256GCM_SHA512_P521
DH KEM P521 | AES-GCM 256 | SHA2-512 | EcDSA P521
MLS_256_DHKEMX448_CHACHA20POLY1305_SHA512_Ed448
DH KEM x448 | Chacha20Poly1305 | SHA2-512 | Ed448
MLS_256_DHKEMP384_AES256GCM_SHA384_P384
DH KEM P384 | AES-GCM 256 | SHA2-384 | EcDSA P384
MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519
X-WING KEM draft-01 | Chacha20Poly1305 | SHA2-256 | Ed25519
Methods
Algorithm Accessors
Returns the hash algorithm for this ciphersuitepub const fn hash_algorithm(&self) -> HashType
signature_algorithm
fn(&self) -> SignatureScheme
Returns the signature scheme for this ciphersuitepub const fn signature_algorithm(&self) -> SignatureScheme
Returns the AEAD algorithm for this ciphersuitepub const fn aead_algorithm(&self) -> AeadType
Returns the HPKE KDF algorithm for this ciphersuitepub const fn hpke_kdf_algorithm(&self) -> HpkeKdfType
Returns the HPKE KEM algorithm for this ciphersuitepub const fn hpke_kem_algorithm(&self) -> HpkeKemType
hpke_aead_algorithm
fn(&self) -> HpkeAeadType
Returns the HPKE AEAD algorithm for this ciphersuitepub const fn hpke_aead_algorithm(&self) -> HpkeAeadType
Returns the complete HPKE configuration (KEM, KDF, AEAD) for this ciphersuitepub const fn hpke_config(&self) -> HpkeConfig
Length Accessors
Returns the output length of the hash algorithm in bytespub const fn hash_length(&self) -> usize
Returns the length of the AEAD tag in bytespub const fn mac_length(&self) -> usize
Returns the key size of the AEAD in bytespub const fn aead_key_length(&self) -> usize
Returns the nonce length of the AEAD in bytespub const fn aead_nonce_length(&self) -> usize
Supporting Types
HashType
AeadType
AEAD algorithm types
AES-GCM 128 (16 byte key, 16 byte tag)
AES-GCM 256 (32 byte key, 16 byte tag)
ChaCha20-Poly1305 (32 byte key, 16 byte tag)
HpkeKemType
HPKE Key Encapsulation Mechanism types
XWing combiner for ML-KEM and X25519
HpkeKdfType
HPKE Key Derivation Function types
HpkeAeadType
Usage Example
use openmls::prelude::*;
let ciphersuite = Ciphersuite::MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519;
// Get cryptographic components
let hash_alg = ciphersuite.hash_algorithm();
let sig_scheme = ciphersuite.signature_algorithm();
let aead_alg = ciphersuite.aead_algorithm();
// Get algorithm lengths
let hash_len = ciphersuite.hash_length(); // 32 bytes for SHA-256
let mac_len = ciphersuite.mac_length(); // 16 bytes for AES-GCM
// Get HPKE configuration
let hpke_config = ciphersuite.hpke_config();