Traits & External Types

OpenMLS defines several traits that have to be implemented to use OpenMLS. The main goal is to allow OpenMLS to use different implementations for its cryptographic primitives, persistence, and random number generation. This should make it possible to plug in anything from WebCrypto to secure enclaves.

Using the key store

The key store is probably one of the most interesting traits because applications that use OpenMLS will interact with it. See the OpenMlsKeyStore trait description for details but note that the key used to store, read, and delete values in the key store has to be provided as a byte slice.

In the following examples, we have a ciphersuite and a provider (OpenMlsCryptoProvider).

    // First we generate a credential and key package for our user.
    let credential = Credential::new(b"User ID".to_vec(), CredentialType::Basic).unwrap();
    let signature_keys = SignatureKeyPair::new(ciphersuite.into()).unwrap();

    let key_package = KeyPackage::builder()
            CredentialWithKey {
                signature_key: signature_keys.to_public_vec().into(),

The delete is called with the identifier to delete a value.

    // Delete the key package
        .expect("Error deleting key package");

Retrieving a value from the key store is as simple as calling read. In this example, we assume we got a credential where we want to retrieve the credential bundle, i.e., the private key material.