rust-bottle 0.1.0

Rust implementation of Bottle protocol - layered message containers with encryption and signatures
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

//! # rust-bottle
//!
//! Rust implementation of the Bottle protocol - layered message containers
//! with encryption and signatures.
//!
//! This library provides functionality similar to [gobottle](https://github.com/BottleFmt/gobottle),
//! including support for multiple key types, IDCards, Keychains, and Memberships.
//!
//! ## Overview
//!
//! The Bottle protocol provides a secure way to package messages with multiple layers
//! of encryption and signatures. Each encryption layer can target a different recipient,
//! and multiple signers can sign the same bottle. This enables complex security
//! scenarios like group messaging, multi-party encryption, and verifiable data
//! structures.
//!
//! ## Core Concepts
//!
//! - **Bottles**: Layered message containers that support multiple encryption and signature layers
//! - **IDCards**: Declarations of keys with specific purposes (sign, decrypt) and lifecycle management
//! - **Keychains**: Secure storage for private keys, indexed by public key fingerprints
//! - **Memberships**: Cryptographically signed group affiliations with role information
//!
//! ## Example
//!
//! ```rust
//! use rust_bottle::*;
//! use rand::rngs::OsRng;
//!
//! // Create and encrypt a message
//! let message = b"Hello, Bottle!";
//! let mut bottle = Bottle::new(message.to_vec());
//!
//! let rng = &mut OsRng;
//! let key = X25519Key::generate(rng);
//! bottle.encrypt(rng, &key.public_key_bytes()).unwrap();
//!
//! // Decrypt
//! let opener = Opener::new();
//! let decrypted = opener.open(&bottle, Some(&key.private_key_bytes())).unwrap();
//! assert_eq!(decrypted, message);
//! ```

pub mod bottle;
pub mod ecdh;
pub mod errors;
pub mod hash;
pub mod idcard;
pub mod keychain;
pub mod keys;
pub mod membership;
pub mod pkix;
pub mod signing;
pub mod utils;

/// Core bottle types for message containers
pub use bottle::{Bottle, Opener};

/// Error types and result aliases
pub use errors::{BottleError, Result};

/// IDCard for key management
pub use idcard::IDCard;

/// Keychain for secure key storage
pub use keychain::Keychain;

/// Membership for group affiliations
pub use membership::Membership;

/// Signing and verification traits
pub use signing::{Sign, Verify};

/// ECDH encryption and decryption functions
pub use ecdh::{ecdh_decrypt, ecdh_encrypt, rsa_decrypt, rsa_encrypt, ECDHDecrypt, ECDHEncrypt};

/// Post-quantum encryption functions (requires `ml-kem` feature)
#[cfg(feature = "ml-kem")]
pub use ecdh::{
    hybrid_decrypt_mlkem768_x25519, hybrid_encrypt_mlkem768_x25519, mlkem1024_decrypt,
    mlkem1024_encrypt, mlkem768_decrypt, mlkem768_encrypt,
};

/// Cryptographic key types (classical)
pub use keys::{EcdsaP256Key, Ed25519Key, RsaKey, X25519Key};

/// Post-quantum signature key types (requires `post-quantum` feature)
#[cfg(feature = "post-quantum")]
pub use keys::{MlDsa44Key, MlDsa65Key, MlDsa87Key, SlhDsa128sKey, SlhDsa192sKey, SlhDsa256sKey};

/// Post-quantum encryption key types (requires `ml-kem` feature)
#[cfg(feature = "ml-kem")]
pub use keys::{MlKem1024Key, MlKem768Key};

/// PKIX/PKCS#8 key serialization
pub use pkix::{
    marshal_pkcs8_private_key, marshal_pkcs8_private_key_pem, marshal_pkix_public_key,
    marshal_pkix_public_key_pem, marshal_pkix_public_key_with_type, parse_pkcs8_private_key,
    parse_pkcs8_private_key_pem, parse_pkix_public_key, parse_pkix_public_key_pem, KeyType,
};

/// Utility functions
pub use utils::{decrypt_short_buffer, encrypt_short_buffer, mem_clr};