[][src]Trait double_ratchet::CryptoProvider

pub trait CryptoProvider {
    type PublicKey: AsRef<[u8]> + Clone + Eq + Hash;
    type KeyPair: KeyPair<PublicKey = Self::PublicKey>;
    type SharedSecret;
    type RootKey;
    type ChainKey;
    type MessageKey;
    fn diffie_hellman(
        us: &Self::KeyPair, 
        them: &Self::PublicKey
    ) -> Self::SharedSecret;

    fn kdf_rk(
        root_key: &Self::RootKey, 
        shared_secret: &Self::SharedSecret
    ) -> (Self::RootKey, Self::ChainKey);

    fn kdf_ck(chain_key: &Self::ChainKey) -> (Self::ChainKey, Self::MessageKey);

    fn encrypt(
        key: &Self::MessageKey, 
        plaintext: &[u8], 
        associated_data: &[u8]
    ) -> Vec<u8>;

    fn decrypt(
        key: &Self::MessageKey, 
        ciphertext: &[u8], 
        associated_data: &[u8]
    ) -> Result<Vec<u8>, DecryptError>;
}

Provider of the required cryptographic types and functions.

The implementer of this trait provides the DoubleRatchet with the required external functions as given in the specification.

Security considerations

The details of the CryptoProvider are critical for providing security of the communication. The DoubleRatchet can only guarantee security of communication when instantiated with a CryptoProvider with secure types and functions. The specification provides some sensible recommendations and for example code using the DoubleRatchet see tests/signal.rs.

Associated Types

type PublicKey: AsRef<[u8]> + Clone + Eq + Hash

A public key for use in the Diffie-Hellman calculation.

It is assumed that a PublicKey holds a valid key, so if any verification is required the constructor of this type would be a good place to do so.

type KeyPair: KeyPair<PublicKey = Self::PublicKey>

A private/public key-pair for use in the Diffie-Hellman calculation.

type SharedSecret

The result of a Diffie-Hellman calculation.

type RootKey

A RootKey is used in the outer Diffie-Hellman ratchet.

type ChainKey

A ChainKey is used in the inner symmetric ratchets.

type MessageKey

A MessageKey is used to encrypt/decrypt messages.

The implementation of this type could be a complex type: for example an implementation that works by the encrypt-then-MAC paradigm may require a tuple consisting of an encryption key and a MAC key.

Loading content...

Required methods

fn diffie_hellman(
    us: &Self::KeyPair,
    them: &Self::PublicKey
) -> Self::SharedSecret

Perform the Diffie-Hellman operation.

fn kdf_rk(
    root_key: &Self::RootKey,
    shared_secret: &Self::SharedSecret
) -> (Self::RootKey, Self::ChainKey)

Derive a new root-key/chain-key pair from the old root-key and a fresh shared secret.

fn kdf_ck(chain_key: &Self::ChainKey) -> (Self::ChainKey, Self::MessageKey)

Derive a new chain-key/message-key pair from the old chain-key.

fn encrypt(
    key: &Self::MessageKey,
    plaintext: &[u8],
    associated_data: &[u8]
) -> Vec<u8>

Authenticate-encrypt the plaintext and associated data.

This method MUST authenticate the associated data, as it contains the header bytes

fn decrypt(
    key: &Self::MessageKey,
    ciphertext: &[u8],
    associated_data: &[u8]
) -> Result<Vec<u8>, DecryptError>

Verify-decrypt the ciphertext and associated data.

Loading content...

Implementors

Loading content...