Crate ferogram_crypto 

Cryptographic primitives for Telegram MTProto 2.0.

This crate is part of ferogram, an async Rust MTProto client built by Ankit Chaubey.

• Channel: t.me/Ferogram
• Chat: t.me/FerogramChat

Most users do not need this crate directly. The ferogram crate wraps everything. Use ferogram-crypto only if you are building your own MTProto transport layer or need direct access to the primitives.

What’s in here

• AES-256-IGE: MTProto’s symmetric cipher. aes::ige_encrypt and aes::ige_decrypt operate on 16-byte-aligned buffers.
• SHA-1 / SHA-256: Hash macros used throughout key derivation and message authentication.
• Pollard-rho PQ factorization: Required by the DH handshake: Telegram sends a 64-bit semiprime and expects you to factor it. factorize does this.
• RSA (MTProto RSA-PAD): Used during the initial key exchange to encrypt the inner request to Telegram’s known public keys. See rsa.
• AuthKey: The 256-byte session key derived after a successful DH exchange. Wraps the raw bytes and exposes the auxiliary hash needed for MTProto 2.0 message encryption.
• MTProto 2.0 encrypt / decrypt: encrypt_data_v2 and decrypt_data_v2 implement the full AES-IGE + SHA-256 message protection scheme from the spec.
• DH nonce-to-key derivation: Derives auth_key from the DH result bytes using the MTProto KDF.
• Obfuscated transport: ObfuscatedCipher implements the random-padding
  • AES-CTR obfuscation layer used by ObfuscatedAbridged transport.

Example: AES-IGE round-trip

use ferogram_crypto::aes::{ige_encrypt, ige_decrypt};

let key = [0u8; 32];
let iv  = [0u8; 32];
let mut data = vec![0u8; 48]; // must be 16-byte aligned

ige_encrypt(&mut data, &key, &iv);
ige_decrypt(&mut data, &key, &iv);
// data is back to zeros

Example: factorize

use ferogram_crypto::factorize;

let (p, q) = factorize(0x17ED48941A08F981);
assert!(p < q);
assert_eq!(p * q, 0x17ED48941A08F981);

Modules

aes

rsa

Macros

sha1

sha256

Calculate the SHA-256 hash of one or more byte slices concatenated.

Structs

AuthKey

A Telegram authorization key (256 bytes) plus pre-computed identifiers.

DequeBuffer

Growable byte buffer that supports efficient front-extension.

ObfuscatedCipher

AES-256-CTR stream cipher pair for MTProto obfuscated transport.

Enums

DecryptError

Errors from decrypt_data_v2.

DhError

Errors returned by check_p_and_g.

Functions

check_p_and_g

Validate the Diffie-Hellman prime p and generator g received from the Telegram server during MTProto key exchange.

decrypt_data_v2

Decrypt an MTProto 2.0 ciphertext.

derive_aes_key_iv_v1

Derive the AES key and IV for MTProto v1 (old-style, SHA-1-based).

encrypt_data_v2

Encrypt buffer (in-place, with prepended header) using MTProto 2.0.

factorize

Factorize pq into two prime factors (p, q) where p ≤ q.

generate_key_data_from_nonce

Derive (key, iv) from nonces for decrypting ServerDhParams.encrypted_answer.