Skip to main content

Crate gbp_sframe

Crate gbp_sframe 

Source
Expand description

GBP-SFrame — SFrame (draft-ietf-sframe-enc) E2EE for GAP audio streams in the Group Protocol Stack.

§Overview

SFrame sits inside SRTP (or any transport-level encryption) and provides end-to-end confidentiality for media payloads: the SFU can forward packets based on RTP headers without seeing the Opus frame content.

┌──────────────────────────────────────────────────┐
│              Transport encryption                │  ← client ↔ SFU
│  ┌────────────────────────────────────────────┐  │
│  │               SFrame                       │  │  ← E2E client ↔ client
│  │   ┌──────────────────────────────────────┐  │  │
│  │   │   Encoded media (Opus / VP8 / VP9)   │  │  │
│  │   └──────────────────────────────────────┘  │  │
│  └────────────────────────────────────────────┘  │
└──────────────────────────────────────────────────┘

§Key derivation

After each MLS epoch change:

  1. Base keyMLS.ExportSecret(label, context=epoch_be8, length=32).
  2. Per-sender keyHKDF-Expand(base_key, "gbp sframe key " ‖ leaf_be4, L).
  3. Per-sender saltHKDF-Expand(base_key, "gbp sframe salt " ‖ leaf_be4, 12).
  4. Frame noncesalt XOR (CTR_LE64 ‖ 0x00_00_00_00).

The label passed to SFrameSession::from_mls is application-defined (e.g. "gbp/sframe v1"); this lets different deployments use distinct key universes without changing any other parameter.

§Quick start

use gbp_sframe::{SFrameSession, CipherSuite};

// Both sides derive a session from the same base key (in production this
// comes from SFrameSession::from_mls).
let session = SFrameSession::new([0x42u8; 32], 1, CipherSuite::Aes128Gcm);

let mut enc = session.encryptor(0);
let payload = enc.encrypt(b"hello audio", b"")?;

let mut dec = session.decryptor();
let (plaintext, sender_leaf) = dec.decrypt(&payload, b"")?;
assert_eq!(plaintext, b"hello audio");
assert_eq!(sender_leaf, 0);

Re-exports§

pub use cipher::SFrameDecryptor;
pub use cipher::SFrameEncryptor;
pub use error::SFrameError;
pub use header::SFrameHeader;
pub use kdf::CipherSuite;
pub use kdf::derive_base_key;

Modules§

cipher
AEAD encrypt/decrypt and the stateful encryptor/decryptor types.
error
Error type for SFrame operations.
header
SFrame header wire format.
kdf
Key derivation from MLS export secret.
replay
Sliding-window replay protection.

Structs§

SFrameSession
An SFrame session bound to one MLS epoch.