Function onionsalt::onionbox
[−]
[src]
pub fn onionbox(keys_and_routings: &[(PublicKey, [u8; 24])], payload_recipient: usize) -> Result<OnionBox, NaClError>
Encrypt a message in an onion defined by keys_and_routings
, with
payload
directed to payload_recipient
.
keys_and_routings
is the sequence of public keys owned by
recipients, and the routing information that said recipient should
use, presumably to send the message to the next recipient. There
can be up to ROUTE_COUNT
elements in this slice. The final
address should be our own, if a return message is desired. The
routing information should indicate to the payload recipient
(whose index in the slice is payload_recipient
) what to do with
the payload.
Security properties
No recipient (not possessing the secret keys of any other recipient) by examining the packet received should be able to determine any information other than the plaintext contents of the routing information (except for the payload recipient, who should also be able to read the plaintext payload. Similarly, each recipient can be confident that the routing information has not been tampered with, although it could have been replaced in its entirety with other routing information.
The recipient of the message payload may ensure that the payload originated from the sender (or someone with the sender's secret key), although the recipient cannot prove this to anyone else.
Things to keep in mind:
There is no protection against tampering with the payload until the payload is received by the recipient. Thus the recipient must take particular care not to reveal anything by its response to the payload.
No recipient can in any way determine (from the message received) her place in the series of routing.