About docs.rs Privacy policy Build queue

Crate onionsalt [] [src]

The onionsalt crate.

The Onion Salt encryption scheme is an onion encryption scheme that is closely derived from the NaCl crypto_box format.

Examples

Here is a simple example of onion encrypting a message and decrypting it.

let pairs = [crypto::box_keypair(),
             crypto::box_keypair(),
             crypto::box_keypair(),
             crypto::box_keypair(),
             crypto::box_keypair(),
             crypto::box_keypair()];
let recipient = 2;
let recipient_key = pairs[recipient].clone();
let keys_and_routes: [(crypto::PublicKey, [u8; ROUTING_LENGTH]); ROUTE_COUNT]
                       = [(pairs[0].public, *b"address for 0 router    "),
                          (pairs[1].public, *b"the address for router 1"),
                          (pairs[2].public, *b"this is the recipient!!!"),
                          (pairs[3].public, *b"the next router is nice."),
                          (pairs[4].public, *b"the second-to-last node."),
                          (pairs[5].public, *b"This is my own address. ")];
let mut payload: [u8; PAYLOAD_LENGTH] = [0; PAYLOAD_LENGTH];
payload[3] = 3;
let payload = payload;
let our_personal_key = crypto::box_keypair();
let mut ob = onionbox(&keys_and_routes, recipient).unwrap();
ob.add_payload(our_personal_key, &payload);

let mut packet = ob.packet();
let response = [1; PAYLOAD_LENGTH];
for i in 0..6 {
    println!("opening box {}", i);
    let mut oob = onionbox_open(&packet, &pairs[i].secret).unwrap();
    println!("grabbing routing for {}", i);
    let routing = oob.routing();
    // routing now holds the routing information sent to "i"
    if i == recipient {
        // This is how to attach a response if you are the recipient.
        oob.respond(&recipient_key, &response);
    }
    packet = oob.packet();
}
let resp = ob.read_return(our_personal_key, &packet).unwrap();
// resp now holds the return message, authenticated and decrypted.

Modules

creatediagrams
crypto

A rust translation of the TweetNaCl library. It is mostly a direct translation, but in places I tried to make the API more rustic. It has three major features, of which you are likely to use only one.

Structs

OnionBox
OpenedOnionBox

Constants

ENCRYPTEDPAYLOAD_LENGTH

The size of an encrypted payload.
PACKET_LENGTH

PACKET_LENGTH is the size that we actually send to each recipient.
PAYLOAD_LENGTH

PAYLOAD_LENGTH is the size of the payload that the primary recipient can get. It differs from ENCRYPTEDPAYLOAD_LENGTH by 48 (or OVERHEADBYTES).
ROUTE_COUNT

The number of routers we send through. Eventually I want to implement the feature to send through fewer routers with the message arriving back early.
ROUTING_LENGTH

The ROUTING_LENGTH is big enough for an ipv6 address and some extra information.

Functions

onionbox

Encrypt a message in an onion defined by keys_and_routings, with payload directed to payload_recipient.
onionbox_open

The message is passed in input, and a struct is returned which has methods to access the decrypted routing information, the decrypted message (to be passed to the next router), to access the payload, and to insert an encrypted response to the payload.