Function onionsalt::onionbox

pub fn onionbox(
    keys_and_routings: &[(PublicKey, [u8; 24])], 
    payload_recipient: usize
) -> Result<OnionBox, NaClError>

Encrypt a message in an onion defined by keys_and_routings, with payload directed to payload_recipient.

keys_and_routings is the sequence of public keys owned by recipients, and the routing information that said recipient should use, presumably to send the message to the next recipient. There can be up to ROUTE_COUNT elements in this slice. The final address should be our own, if a return message is desired. The routing information should indicate to the payload recipient (whose index in the slice is payload_recipient) what to do with the payload.

Security properties

No recipient (not possessing the secret keys of any other recipient) by examining the packet received should be able to determine any information other than the plaintext contents of the routing information (except for the payload recipient, who should also be able to read the plaintext payload. Similarly, each recipient can be confident that the routing information has not been tampered with, although it could have been replaced in its entirety with other routing information.

The recipient of the message payload may ensure that the payload originated from the sender (or someone with the sender's secret key), although the recipient cannot prove this to anyone else.

Things to keep in mind:

1. There is no protection against tampering with the payload until the payload is received by the recipient. Thus the recipient must take particular care not to reveal anything by its response to the payload.

2. No recipient can in any way determine (from the message received) her place in the series of routing.