pg_core/consts.rs
1//! Constants used in the PostGuard protocol.
2
3/// Version 0 (legacy).
4///
5/// This version used the Kiltz-Vahlis-1 scheme.
6/// The header format was defined by Postcard, but is no longer supported.
7pub const VERSION_V1: u16 = 0;
8
9/// Version 1 (legacy).
10///
11/// This version uses the CGW anonymous IBE scheme to construct a KEM variant. This scheme can
12/// encapsulate the same shared secret for multiple recipients. This version also supports
13/// conjunctions. For this version we required the header to be dynamic.
14/// The header format is defined by MessagePack.
15pub const VERSION_V2: u16 = 1;
16
17/// Version 2.
18///
19/// This version uses the CGW anonymous IBE scheme to construct a KEM variant.
20/// The scheme supports a Sign-then-Encrypt composition using the GG-IBS scheme.
21/// The binary header format is defined by Bincode.
22pub const VERSION_V3: u16 = 2;
23
24/// The size of the tag with which all PostGuard bytestreams begin.
25pub const PRELUDE_SIZE: usize = 4;
26
27/// The tag bytes with which all PostGuard bytestreams begin.
28pub const PRELUDE: [u8; PRELUDE_SIZE] = [0x14, 0x8A, 0x8E, 0xA7];
29
30/// The size of the version identifier.
31pub const VERSION_SIZE: usize = core::mem::size_of::<u16>();
32
33/// The size of the header size.
34pub const HEADER_SIZE_SIZE: usize = core::mem::size_of::<u32>();
35
36/// The size of the signature size.
37pub const SIG_SIZE_SIZE: usize = core::mem::size_of::<u32>();
38
39/// The size of the policy size.
40pub const POL_SIZE_SIZE: usize = core::mem::size_of::<u32>();
41
42/// The maximum size of the header (1 MiB).
43pub const MAX_HEADER_SIZE: usize = 1024 * 1024;
44
45/// The maximum size of symmetric segments (4 MiB).
46pub const MAX_SYMMETRIC_CHUNK_SIZE: u32 = 1024 * 1024 * 4;
47
48/// The preamble contains the following bytes:
49/// * Prelude: 4 bytes,
50/// * Version identifier: 2 bytes,
51/// * Size of header: 4 bytes,
52/// * Totalling: 4 + 2 + 4 = 10 bytes.
53pub const PREAMBLE_SIZE: usize = PRELUDE_SIZE + VERSION_SIZE + HEADER_SIZE_SIZE;
54
55/// Default size of symmetric encryption segments, if in streaming mode.
56///
57/// A reasonable default is 256 KiB.
58pub const SYMMETRIC_CRYPTO_DEFAULT_CHUNK: u32 = 256 * 1024;
59
60// Symmetric crypto constants.
61// This library uses AES128 because BLS12-381 is only secure up to around 120 bits.
62
63/// Size of the symmetric key.
64pub const KEY_SIZE: usize = 16;
65
66/// Size of the initialization vector.
67pub const IV_SIZE: usize = 12;
68
69// The STREAM construction needs only 12 bytes:
70// A 7-byte nonce, a 4-byte counter (u32) and an all-zero or all-one byte,
71// depending on if the segment is the final segment.
72
73/// Size of the nonce in the "STREAM" encryption construction.
74pub const STREAM_NONCE_SIZE: usize = 7;
75
76/// Size of the authentication tag.
77/// The authentication tag is appended to each segment.
78pub const TAG_SIZE: usize = 16;