Skip to main content

DH_MODE

rgp

Constant DH_MODE 

Source 
pub const DH_MODE: u8 = 2;
Expand description

§

ENCRYPTED FORMAT:

  • nonce = 24 bytes
  • keys count
    • IF 0..=127
      • is single byte = 1 bit (set)
      • count = 7 bits
    • ELSE
      • is single byte = 1 bit (unset)
      • int size = 2 bits
      • count = 8-64 bits
  • encrypted copies of content key = pub_keys.len() * 32 bytes
  • encrypted content = content.len()
  • signature = 64 bytes (encrypted along with the content)
  • Poly1305 MAC = 16 bytes
  • mode = 1 byte (set to DH_MODE)

PROCESS:

  1. Generate one-time components
    • nonce
    • content key
  2. Sign plaintext to generate content signature
  3. Encrypt plaintext and content signature with content key
  4. Encrypt content key for all recipients
    • Generate shared secret with recipient’s public key and sender’s private key
    • Encrypt content key with shared secret