Expand description
End-to-end ElGamal encryption for byte payloads.
This module models E2E encryption as two separate protocol facts:
- peers discover encryption public keys with signed handshake messages;
- message bodies are encrypted directly with secp256k1 ElGamal stream
frames, each carried by its own signed
MessagePayload.
Rings intentionally uses the DID/account secp256k1 public key as the ElGamal key. The public key carried by a handshake or encrypted message must resolve to the signed DID; this is the protocol’s key-ownership proof. The module does not derive a separate encryption subkey.
The direct ElGamal body is deliberately not KEM/DEM or AEAD. Keeping the
ciphertext in group-element form preserves the algebraic structure needed by
future homomorphic operations. That also means ciphertext frames are
malleable if detached from the signed message envelope. Integrity, sender
authentication, public-key ownership, and per-frame integrity are provided by
the surrounding MessagePayload
signature. The stream id, sequence, and final marker make truncation
observable and let the decryptor release reordered frames as a gapless
plaintext stream.
Structs§
- E2eHandshake
Request - An invitation to start E2E encryption with the requester’s public key.
- E2eHandshake
Response - An acceptance of an E2E handshake with the responder’s public key.
- E2eStream
Decryptor - Stateful streaming decryptor for direct ElGamal body frames.
- E2eStream
Encryptor - Stateful streaming encryptor for direct ElGamal body frames.
- E2eStream
Frame - One ordered ElGamal-encrypted stream frame.
- E2eStream
Frames - Lazy iterator that encrypts one E2E stream frame per iteration.
Constants§
- DEFAULT_
E2E_ PLAINTEXT_ FRAME_ LEN - Default plaintext bytes per encrypted E2E stream frame.
- DEFAULT_
E2E_ REORDER_ WINDOW_ FRAMES - Default maximum number of out-of-order future frames buffered per stream.
- E2E_
PLAINTEXT_ BLOCK_ LEN - Plaintext bytes carried by one ElGamal body block.
Functions§
- decrypt_
stream - Decrypt a complete direct-ElGamal E2E frame sequence into bytes.
- encrypt_
stream_ frames - Encrypt a byte slice lazily with the default thread-local RNG.
- encrypt_
stream_ frames_ with_ rng - Encrypt a byte slice lazily into direct-ElGamal E2E stream frames.
- encrypt_
stream_ with_ rng - Encrypt a byte slice into direct-ElGamal E2E stream frames.
- ensure_
public_ key_ matches_ did - Verify that a public key hashes to the expected DID.
Type Aliases§
- E2eStream
Id - Identifier shared by all frames of one encrypted E2E stream.