rust_bottle/lib.rs
1//! # rust-bottle
2//!
3//! Rust implementation of the Bottle protocol - layered message containers
4//! with encryption and signatures.
5//!
6//! This library provides functionality similar to [gobottle](https://github.com/BottleFmt/gobottle),
7//! including support for multiple key types, IDCards, Keychains, and Memberships.
8//!
9//! ## Overview
10//!
11//! The Bottle protocol provides a secure way to package messages with multiple layers
12//! of encryption and signatures. Each encryption layer can target a different recipient,
13//! and multiple signers can sign the same bottle. This enables complex security
14//! scenarios like group messaging, multi-party encryption, and verifiable data
15//! structures.
16//!
17//! ## Core Concepts
18//!
19//! - **Bottles**: Layered message containers that support multiple encryption and signature layers
20//! - **IDCards**: Declarations of keys with specific purposes (sign, decrypt) and lifecycle management
21//! - **Keychains**: Secure storage for private keys, indexed by public key fingerprints
22//! - **Memberships**: Cryptographically signed group affiliations with role information
23//!
24//! ## Example
25//!
26//! ```rust
27//! use rust_bottle::*;
28//! use rand::rngs::OsRng;
29//!
30//! // Create and encrypt a message
31//! let message = b"Hello, Bottle!";
32//! let mut bottle = Bottle::new(message.to_vec());
33//!
34//! let rng = &mut OsRng;
35//! let key = X25519Key::generate(rng);
36//! bottle.encrypt(rng, &key.public_key_bytes()).unwrap();
37//!
38//! // Decrypt
39//! let opener = Opener::new();
40//! let decrypted = opener.open(&bottle, Some(&key.private_key_bytes())).unwrap();
41//! assert_eq!(decrypted, message);
42//! ```
43
44pub mod bottle;
45pub mod ecdh;
46pub mod errors;
47pub mod hash;
48pub mod idcard;
49pub mod keychain;
50pub mod keys;
51pub mod membership;
52pub mod pkix;
53pub mod signing;
54pub mod utils;
55
56/// Core bottle types for message containers
57pub use bottle::{Bottle, Opener};
58
59/// Error types and result aliases
60pub use errors::{BottleError, Result};
61
62/// IDCard for key management
63pub use idcard::IDCard;
64
65/// Keychain for secure key storage
66pub use keychain::Keychain;
67
68/// Membership for group affiliations
69pub use membership::Membership;
70
71/// Signing and verification traits
72pub use signing::{Sign, Verify};
73
74/// ECDH encryption and decryption functions
75pub use ecdh::{ecdh_decrypt, ecdh_encrypt, rsa_decrypt, rsa_encrypt, ECDHDecrypt, ECDHEncrypt};
76
77/// Post-quantum encryption functions (requires `ml-kem` feature)
78#[cfg(feature = "ml-kem")]
79pub use ecdh::{
80 hybrid_decrypt_mlkem768_x25519, hybrid_encrypt_mlkem768_x25519, mlkem1024_decrypt,
81 mlkem1024_encrypt, mlkem768_decrypt, mlkem768_encrypt,
82};
83
84/// Cryptographic key types (classical)
85pub use keys::{EcdsaP256Key, Ed25519Key, RsaKey, X25519Key};
86
87/// Post-quantum signature key types (requires `post-quantum` feature)
88#[cfg(feature = "post-quantum")]
89pub use keys::{MlDsa44Key, MlDsa65Key, MlDsa87Key, SlhDsa128sKey, SlhDsa192sKey, SlhDsa256sKey};
90
91/// Post-quantum encryption key types (requires `ml-kem` feature)
92#[cfg(feature = "ml-kem")]
93pub use keys::{MlKem1024Key, MlKem768Key};
94
95/// PKIX/PKCS#8 key serialization
96pub use pkix::{
97 marshal_pkcs8_private_key, marshal_pkcs8_private_key_pem, marshal_pkix_public_key,
98 marshal_pkix_public_key_pem, marshal_pkix_public_key_with_type, parse_pkcs8_private_key,
99 parse_pkcs8_private_key_pem, parse_pkix_public_key, parse_pkix_public_key_pem, KeyType,
100};
101
102/// Utility functions
103pub use utils::{decrypt_short_buffer, encrypt_short_buffer, mem_clr};