Expand description
§rust-bottle
Rust implementation of the Bottle protocol - layered message containers with encryption and signatures.
This library provides functionality similar to gobottle, including support for multiple key types, IDCards, Keychains, and Memberships.
§Overview
The Bottle protocol provides a secure way to package messages with multiple layers of encryption and signatures. Each encryption layer can target a different recipient, and multiple signers can sign the same bottle. This enables complex security scenarios like group messaging, multi-party encryption, and verifiable data structures.
§Core Concepts
- Bottles: Layered message containers that support multiple encryption and signature layers
- IDCards: Declarations of keys with specific purposes (sign, decrypt) and lifecycle management
- Keychains: Secure storage for private keys, indexed by public key fingerprints
- Memberships: Cryptographically signed group affiliations with role information
§Example
use rust_bottle::*;
use rand::rngs::OsRng;
// Create and encrypt a message
let message = b"Hello, Bottle!";
let mut bottle = Bottle::new(message.to_vec());
let rng = &mut OsRng;
let key = X25519Key::generate(rng);
bottle.encrypt(rng, &key.public_key_bytes()).unwrap();
// Decrypt
let opener = Opener::new();
let decrypted = opener.open(&bottle, Some(&key.private_key_bytes())).unwrap();
assert_eq!(decrypted, message);Re-exports§
pub use bottle::Bottle;pub use bottle::Opener;pub use errors::BottleError;pub use errors::Result;pub use idcard::IDCard;pub use keychain::Keychain;pub use membership::Membership;pub use signing::Sign;pub use signing::Verify;pub use ecdh::ecdh_decrypt;pub use ecdh::ecdh_decrypt_with_handler;pub use ecdh::ecdh_encrypt;pub use ecdh::ecdh_encrypt_with_handler;pub use ecdh::rsa_decrypt;pub use ecdh::rsa_encrypt;pub use ecdh::ECDHDecrypt;pub use ecdh::ECDHEncrypt;pub use keys::EcdsaP256Key;pub use keys::Ed25519Key;pub use keys::RsaKey;pub use keys::X25519Key;pub use pkix::marshal_pkcs8_private_key;pub use pkix::marshal_pkcs8_private_key_pem;pub use pkix::marshal_pkix_public_key;pub use pkix::marshal_pkix_public_key_pem;pub use pkix::marshal_pkix_public_key_with_type;pub use pkix::parse_pkcs8_private_key;pub use pkix::parse_pkcs8_private_key_pem;pub use pkix::parse_pkix_public_key;pub use pkix::parse_pkix_public_key_pem;pub use pkix::KeyType;pub use utils::decrypt_short_buffer;pub use utils::encrypt_short_buffer;pub use utils::mem_clr;