Module secure

A tls-like module for relay packets

Establish a secure Channel between two people using temporary Sessions.

Example

use tox_core::relay::secure::*;

let alice_session = Session::random();
let bob_session = Session::random();

// assume we got Alice's PK & Nonce via handshake
let alice_pk = *alice_session.pk();
let alice_nonce = *alice_session.nonce();

// assume we got Bob's PK & Nonce via handshake
let bob_pk = *bob_session.pk();
let bob_nonce = *bob_session.nonce();

// Now both Alice and Bob may create secure Channels
let alice_channel = Channel::new(&alice_session, &bob_pk, &bob_nonce);
let bob_channel = Channel::new(&bob_session, &alice_pk, &alice_nonce);

// And now they may communicate sending encrypted data to each other

// Alice encrypts the message
let alice_msg = "Hello Bob!";
let alice_msg_encrypted = alice_channel.encrypt(alice_msg.as_bytes());
assert_ne!(alice_msg.as_bytes().to_vec(), alice_msg_encrypted);
// Alice sends it somehow

// Bob receives and decrypts
assert_eq!( alice_msg.as_bytes().to_vec(), bob_channel.decrypt(alice_msg_encrypted.as_ref()).unwrap() );

// Now Bob encrypts his message
let bob_msg = "Oh hello Alice!";
let bob_msg_encrypted = bob_channel.encrypt(bob_msg.as_bytes());
assert_ne!(bob_msg.as_bytes().to_vec(), bob_msg_encrypted);
// And sends it back to Alice

assert_eq!( bob_msg.as_bytes().to_vec(), alice_channel.decrypt(bob_msg_encrypted.as_ref()).unwrap() );

Structs

Channel

Encrypt TCP packets with credentials. Increment sent_nonce after data was encrypted. increment recv_nonce after data was decrypted.

Session

A Session is created on both sides. Its PK and Nonce is sent from a client to server via handshake. A server creates its own Session, creates Channel and replies with its Session PK and Nonce to the client, the client creates Channel.