Crate libsignal_protocol

Rust implementation of the Signal Protocol for asynchronous forward-secret public-key cryptography.

In particular, this library implements operations conforming to the following specifications:

• the X3DH key agreement protocol,
• the Double Ratchet (Axolotl) messaging protocol,

Re-exports

• pub use error::SignalProtocolError;

Modules

• error
• incremental_mac
• kem
  Keys and protocol functions for standard key encapsulation mechanisms (KEMs).

Structs

• AliceSignalProtocolParameters
• BobSignalProtocolParameters
• DecryptionErrorMessage
• DeviceId
  The type used in memory to represent a device, i.e. a particular Signal client instance which represents some user.
• DisplayableFingerprint
• Fingerprint
• IdentityKey
  A public key that represents the identity of a user.
• IdentityKeyPair
  The private identity of a user.
• InMemIdentityKeyStore
  Reference implementation of traits::IdentityKeyStore.
• InMemKyberPreKeyStore
  Reference implementation of traits::KyberPreKeyStore.
• InMemPreKeyStore
  Reference implementation of traits::PreKeyStore.
• InMemSenderKeyStore
  Reference implementation of traits::SenderKeyStore.
• InMemSessionStore
  Reference implementation of traits::SessionStore.
• InMemSignalProtocolStore
  Reference implementation of traits::ProtocolStore.
• InMemSignedPreKeyStore
  Reference implementation of traits::SignedPreKeyStore.
• KeyPair
• KyberPayload
• KyberPreKeyId
  A unique identifier selecting among this client’s known signed pre-keys.
• KyberPreKeyRecord
• PlaintextContent
• PreKeyBundle
• PreKeyBundleContent
• PreKeyId
  A unique identifier selecting among this client’s known pre-keys.
• PreKeyRecord
• PreKeySignalMessage
• PrivateKey
• ProtocolAddress
  Represents a unique Signal client instance as (<user ID>, <device ID>) pair.
• PublicKey
• ScannableFingerprint
• SealedSenderDecryptionResult
• SealedSenderV2SentMessage
  A parsed representation of a Sealed Sender v2 SentMessage.
• SealedSenderV2SentMessageRecipient
  Represents a single recipient in an SSv2 SentMessage.
• SenderCertificate
• SenderKeyDistributionMessage
• SenderKeyMessage
• SenderKeyRecord
• ServerCertificate
• SessionRecord
• SignalMessage
• SignedPreKeyId
  A unique identifier selecting among this client’s known signed pre-keys.
• SignedPreKeyRecord
• Timestamp
  Timestamp recorded as milliseconds since the Unix epoch.
• UnidentifiedSenderMessageContent

Enums

• CiphertextMessage
• CiphertextMessageType
• ContentHint
• Direction
  Each Signal message can be considered to have exactly two participants, a sender and receiver.
• ServiceId
  A Signal service ID, which can be one of various types.
• ServiceIdKind
  Known types of ServiceId.

Traits

• GenericSignedPreKey
• IdentityKeyStore
  Interface defining the identity store, which may be in-memory, on-disk, etc.
• KyberPreKeyStore
  Interface for storing signed Kyber pre-keys downloaded from a server.
• PreKeyStore
  Interface for storing pre-keys downloaded from a server.
• ProtocolStore
  Mixes in all the store interfaces defined in this module.
• SenderKeyStore
  Interface for storing sender key records, allowing multiple keys per user.
• SessionStore
  Interface for a Signal client instance to store a session associated with another particular separate Signal client instance.
• SignedPreKeyStore
  Interface for storing signed pre-keys downloaded from a server.

Functions

• create_sender_key_distribution_message
• extract_decryption_error_message_from_serialized_content
  For testing
• group_decrypt
• group_encrypt
• initialize_alice_session_record
• initialize_bob_session_record
• message_decrypt
• message_decrypt_prekey
• message_decrypt_signal
• message_encrypt
• process_prekey
• process_prekey_bundle
• process_sender_key_distribution_message
• sealed_sender_decrypt
  Decrypt a Sealed Sender message ciphertext in either the v1 or v2 format, validate its sender certificate, and then decrypt the inner message payload.
• sealed_sender_decrypt_to_usmc
  Decrypt the payload of a sealed-sender message in either the v1 or v2 format.
• sealed_sender_encrypt
  Encrypt the plaintext message ptext, generate an UnidentifiedSenderMessageContent, then pass the result to sealed_sender_encrypt_from_usmc.
• sealed_sender_encrypt_from_usmc
  This method implements the single-key single-recipient KEM described in this Signal blog post, a.k.a. Sealed Sender v1.
• sealed_sender_multi_recipient_encrypt
  This method implements a single-key multi-recipient KEM as defined in Manuel Barbosa’s “Randomness Reuse: Extensions and Improvements”, a.k.a. Sealed Sender v2.

Type Aliases

• Aci
  A service ID representing an ACI (“ACcount Identifier”).
• Pni
  A service ID representing a PNI (“Phone Number Identifier”).
• ServiceIdFixedWidthBinaryBytes
  The fixed-width binary representation of a ServiceId.