libsignal_protocol/
lib.rs

1//
2// Copyright 2020-2021 Signal Messenger, LLC.
3// SPDX-License-Identifier: AGPL-3.0-only
4//
5
6//! Rust implementation of the **[Signal Protocol]** for asynchronous
7//! forward-secret public-key cryptography.
8//!
9//! In particular, this library implements operations conforming to the following specifications:
10//! - the **[X3DH]** key agreement protocol,
11//! - the **[Double Ratchet]** *(Axolotl)* messaging protocol,
12//!
13//! [Signal Protocol]: https://signal.org/
14//! [X3DH]: https://signal.org/docs/specifications/x3dh/
15//! [Double Ratchet]: https://signal.org/docs/specifications/doubleratchet/
16
17#![warn(clippy::unwrap_used)]
18#![deny(unsafe_code)]
19
20// TODO(https://github.com/signalapp/libsignal/issues/285): it should be an aspiration to
21// eventually warn and then error for public members without docstrings. Also see
22// https://doc.rust-lang.org/rustdoc/what-to-include.html for background.
23// #![warn(missing_docs)]
24
25mod consts;
26mod crypto;
27pub mod error;
28mod fingerprint;
29mod group_cipher;
30mod identity_key;
31pub mod incremental_mac;
32pub mod kem;
33mod proto;
34mod protocol;
35mod ratchet;
36mod sealed_sender;
37mod sender_keys;
38mod session;
39mod session_cipher;
40mod state;
41mod storage;
42mod timestamp;
43
44use error::Result;
45pub use error::SignalProtocolError;
46pub use fingerprint::{
47    DisplayableFingerprint, Error as FingerprintError, Fingerprint, ScannableFingerprint,
48};
49pub use group_cipher::{
50    create_sender_key_distribution_message, group_decrypt, group_encrypt,
51    process_sender_key_distribution_message,
52};
53pub use identity_key::{IdentityKey, IdentityKeyPair};
54pub use libsignal_core::curve::{KeyPair, PrivateKey, PublicKey};
55pub use libsignal_core::{
56    Aci, DeviceId, Pni, ProtocolAddress, ServiceId, ServiceIdFixedWidthBinaryBytes, ServiceIdKind,
57};
58pub use protocol::{
59    CiphertextMessage, CiphertextMessageType, DecryptionErrorMessage, KyberPayload,
60    PlaintextContent, PreKeySignalMessage, SenderKeyDistributionMessage, SenderKeyMessage,
61    SignalMessage, extract_decryption_error_message_from_serialized_content,
62};
63pub use ratchet::{
64    AliceSignalProtocolParameters, BobSignalProtocolParameters, initialize_alice_session_record,
65    initialize_bob_session_record,
66};
67pub use sealed_sender::{
68    ContentHint, SealedSenderDecryptionResult, SealedSenderV2SentMessage,
69    SealedSenderV2SentMessageRecipient, SenderCertificate, ServerCertificate,
70    UnidentifiedSenderMessageContent, sealed_sender_decrypt, sealed_sender_decrypt_to_usmc,
71    sealed_sender_encrypt, sealed_sender_encrypt_from_usmc, sealed_sender_multi_recipient_encrypt,
72};
73pub use sender_keys::SenderKeyRecord;
74pub use session::{process_prekey, process_prekey_bundle};
75pub use session_cipher::{
76    message_decrypt, message_decrypt_prekey, message_decrypt_signal, message_encrypt,
77};
78pub use state::{
79    GenericSignedPreKey, KyberPreKeyId, KyberPreKeyRecord, PreKeyBundle, PreKeyBundleContent,
80    PreKeyId, PreKeyRecord, SessionRecord, SessionUsabilityRequirements, SignedPreKeyId,
81    SignedPreKeyRecord,
82};
83pub use storage::{
84    Direction, IdentityChange, IdentityKeyStore, InMemIdentityKeyStore, InMemKyberPreKeyStore,
85    InMemPreKeyStore, InMemSenderKeyStore, InMemSessionStore, InMemSignalProtocolStore,
86    InMemSignedPreKeyStore, KyberPreKeyStore, PreKeyStore, ProtocolStore, SenderKeyStore,
87    SessionStore, SignedPreKeyStore,
88};
89pub use timestamp::Timestamp;