Expand description
Rust implementation of the Signal Protocol for asynchronous forward-secret public-key cryptography.
In particular, this library implements operations conforming to the following specifications:
- the X3DH key agreement protocol,
- the Double Ratchet (Axolotl) messaging protocol,
Re-exports§
pub use error::SignalProtocolError;
Modules§
- error
- incremental_
mac - kem
- Keys and protocol functions for standard key encapsulation mechanisms (KEMs).
Structs§
- Alice
Signal Protocol Parameters - BobSignal
Protocol Parameters - Decryption
Error Message - Device
Id - The type used in memory to represent a device, i.e. a particular Signal client instance which represents some user.
- Displayable
Fingerprint - Fingerprint
- Identity
Key - A public key that represents the identity of a user.
- Identity
KeyPair - The private identity of a user.
- InMem
Identity KeyStore - Reference implementation of traits::IdentityKeyStore.
- InMem
Kyber PreKey Store - Reference implementation of traits::KyberPreKeyStore.
- InMem
PreKey Store - Reference implementation of traits::PreKeyStore.
- InMem
Sender KeyStore - Reference implementation of traits::SenderKeyStore.
- InMem
Session Store - Reference implementation of traits::SessionStore.
- InMem
Signal Protocol Store - Reference implementation of traits::ProtocolStore.
- InMem
Signed PreKey Store - Reference implementation of traits::SignedPreKeyStore.
- KeyPair
- Kyber
Payload - Kyber
PreKey Id - A unique identifier selecting among this client’s known signed pre-keys.
- Kyber
PreKey Record - Plaintext
Content - PreKey
Bundle - PreKey
Bundle Content - PreKey
Id - A unique identifier selecting among this client’s known pre-keys.
- PreKey
Record - PreKey
Signal Message - Private
Key - Protocol
Address - Represents a unique Signal client instance as
(<user ID>, <device ID>)pair. - Public
Key - Scannable
Fingerprint - Sealed
Sender Decryption Result - Sealed
Sender V2Sent Message - A parsed representation of a Sealed Sender v2 SentMessage.
- Sealed
Sender V2Sent Message Recipient - Represents a single recipient in an SSv2 SentMessage.
- Sender
Certificate - Sender
KeyDistribution Message - Sender
KeyMessage - Sender
KeyRecord - Server
Certificate - Session
Record - Signal
Message - Signed
PreKey Id - A unique identifier selecting among this client’s known signed pre-keys.
- Signed
PreKey Record - Timestamp
- Timestamp recorded as milliseconds since the Unix epoch.
- Unidentified
Sender Message Content
Enums§
- Ciphertext
Message - Ciphertext
Message Type - Content
Hint - Direction
- Each Signal message can be considered to have exactly two participants, a sender and receiver.
- Service
Id - A Signal service ID, which can be one of various types.
- Service
IdKind - Known types of ServiceId.
Traits§
- Generic
Signed PreKey - Identity
KeyStore - Interface defining the identity store, which may be in-memory, on-disk, etc.
- Kyber
PreKey Store - Interface for storing signed Kyber pre-keys downloaded from a server.
- PreKey
Store - Interface for storing pre-keys downloaded from a server.
- Protocol
Store - Mixes in all the store interfaces defined in this module.
- Sender
KeyStore - Interface for storing sender key records, allowing multiple keys per user.
- Session
Store - Interface for a Signal client instance to store a session associated with another particular separate Signal client instance.
- Signed
PreKey Store - Interface for storing signed pre-keys downloaded from a server.
Functions§
- create_
sender_ key_ distribution_ message - extract_
decryption_ error_ message_ from_ serialized_ content - For testing
- group_
decrypt - group_
encrypt - initialize_
alice_ session_ record - initialize_
bob_ session_ record - message_
decrypt - message_
decrypt_ prekey - message_
decrypt_ signal - message_
encrypt - process_
prekey - process_
prekey_ bundle - process_
sender_ key_ distribution_ message - sealed_
sender_ decrypt - Decrypt a Sealed Sender message
ciphertextin either the v1 or v2 format, validate its sender certificate, and then decrypt the inner message payload. - sealed_
sender_ decrypt_ to_ usmc - Decrypt the payload of a sealed-sender message in either the v1 or v2 format.
- sealed_
sender_ encrypt - Encrypt the plaintext message
ptext, generate anUnidentifiedSenderMessageContent, then pass the result tosealed_sender_encrypt_from_usmc. - sealed_
sender_ encrypt_ from_ usmc - This method implements the single-key single-recipient KEM described in this Signal blog post, a.k.a. Sealed Sender v1.
- sealed_
sender_ multi_ recipient_ encrypt - This method implements a single-key multi-recipient KEM as defined in Manuel Barbosa’s “Randomness Reuse: Extensions and Improvements”, a.k.a. Sealed Sender v2.
Type Aliases§
- Aci
- A service ID representing an ACI (“ACcount Identifier”).
- Pni
- A service ID representing a PNI (“Phone Number Identifier”).
- Service
IdFixed Width Binary Bytes - The fixed-width binary representation of a ServiceId.