Crate openpgp_dr

An implementation of Signal's Double-Ratchet protocol for use in OpenPGP.

This algorithm has been popularized by Signal. It uses a series of Cryptographic Ratchets to derive session keys. See the Double Ratchet Algorithm Spec for a full description.

This implementation is geared towards use in OpenPGP. It does not encrypt messages, it merely derives the session keys.

Examples

This example demonstrates how to generate a pre-key and initialize two Double Ratchets.

use openpgp_dr::cv25519::{PreKeyPair, RatchetHalfOpen, Ratchet};

// Generate a pre-key for Bob.
let bob_prekey_pair = PreKeyPair::new()?;

// The public half of that pair is communicated to Alice.
let bob_prekey = bob_prekey_pair.pre_key();

// Now, Alice can start initializing her Ratchets.
let mut alice = RatchetHalfOpen::new(bob_prekey)?;

// And she can immediately start encrypting messages.
let (header, mk) = alice.encrypt()?;

// Now, Bob can initialize his Ratchets, and in the process
// decrypt the first message.
let (mut bob, mk_) = Ratchet::new(bob_prekey_pair, header)?;
assert_eq!(mk, mk_);

// Bob replies.
let (header, mk) = bob.encrypt()?;

// And Alice decrypts, finalizing her initialization in the process.
let (alice, mk_) = alice.decrypt(header)?;
assert_eq!(mk, mk_);

// All ratchets are fully initialized at this point.

Modules

cv25519

Double Ratchet using Diffie-Hellman over Cv25519, HKDF with SHA256, and HMAC with SHA256.

Structs

Header	Communicates new Diffie-Hellman parameter and sequence numbers.
PreKey	The part of the pre-key pair to be communicated to the peer.
PreKeyPair	Diffie-Hellman parameters and shared secret.
Ratchet	A fully-initialized Double Ratchet.
RatchetHalfOpen	A half-initialized Double Ratchet.

Traits

DH	Abstraction for the Diffie-Hellman key exchange.
KdfCK	Abstraction for the key derivation function used in the symmetric-key ratchets.
KdfRK	Abstraction for the key derivation function used in the Diffie-Hellman ratchet.

Type Definitions

Key	Message key.