This PR adds end-to-end encryption of chat messages using a signal-like protocol, utilizing ephemeral X448 key exchanges per chat session, with hash-based key rotation for unique symmetric keys on every message. Symmetric encryption is handled by Fernet, which uses AES 128 CBC with HMACs for strong authenticated encryption of messages.
This PR fixes issue #64
This PR also introduces methods for producing and signing with Ed448 keys targeted for use in authenticating counselors without passwords sometime in the future.
Checklist
[x] If code changes were made then they have been tested.
[x] This PR fixes an issue.
[x] This PR adds something new (e.g. new method or parameters).
[x] This PR is a breaking change (e.g. methods or parameters removed/renamed)
[ ] This PR is not a code change (e.g. documentation, README, ...)
Summary
This PR adds end-to-end encryption of chat messages using a signal-like protocol, utilizing ephemeral X448 key exchanges per chat session, with hash-based key rotation for unique symmetric keys on every message. Symmetric encryption is handled by Fernet, which uses AES 128 CBC with HMACs for strong authenticated encryption of messages.
This PR fixes issue #64
This PR also introduces methods for producing and signing with Ed448 keys targeted for use in authenticating counselors without passwords sometime in the future.
Checklist