A Rust implementation of the Signal Protocol. Quite rough around the edges, and no security guarantees given. Just for curiosity.
The Signal Protocol is at the heart of all mainstream end-to-end encrypted messaging these days: in addition to Signal, both Whats App and Facebook Messenger use it (along with a lot of other messaging apps). It is composed of two main parts: the X3DH key exchange protocol, and the Double Ratchet algorithm.
Run cargo test --all. Among others, this runs the test in
crates/signal/src/lib.rs, which is a mockup of a complete end-to-end
conversation including both key exchange and several iterations of
the ratchet, however, it is entirely in-process.
Then try make server, followed by (in another tab) make. This
runs the multi-process example. The first command starts the server,
which provides key & message relay. The second command starts the
two client processes, which communicate with one another via the
server.
The two key crates are x3dh, which implements the key exchange
algorithm, and double-ratchet, which implements the session key
ratcheting algorithm.
x3dhThe main entity is the Participant, which manages generating and
storing the various keys in play. In addition, you can create a
local Keyserver to simulate the key relay functions in-process.
double-ratchetThe main entity is the Session, which can be created with a
SessionBuilder. Initialize it with the shared session key,
begin a connection, and then use the Session to encrypt and
decrypt messages.
x3dh and double-ratchet public APIs & docs.log crate for logging.client and server example implementations.Keyserver trait asyncable so we can use it with a
remote server?Relayserver trait for double-ratchet that
corresponds to the Keyservertrait for x3dh?aes and sha2.orion.