store a Double Rachet session. More...

#include <lime_double_ratchet.hpp>

Public Member Functions
	DR ()=delete
	DR (std::shared_ptr< lime::Db > localStorage, const DRChainKey &SK, const SharedADBuffer &AD, const X< Curve, lime::Xtype::publicKey > &peerPublicKey, const long int peerDid, const std::string &peerDeviceId, const DSA< Curve, lime::DSAtype::publicKey > &peerIk, long int selfDeviceId, const std::vector< uint8_t > &X3DH_initMessage, std::shared_ptr< RNG > RNG_context)
	Create a new DR session for sending message. Match pseudo code for RatchetInitAlice in DR spec section 3.3.
	DR (std::shared_ptr< lime::Db > localStorage, const DRChainKey &SK, const SharedADBuffer &AD, const Xpair< Curve > &selfKeyPair, long int peerDid, const std::string &peerDeviceId, const uint32_t OPk_id, const DSA< Curve, lime::DSAtype::publicKey > &peerIk, long int selfDeviceId, std::shared_ptr< RNG > RNG_context)
	Create a new DR session for message reception. Match pseudo code for RatchetInitBob in DR spec section 3.3.
	DR (std::shared_ptr< lime::Db > localStorage, long sessionId, std::shared_ptr< RNG > RNG_context)
	Create a new DR session to be loaded from db.
	DR (DR< Curve > &a)=delete
DR< Curve > &	operator= (DR< Curve > &a)=delete
	~DR ()
template<typename inputContainer>
void	ratchetEncrypt (const inputContainer &plaintext, std::vector< uint8_t > &&AD, std::vector< uint8_t > &ciphertext, const bool payloadDirectEncryption)
	Encrypt using the double-ratchet algorithm.
template<typename outputContainer>
bool	ratchetDecrypt (const std::vector< uint8_t > &cipherText, const std::vector< uint8_t > &AD, outputContainer &plaintext, const bool payloadDirectEncryption)
	Decrypt Double Ratchet message.
long int	dbSessionId (void) const
	return the session's local storage id
bool	isActive (void) const
	return the current status of session

Detailed Description

template<typename Curve>
class lime::DR< Curve >

store a Double Rachet session.

A session is associated to a local user and a peer device. It stores all the state variables described in Double Ratcher spec section 3.2 and provide encrypt/decrypt functions

Template Parameters

Curve The elliptic curve to use: C255 or C448

Constructor & Destructor Documentation

◆ DR() [1/5]

template<typename Curve>

lime::DR< Curve >::DR ( )

delete

◆ DR() [2/5]

template<typename Curve>

lime::DR< Curve >::DR	(	std::shared_ptr< lime::Db >	localStorage,
		const DRChainKey &	SK,
		const SharedADBuffer &	AD,
		const X< Curve, lime::Xtype::publicKey > &	peerPublicKey,
		const long int	peerDid,
		const std::string &	peerDeviceId,
		const DSA< Curve, lime::DSAtype::publicKey > &	peerIk,
		long int	selfDid,
		const std::vector< uint8_t > &	X3DH_initMessage,
		std::shared_ptr< RNG >	RNG_context )

Create a new DR session for sending message. Match pseudo code for RatchetInitAlice in DR spec section 3.3.

Parameters

[in]	localStorage	Local storage accessor to save DR session and perform mkskipped lookup
[in]	SK	a 32 bytes shared secret established prior the session init (likely done using X3DH)
[in]	AD	The associated data generated by X3DH protocol and permanently part of the DR session(see X3DH spec section 3.3 and lime doc section 5.4.3)
[in]	peerPublicKey	the public key of message recipient (also obtained through X3DH, shall be peer SPk)
[in]	peerDid	Id used in local storage for this peer Device this session shall be attached to
[in]	peerDeviceId	The peer Device Id this session is connected to. Ignored if peerDid is not 0
[in]	peerIk	The Identity Key of the peer device this session is connected to. Ignored if peerDid is not 0
[in]	selfDid	Id used in local storage for local user this session shall be attached to
[in]	X3DH_initMessage	at session creation as sender we shall also store the X3DHInit message to be able to include it in all message until we got a response from peer
[in]	RNG_context	A Random Number Generator context used for any rndom generation needed by this session

◆ DR() [3/5]

template<typename Curve>

lime::DR< Curve >::DR	(	std::shared_ptr< lime::Db >	localStorage,
		const DRChainKey &	SK,
		const SharedADBuffer &	AD,
		const Xpair< Curve > &	selfKeyPair,
		long int	peerDid,
		const std::string &	peerDeviceId,
		const uint32_t	OPk_id,
		const DSA< Curve, lime::DSAtype::publicKey > &	peerIk,
		long int	selfDid,
		std::shared_ptr< RNG >	RNG_context )

Create a new DR session for message reception. Match pseudo code for RatchetInitBob in DR spec section 3.3.

Parameters

[in]	localStorage	Local storage accessor to save DR session and perform mkskipped lookup
[in]	SK	a 32 bytes shared secret established prior the session init (likely done using X3DH)
[in]	AD	The associated data generated by X3DH protocol and permanently part of the DR session(see X3DH spec section 3.3 and lime doc section 5.4.3)
[in]	selfKeyPair	the key pair used by sender to establish this DR session (DR spec section 5.1: it shall be our SPk)
[in]	peerDid	Id used in local storage for this peer Device this session shall be attached to
[in]	peerDeviceId	The peer Device Id this session is connected to. Ignored if peerDid is not 0
[in]	OPk_id	Id of the self OPk used to create this session: we must remove it from local storage when saving the session in it. (ignored if 0)
[in]	peerIk	The Identity Key of the peer device this session is connected to. Ignored if peerDid is not 0
[in]	selfDid	Id used in local storage for local user this session shall be attached to
[in]	RNG_context	A Random Number Generator context used for any rndom generation needed by this session

◆ DR() [4/5]

template<typename Curve>

lime::DR< Curve >::DR	(	std::shared_ptr< lime::Db >	localStorage,
		long	sessionId,
		std::shared_ptr< RNG >	RNG_context )

Create a new DR session to be loaded from db.

m_dirty is already set to clean and DHR_valid to true as we won't save a session if no successfull sending or reception was performed if loading fails, caller should destroy the session

Parameters

[in]	localStorage	Local storage accessor to save DR session and perform mkskipped lookup
[in]	sessionId	row id in the database identifying the session to be loaded
[in]	RNG_context	A Random Number Generator context used for any rndom generation needed by this session

◆ DR() [5/5]

template<typename Curve>

lime::DR< Curve >::DR ( DR< Curve > & a )

delete

◆ ~DR()

template<typename Curve>

lime::DR< Curve >::~DR ( )

Member Function Documentation

◆ dbSessionId()

template<typename Curve>

long int lime::DR< Curve >::dbSessionId ( void ) const

inline

return the session's local storage id

◆ isActive()

template<typename Curve>

bool lime::DR< Curve >::isActive ( void ) const

inline

return the current status of session

◆ operator=()

template<typename Curve>

DR< Curve > & lime::DR< Curve >::operator= ( DR< Curve > & a )

delete

◆ ratchetDecrypt()

template<typename Curve>

template<typename outputContainer>

bool lime::DR< Curve >::ratchetDecrypt	(	const std::vector< uint8_t > &	ciphertext,
		const std::vector< uint8_t > &	AD,
		outputContainer &	plaintext,
		const bool	payloadDirectEncryption )

Decrypt Double Ratchet message.

Template Parameters

outputContainer

is used with

sBuffer: the ouput is a random seed used to decrypt the cipher message
std::vector<uint8_t>: the output is directly the plaintext message

Parameters

[in]	ciphertext	Input to be decrypted, is likely to be a 32 bytes vector holding the crypted version of a random seed
[in]	AD	Associated data authenticated along the encryption (initial session AD and DR message header are append to it)
[out]	plaintext	Decrypted output
[in]	payloadDirectEncryption	A flag to enforce checking on message type: when set we expect to get payload in the message(so message header matching flag must be set)

Returns: true on success

◆ ratchetEncrypt()

template<typename Curve>

template<typename inputContainer>

void lime::DR< Curve >::ratchetEncrypt	(	const inputContainer &	plaintext,
		std::vector< uint8_t > &&	AD,
		std::vector< uint8_t > &	ciphertext,
		const bool	payloadDirectEncryption )

Encrypt using the double-ratchet algorithm.

Template Parameters

inputContainer

is used with

sBuffer: the input is a random seed used to decrypt the cipher message
std::vector<uint8_t>: the input is directly the plaintext message

Parameters

[in]	plaintext	the input to be encrypted, may actually be a 32 bytes buffer holding the seed used to generate key+IV for a AES-GCM encryption to the actual message
[in]	AD	Associated Data, this buffer shall hold: source GRUU<...> \|\| recipient GRUU<...> \|\| [ actual message AEAD auth tag OR recipient User Id]
[out]	ciphertext	buffer holding the header, cipher text and auth tag, shall contain the key and IV used to cipher the actual message, auth tag applies on AD \|\| header
[in]	payloadDirectEncryption	A flag to set in message header: set when having payload in the DR message

The documentation for this class was generated from the following files:

/build/lime-9DdzML/lime-5.3.105+dfsg/src/lime_double_ratchet.hpp
/build/lime-9DdzML/lime-5.3.105+dfsg/src/lime_double_ratchet.cpp
/build/lime-9DdzML/lime-5.3.105+dfsg/src/lime_localStorage.cpp

Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ DR() [1/5]

◆ DR() [2/5]

◆ DR() [3/5]

◆ DR() [4/5]

◆ DR() [5/5]

◆ ~DR()

Member Function Documentation

◆ dbSessionId()

◆ isActive()

◆ operator=()

◆ ratchetDecrypt()

◆ ratchetEncrypt()