PqxdhSession

zoe_client::pqxdh::session

Struct PqxdhSession 

Source 
pub(super) struct PqxdhSession {
    pub(super) shared_secret: PqxdhSharedSecret,
    pub(super) sequence_number: u64,
    pub(super) my_session_channel_id: PqxdhSessionId,
    pub(super) their_session_channel_id: PqxdhSessionId,
    pub(super) their_key: VerifyingKey,
}
Expand description

A PQXDH session for secure communication

This struct represents an established PQXDH session between two parties. It contains the shared cryptographic material and state needed to encrypt and decrypt messages within the session.

§Key Features

  • Shared Secret: Cryptographic material derived from PQXDH key exchange
  • Sequence Numbers: Monotonic counter for replay protection
  • Session Channel IDs: A hash of the session channel id prefix and the target key, provides unlinkability
  • Serializable: Can be persisted and restored across application restarts

§Security Properties

  • Forward secrecy through ephemeral key material
  • Replay protection via sequence numbering
  • Unlinkability through randomized channel identifiers
  • Post-quantum resistance via CRYSTALS-Kyber

Fields§

§shared_secret: PqxdhSharedSecret§sequence_number: u64

Current sequence number for this session (stored as u64 for serialization)

§my_session_channel_id: PqxdhSessionId

The channel Id we are listening for, derived from the session channel id prefix

§their_session_channel_id: PqxdhSessionId

The session id channel they will be listening to, derived from the session channel id prefix

§their_key: VerifyingKey

The key of the sender of the messages

Implementations§

Source§

impl PqxdhSession

Source

pub fn publish_channel_tag(&self) -> Tag

Get the channel they are listening for

Source

pub fn listening_channel_tag(&self) -> Tag

Get the channel tag we want to be listening for

Source

pub fn next_sequence_number(&mut self) -> u64

Get the next sequence number and increment the internal counter

Source

pub fn gen_next_message<T: Serialize>( &mut self, client_keypair: &KeyPair, payload: &T, kind: Kind, ) -> Result<MessageFull>

Sends a message in an established PQXDH session

This method encrypts and sends a message over an already established PQXDH session. The message is encrypted using the session’s shared secret and includes sequence numbering for replay protection.

§Arguments
  • messages_service - The messages service for publishing the encrypted message
  • client_keypair - The sender’s keypair for message authentication
  • payload - The user data to encrypt and send
§Security Features
  • Messages are encrypted with the session’s shared secret
  • Sequence numbers prevent replay attacks
  • Messages are sent to the session’s private channel ID
  • Each message uses fresh randomness for encryption
Source

pub fn from_shared_secret( shared_secret: PqxdhSharedSecret, my_session_channel_id: PqxdhSessionId, their_session_channel_id: PqxdhSessionId, their_key: VerifyingKey, ) -> Self

Creates a PQXDH session from an established shared secret and channel ID (for responders)

This constructor is used by service providers to create a session after successfully processing an initial PQXDH message. It initializes the session with the derived shared secret and the channel ID extracted from the initial message.

§Arguments
  • shared_secret - The cryptographic material derived from PQXDH key exchange
  • my_session_channel_id - The channel ID we are listening for
  • their_session_channel_id - The channel ID they are listening for
  • sender_key - The public key of the sender of the initial message
§Returns

Returns a new PqxdhSession ready for encrypting and decrypting messages

§Usage

Typically called after extract_initial_payload() to create a session that can be used for ongoing communication with the client.

Trait Implementations§

Source§

impl Clone for PqxdhSession

Source§

fn clone(&self) -> PqxdhSession

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<'de> Deserialize<'de> for PqxdhSession

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Serialize for PqxdhSession

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Classify for T

§

type Classified = T

§

fn classify(self) -> T

§

impl<T> Classify for T

§

type Classified = T

§

fn classify(self) -> T

Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> CompatExt for T

§

fn compat(self) -> Compat<T>

Applies the [Compat] adapter by value. Read more
§

fn compat_ref(&self) -> Compat<&T>

Applies the [Compat] adapter by shared reference. Read more
§

fn compat_mut(&mut self) -> Compat<&mut T>

Applies the [Compat] adapter by mutable reference. Read more
§

impl<T> Declassify for T

§

type Declassified = T

§

fn declassify(self) -> T

§

impl<T> Declassify for T

§

type Declassified = T

§

fn declassify(self) -> T

Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FutureExt for T

§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns [Action::Follow] if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

impl<T> DartSafe for T

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> TaskRetFutTrait for T
where T: Send,