A pure abstract class defining the API to encrypt/decrypt/manage user and its keys. More...
Public Member Functions | |
| virtual void | encrypt (std::shared_ptr< const std::string > recipientUserId, std::shared_ptr< std::vector< RecipientData >> recipients, std::shared_ptr< const std::vector< uint8_t >> plainMessage, const lime::EncryptionPolicy encryptionPolicy, std::shared_ptr< std::vector< uint8_t >> cipherMessage, const limeCallback &callback)=0 |
| Encrypt a buffer(text or file) for a given list of recipient devices if specified localDeviceId is not found in local Storage, throw an exception. More... | |
| virtual lime::PeerDeviceStatus | decrypt (const std::string &recipientUserId, const std::string &senderDeviceId, const std::vector< uint8_t > &DRmessage, const std::vector< uint8_t > &cipherMessage, std::vector< uint8_t > &plainMessage)=0 |
| Decrypt the given message. More... | |
| virtual void | publish_user (const limeCallback &callback, const uint16_t OPkInitialBatchSize)=0 |
| Publish on X3DH server the user, it is performed just after creation in local storage this will, on success, trigger generation and sending of SPk and OPks for our new user. More... | |
| virtual void | delete_user (const limeCallback &callback)=0 |
| Delete user from local Storage and from X3DH server. More... | |
| virtual void | delete_peerDevice (const std::string &peerDeviceId)=0 |
| Purge cached sessions for a given peer Device (used when a peer device is being deleted) More... | |
| virtual void | update_SPk (const limeCallback &callback)=0 |
| Check if the current SPk needs to be updated, if yes, generate a new one and publish it on server. More... | |
| virtual void | update_OPk (const limeCallback &callback, uint16_t OPkServerLowLimit, uint16_t OPkBatchSize)=0 |
| check if we shall upload more OPks on X3DH server More... | |
| virtual void | get_Ik (std::vector< uint8_t > &Ik)=0 |
| Retrieve self public Identity key. More... | |
| virtual void | set_x3dhServerUrl (const std::string &x3dhServerUrl)=0 |
| Set the X3DH key server URL for this identified user. More... | |
| virtual std::string | get_x3dhServerUrl ()=0 |
| Get the X3DH key server URL for this identified user. More... | |
| virtual void | stale_sessions (const std::string &peerDeviceId)=0 |
| Stale all sessions between localDeviceId and peerDevice. If peerDevice keep using this session to encrypt and we decrypt with success, the session will be reactivated but to encrypt a message to this peerDevice, a new session will be created. If no session is active between the given device, this call has no effect. More... | |
| virtual | ~LimeGeneric () |
Detailed Description
A pure abstract class defining the API to encrypt/decrypt/manage user and its keys.
underlying implementation is templated to be able to use C25519 or C448, it is selected by the curveId parameter given to insert/load_limeUser function
Constructor & Destructor Documentation
◆ ~LimeGeneric()
|
inlinevirtual |
Member Function Documentation
◆ decrypt()
|
pure virtual |
Decrypt the given message.
- Parameters
-
[in] recipientUserId the Id of intended recipient, shall be a sip:uri of user or conference, is used as associated data to ensure no-one can mess with intended recipient it is not necessarily the sip:uri base of the GRUU as this could be a message from alice first device intended to bob being decrypted on alice second device [in] senderDeviceId the device Id (GRUU) of the message sender [in] DRmessage the Double Ratchet message targeted to current device [in] cipherMessage part of cipher routed to all recipient devices(it may be actually empty depending on sender encryption policy and message characteristics) [out] plainMessage the output buffer
- Returns
- true if the decryption is successfull, false otherwise
Implemented in lime::Lime< Curve >.
◆ delete_peerDevice()
|
pure virtual |
Purge cached sessions for a given peer Device (used when a peer device is being deleted)
- Parameters
-
[in] peerDeviceId The peer device to remove from cache
Implemented in lime::Lime< Curve >.
◆ delete_user()
|
pure virtual |
Delete user from local Storage and from X3DH server.
- Parameters
-
[in] callback call when completed
Implemented in lime::Lime< Curve >.
◆ encrypt()
|
pure virtual |
Encrypt a buffer(text or file) for a given list of recipient devices if specified localDeviceId is not found in local Storage, throw an exception.
Clarification on recipients:
recipients information needed are a list of the device Id and one userId. The device Id shall be their GRUU while the userId is a sip:uri.
recipient User Id is used to identify the actual intended recipient. Example: alice have two devices and is signed up on a conference having bob and claire as other members. The recipientUserId will be the conference sip:uri and device list will include:
- alice other device
- bob devices
- claire devices If Alice write to Bob only, the recipientUserId will be bob sip:uri and recipient devices list :
- alice other device
- bob devices
In all cases, the identified source of the message will be the localDeviceId
If the X3DH server can't provide keys for a peer device, its status is set to fail and its DRmessage is empty. Other devices get their encrypted message If no peer device could get encrypted for all of them are missing keys on the X3DH server, the callback will still be called with success exit status
- Note
- all parameters are shared pointers as the process being asynchronous, the ownership will be taken internally exempting caller to manage the buffers.
- Parameters
-
[in] recipientUserId the Id of intended recipient, shall be a sip:uri of user or conference, is used as associated data to ensure no-one can mess with intended recipient [in,out] recipients a list of RecipientData holding: - the recipient device Id(GRUU)
- an empty buffer to store the DRmessage which must then be routed to that recipient
- the peer Status. If peerStatus is set to fail, this entry is ignored otherwise the peerStatus is set by the encrypt, see PeerDeviceStatus definition for details
[in] plainMessage a buffer holding the message to encrypt, can be text or data. [in] encryptionPolicy select how to manage the encryption: direct use of Double Ratchet message or encrypt in the cipher message and use the DR message to share the cipher message key [out] cipherMessage points to the buffer to store the encrypted message which must be routed to all recipients(if one is produced, depends on encryption policy) [in] callback This operation contact the X3DH server and is thus asynchronous, when server responds, this callback will be called giving the exit status and an error message in case of failure. It is advised to capture a copy of cipherMessage and recipients shared_ptr in this callback so they can access the output of encryption as it won't be part of the callback parameters.
Implemented in lime::Lime< Curve >.
◆ get_Ik()
|
pure virtual |
Retrieve self public Identity key.
- Parameters
-
[out] Ik the public EdDSA formatted Identity key
Implemented in lime::Lime< Curve >.
◆ get_x3dhServerUrl()
|
pure virtual |
Get the X3DH key server URL for this identified user.
- Returns
- The complete url(including port) of the X3DH key server
Implemented in lime::Lime< Curve >.
◆ publish_user()
|
pure virtual |
Publish on X3DH server the user, it is performed just after creation in local storage this will, on success, trigger generation and sending of SPk and OPks for our new user.
- Parameters
-
[in] callback call when completed [in] OPkInitialBatchSize Number of OPks in the first batch uploaded to X3DH server
Implemented in lime::Lime< Curve >.
◆ set_x3dhServerUrl()
|
pure virtual |
Set the X3DH key server URL for this identified user.
- Parameters
-
[in] x3dhServerUrl The complete url(including port) of the X3DH key server
Implemented in lime::Lime< Curve >.
◆ stale_sessions()
|
pure virtual |
Stale all sessions between localDeviceId and peerDevice. If peerDevice keep using this session to encrypt and we decrypt with success, the session will be reactivated but to encrypt a message to this peerDevice, a new session will be created. If no session is active between the given device, this call has no effect.
- Parameters
-
[in] peerDeviceId The device Id of peer, shall be its GRUU
Implemented in lime::Lime< Curve >.
◆ update_OPk()
|
pure virtual |
check if we shall upload more OPks on X3DH server
- ask server four our keys (returns the count and all their Ids)
- check if it's under the low limit, if yes, generate a batch of keys and upload them
- Parameters
-
[in] callback Called with success or failure when operation is completed. [in] OPkServerLowLimit If server holds less OPk than this limit, generate and upload a batch of OPks [in] OPkBatchSize Number of OPks in a batch uploaded to server
Implemented in lime::Lime< Curve >.
◆ update_SPk()
|
pure virtual |
Check if the current SPk needs to be updated, if yes, generate a new one and publish it on server.
- Parameters
-
[in] callback Called with success or failure when operation is completed.
Implemented in lime::Lime< Curve >.
The documentation for this class was generated from the following file:
- /builds/BC/public/linphone-sdk/lime/src/lime_lime.hpp
