From 7abd7f1f801fb378103cbbd5135975b3bb712cb6 Mon Sep 17 00:00:00 2001 From: Jazz Turner-Baggs <473256+jazzz@users.noreply.github.com> Date: Thu, 12 Feb 2026 15:07:40 -0800 Subject: [PATCH] Rename SecretKey to SymmetricKey32 --- conversations/src/conversation/privatev1.rs | 12 ++++++------ conversations/src/inbox/handler.rs | 4 ++-- conversations/src/inbox/handshake.rs | 8 ++++---- crypto/src/lib.rs | 2 +- crypto/src/x3dh.rs | 10 +++++----- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/conversations/src/conversation/privatev1.rs b/conversations/src/conversation/privatev1.rs index 1182ed9..b67661f 100644 --- a/conversations/src/conversation/privatev1.rs +++ b/conversations/src/conversation/privatev1.rs @@ -6,7 +6,7 @@ use chat_proto::logoschat::{ convos::private_v1::{PrivateV1Frame, private_v1_frame::FrameType}, encryption::{Doubleratchet, EncryptedPayload, encrypted_payload::Encryption}, }; -use crypto::SecretKey; +use crypto::SymmetricKey32; use double_ratchets::{Header, InstallationKeyPair, RatchetState}; use prost::{Message, bytes::Bytes}; use std::fmt::Debug; @@ -38,7 +38,7 @@ impl Role { struct BaseConvoId([u8; 18]); impl BaseConvoId { - fn new(key: &SecretKey) -> Self { + fn new(key: &SymmetricKey32) -> Self { let base = Blake2bMac::::new_with_salt_and_personal(key.as_bytes(), b"", b"L-PV1-CID") .expect("fixed inputs should never fail"); Self(base.finalize_fixed().into()) @@ -60,12 +60,12 @@ pub struct PrivateV1Convo { } impl PrivateV1Convo { - pub fn new_initiator(seed_key: SecretKey, remote: PublicKey) -> Self { + pub fn new_initiator(seed_key: SymmetricKey32, remote: PublicKey) -> Self { let base_convo_id = BaseConvoId::new(&seed_key); let local_convo_id = base_convo_id.id_for_participant(Role::Initiator); let remote_convo_id = base_convo_id.id_for_participant(Role::Responder); - // TODO: Danger - Fix double-ratchets types to Accept SecretKey + // TODO: Danger - Fix double-ratchets types to Accept SymmetricKey32 // perhaps update the DH to work with cryptocrate. // init_sender doesn't take ownership of the key so a reference can be used. let shared_secret: [u8; 32] = seed_key.as_bytes().to_vec().try_into().unwrap(); @@ -79,14 +79,14 @@ impl PrivateV1Convo { } pub fn new_responder( - seed_key: SecretKey, + seed_key: SymmetricKey32, dh_self: InstallationKeyPair, // TODO: (P3) Rename; This accepts a Ephemeral key in most cases ) -> Self { let base_convo_id = BaseConvoId::new(&seed_key); let local_convo_id = base_convo_id.id_for_participant(Role::Responder); let remote_convo_id = base_convo_id.id_for_participant(Role::Initiator); - // TODO: Danger - Fix double-ratchets types to Accept SecretKey + // TODO: Danger - Fix double-ratchets types to Accept SymmetricKey32 let dr_state = RatchetState::init_receiver(seed_key.DANGER_to_bytes(), dh_self); Self { diff --git a/conversations/src/inbox/handler.rs b/conversations/src/inbox/handler.rs index a2fc472..c438c23 100644 --- a/conversations/src/inbox/handler.rs +++ b/conversations/src/inbox/handler.rs @@ -6,7 +6,7 @@ use rand_core::OsRng; use std::collections::HashMap; use std::rc::Rc; -use crypto::{PrekeyBundle, SecretKey}; +use crypto::{PrekeyBundle, SymmetricKey32}; use crate::context::Introduction; use crate::conversation::{ChatError, ConversationId, Convo, Id, PrivateV1Convo}; @@ -172,7 +172,7 @@ impl Inbox { ephemeral_key: &StaticSecret, header: proto::InboxHeaderV1, bytes: Bytes, - ) -> Result<(SecretKey, proto::InboxV1Frame), ChatError> { + ) -> Result<(SymmetricKey32, proto::InboxV1Frame), ChatError> { // Get PublicKeys from protobuf let initator_static = PublicKey::from( <[u8; 32]>::try_from(header.initiator_static.as_ref()) diff --git a/conversations/src/inbox/handshake.rs b/conversations/src/inbox/handshake.rs index eda7d00..5d8d0f3 100644 --- a/conversations/src/inbox/handshake.rs +++ b/conversations/src/inbox/handshake.rs @@ -2,7 +2,7 @@ use blake2::{ Blake2bMac, digest::{FixedOutput, consts::U32}, }; -use crypto::{DomainSeparator, PrekeyBundle, SecretKey, X3Handshake}; +use crypto::{DomainSeparator, PrekeyBundle, SymmetricKey32, X3Handshake}; use rand_core::{CryptoRng, RngCore}; use crate::crypto::{PublicKey, StaticSecret}; @@ -24,7 +24,7 @@ impl InboxHandshake { identity_keypair: &StaticSecret, recipient_bundle: &PrekeyBundle, rng: &mut R, - ) -> (SecretKey, PublicKey) { + ) -> (SymmetricKey32, PublicKey) { // Perform X3DH handshake to get shared secret let (shared_secret, ephemeral_public) = InboxKeyExchange::initator(identity_keypair, recipient_bundle, rng); @@ -47,7 +47,7 @@ impl InboxHandshake { onetime_prekey: Option<&StaticSecret>, initiator_identity: &PublicKey, initiator_ephemeral: &PublicKey, - ) -> SecretKey { + ) -> SymmetricKey32 { // Perform X3DH to get shared secret let shared_secret = InboxKeyExchange::responder( identity_keypair, @@ -61,7 +61,7 @@ impl InboxHandshake { } /// Derive keys from X3DH shared secret - fn derive_keys_from_shared_secret(shared_secret: SecretKey) -> SecretKey { + fn derive_keys_from_shared_secret(shared_secret: SymmetricKey32) -> SymmetricKey32 { let seed_key: [u8; 32] = Blake2bMac256::new_with_salt_and_personal( shared_secret.as_slice(), &[], // No salt - input already has high entropy diff --git a/crypto/src/lib.rs b/crypto/src/lib.rs index 3b8776b..d44231f 100644 --- a/crypto/src/lib.rs +++ b/crypto/src/lib.rs @@ -2,6 +2,6 @@ mod keys; mod x3dh; mod xeddsa_sign; -pub use keys::{GenericArray, SecretKey}; +pub use keys::{GenericArray, SymmetricKey32}; pub use x3dh::{DomainSeparator, PrekeyBundle, X3Handshake}; pub use xeddsa_sign::{Ed25519Signature, SignatureError, xeddsa_sign, xeddsa_verify}; diff --git a/crypto/src/x3dh.rs b/crypto/src/x3dh.rs index b71c498..d942fbd 100644 --- a/crypto/src/x3dh.rs +++ b/crypto/src/x3dh.rs @@ -5,7 +5,7 @@ use rand_core::{CryptoRng, RngCore}; use sha2::Sha256; use x25519_dalek::{PublicKey, SharedSecret, StaticSecret}; -use crate::keys::SecretKey; +use crate::keys::SymmetricKey32; use crate::xeddsa_sign::Ed25519Signature; /// A prekey bundle containing the public keys needed to initiate an X3DH key exchange. @@ -36,7 +36,7 @@ impl X3Handshake { dh2: &SharedSecret, dh3: &SharedSecret, dh4: Option<&SharedSecret>, - ) -> SecretKey { + ) -> SymmetricKey32 { // Concatenate all DH outputs let mut km = Vec::new(); km.extend_from_slice(dh1.as_bytes()); @@ -53,7 +53,7 @@ impl X3Handshake { hk.expand(Self::domain_separator(), &mut output) .expect("32 bytes is valid HKDF output length"); - // Move into SecretKey so it gets zeroized on drop. + // Move into SymmetricKey32 so it gets zeroized on drop. output.into() } @@ -70,7 +70,7 @@ impl X3Handshake { identity_keypair: &StaticSecret, recipient_bundle: &PrekeyBundle, rng: &mut R, - ) -> (SecretKey, PublicKey) { + ) -> (SymmetricKey32, PublicKey) { // Generate ephemeral key for this handshake (using StaticSecret for multiple DH operations) let ephemeral_secret = StaticSecret::random_from_rng(rng); let ephemeral_public = PublicKey::from(&ephemeral_secret); @@ -107,7 +107,7 @@ impl X3Handshake { onetime_prekey: Option<&StaticSecret>, initiator_identity: &PublicKey, initiator_ephemeral: &PublicKey, - ) -> SecretKey { + ) -> SymmetricKey32 { let dh1 = signed_prekey.diffie_hellman(initiator_identity); let dh2 = identity_keypair.diffie_hellman(initiator_ephemeral); let dh3 = signed_prekey.diffie_hellman(initiator_ephemeral);