https://github.com/sander/noise-kotlin

Noise protocols based on Diffie-Hellman key agreement
https://github.com/sander/noise-kotlin

cryptography noise-protocol-framework pure-functional

Last synced: 8 months ago
JSON representation

Noise protocols based on Diffie-Hellman key agreement

• Host: GitHub
• URL: https://github.com/sander/noise-kotlin
• Owner: sander
• License: mit
• Created: 2023-02-26T14:32:27.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2024-04-22T12:46:58.000Z (about 2 years ago)
• Last Synced: 2024-04-22T13:56:06.187Z (about 2 years ago)
• Topics: cryptography, noise-protocol-framework, pure-functional
• Language: Kotlin
• Homepage: https://sander.github.io/noise-kotlin/api/
• Size: 431 KB
• Stars: 7
• Watchers: 2
• Forks: 1
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# Noise for Kotlin

[![Maven Central](https://maven-badges.herokuapp.com/maven-central/nl.sanderdijkhuis/noise-kotlin/badge.svg?style=flat-square&gav=true)](https://central.sonatype.com/artifact/nl.sanderdijkhuis/noise-kotlin/)

**Noise for Kotlin** enables implementation of [Noise](https://noiseprotocol.org) protocols based on Diffie-Hellman key agreement.

> **Warning**: This project has not been independently audited. Help is welcome to increase security or to make risks explicit. Also see the [Security policy](SECURITY.md).

## API documentation

See the [API docs](https://sander.github.io/noise-kotlin/api/) about the latest release or use the Gradle `dokkaHtml` task for a local copy about any version.

## How to build

Run the tests. On POSIX:

    ./gradlew test

On Windows:

    gradlew test

See [HandshakeTest](src/test/kotlin/HandshakeTest.kt) for some example handshakes.

Instead of `test`, use `jar` to create a JAR in `build/distributions`.

## How to use in an application

Add the [`noise-kotlin` dependency](https://central.sonatype.com/artifact/nl.sanderdijkhuis/noise-kotlin) to your project.

Then, implement [`Cryptography`](src/main/kotlin/cryptography/Cryptography.kt) for your platform and `initialize` a [`Handshake`](src/main/kotlin/Handshake.kt).

## Design decisions

- Provide pure functions only, never a callback, leaving effect handling to the user.

    - Consequence: users must provide any generated keys upfront. Not yet sure if this will work for all situations.

- Support only Curve25519, ChaCha20-Poly1305, and SHA-256 to reduce the need to choose and since these are available on most platforms.

    - Consequence: it should be easy to use with [Kotlin Multiplatform](https://kotlinlang.org/docs/multiplatform.html).

- Use only Kotlin types and functions, and nothing directly from Java SE or libraries.

    - Consequence: all cryptographic function dependency implementation is behind an interface, which users need to implement using native platform functions.

- Do not include particular masking, encryption, or zeroization functionality for sensitive data, to avoid disproportional complexity.

    - Consequence: run with sufficiently protected volatile memory and protect heap dump data from unauthorized access.

## Test vectors

[Test vectors](https://github.com/noiseprotocol/noise_wiki/wiki/Test-vectors) are used from:

- [snow.txt](src/test/resources/vectors/snow.txt) from [mcginty/snow](https://github.com/mcginty/snow/blob/375ba067b54f09ecaaa4211f9dd48fdc7f43fa50/tests/vectors/snow.txt)

## Related resources

- [License](LICENSE.md)

- [Security policy](SECURITY.md)