Expand description
Key rotation functionality for Signal Protocol keys
Implements periodic rotation of signed pre-keys and Kyber pre-keys, plus consumption-based pre-key management following Signal Protocol security model.
Constants§
- GRACE_
PERIOD_ SECS - Grace period before deleting old keys (7 days in seconds)
- MIN_
PRE_ KEY_ COUNT - Minimum pre-key count before replenishment is triggered
- REPLENISH_
COUNT - Number of pre-keys to generate when replenishing
- ROTATION_
INTERVAL_ SECS - Key rotation interval (7 days in seconds)
Functions§
- cleanup_
expired_ kyber_ pre_ keys - Deletes Kyber pre-keys older than the grace period
- cleanup_
expired_ signed_ pre_ keys - Deletes signed pre-keys older than the grace period
- consume_
pre_ key - Consumes a pre-key and triggers replenishment if count falls below threshold
- kyber_
pre_ key_ needs_ rotation - Checks if the current Kyber pre-key needs rotation
- replenish_
pre_ keys - Generates and stores new batch of pre-keys
- rotate_
kyber_ pre_ key - Rotates the Kyber post-quantum pre-key by generating and storing a new one
- rotate_
signed_ pre_ key - Rotates the signed pre-key by generating and storing a new one
- signed_
pre_ key_ needs_ rotation - Checks if the current signed pre-key needs rotation