Expand description
Client API traits for the SecureDrop protocol.
This module defines the shared API surface for both source and journalist
clients. The Api trait provides common operations such as key fetching,
signature verification, and message submission. The JournalistApi trait
extends Api with journalist-specific operations like enrollment and
ephemeral key management.
§Trust model
Key verification follows a chain of trust:
- The FPF signing key is a trust anchor (pre-distributed out of band).
- The newsroom’s verifying key is signed by FPF. (This is not yet verified by
handle_journalist_key_response().) - Each journalist’s signing key is signed by the newsroom.
- Each journalist’s key bundles are self-signed.
Traits§
- Api
- Common client operations shared by sources and journalists.
- Journalist
Api - Journalist-specific API operations.