ring

Module agreement

Source
Expand description

Key Agreement: ECDH, including X25519.

§Example

Note that this example uses X25519, but ECDH using NIST P-256/P-384 is done exactly the same way, just substituting agreement::ECDH_P256/agreement::ECDH_P384 for agreement::X25519.

use ring::{agreement, rand};

let rng = rand::SystemRandom::new();

let my_private_key = agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;

// Make `my_public_key` a byte slice containing my public key. In a real
// application, this would be sent to the peer in an encoded protocol
// message.
let my_public_key = my_private_key.compute_public_key()?;

let peer_public_key_bytes = {
    // In a real application, the peer public key would be parsed out of a
    // protocol message. Here we just generate one.
    let peer_private_key =
        agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;
    peer_private_key.compute_public_key()?
};

let peer_public_key = agreement::UnparsedPublicKey::new(
    &agreement::X25519,
    peer_public_key_bytes);

agreement::agree_ephemeral(
    my_private_key,
    &peer_public_key,
    |_key_material| {
        // In a real application, we'd apply a KDF to the key material and the
        // public keys (as recommended in RFC 7748) and then derive session
        // keys from the result. We omit all that here.
    },
)?;

Structs§

  • A key agreement algorithm.
  • An ephemeral private key for use (only) with agree_ephemeral. The signature of agree_ephemeral ensures that an EphemeralPrivateKey can be used for at most one key agreement.
  • A public key for key agreement.
  • An unparsed, possibly malformed, public key for key agreement.

Statics§

  • ECDH using the NSA Suite B P-256 (secp256r1) curve.
  • ECDH using the NSA Suite B P-384 (secp384r1) curve.
  • X25519 (ECDH using Curve25519) as described in RFC 7748.

Functions§

  • Performs a key agreement with an ephemeral private key and the given public key.