Module dryoc::kx

source ·
Expand description

Key exchange functions

Session implements libsodium’s key exchange functions, which use a combination of Curve25519, Diffie-Hellman, and Blake2b to generate shared session keys between two parties who know each other’s public keys.

You should use Session when you want to:

  • derive shared secrets between two parties
  • use public-key cryptography, but do so with another cipher that only supports pre-shared secrets
  • create a session key or token that can’t be used to derive the original inputs should it become compromised

Rustaceous API example

use dryoc::kx::*;

// Generate random client/server keypairs
let client_keypair = KeyPair::gen();
let server_keypair = KeyPair::gen();

// Compute client session keys, into default stack-allocated byte array
let client_session_keys =
    Session::new_client_with_defaults(&client_keypair, &server_keypair.public_key)
        .expect("compute client failed");

// Compute server session keys, into default stack-allocated byte array
let server_session_keys =
    Session::new_server_with_defaults(&server_keypair, &client_keypair.public_key)
        .expect("compute client failed");

let (client_rx, client_tx) = client_session_keys.into_parts();
let (server_rx, server_tx) = server_session_keys.into_parts();

// Client Rx should match server Tx keys
assert_eq!(client_rx, server_tx);
// Client Tx should match server Rx keys
assert_eq!(client_tx, server_rx);

Additional resources

Modules

protectednightly
Protected memory type aliases for Session

Structs

Key derivation implemantation based on Curve25519, Diffie-Hellman, and Blake2b. Compatible with libsodium’s crypto_kx_* functions.

Type Definitions

Stack-allocated keypair type alias
Stack-allocated public key type alias
Stack-allocated secret key type alias
Stack-allocated session key type alias
Stack-allocated type alias for Session. Provided for convenience.