Expand description
Key Agreement: ECDH, including X25519.
Example
Note that this example uses X25519, but ECDH using NIST P-256/P-384 is done
exactly the same way, just substituting
agreement::ECDH_P256/agreement::ECDH_P384 for agreement::X25519.
use ring::{agreement, rand};
let rng = rand::SystemRandom::new();
let my_private_key = agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;
// Make `my_public_key` a byte slice containing my public key. In a real
// application, this would be sent to the peer in an encoded protocol
// message.
let my_public_key = my_private_key.compute_public_key()?;
let peer_public_key = {
// In a real application, the peer public key would be parsed out of a
// protocol message. Here we just generate one.
let peer_public_key = {
let peer_private_key =
agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;
peer_private_key.compute_public_key()?
};
agreement::UnparsedPublicKey::new(&agreement::X25519, peer_public_key)
};
agreement::agree_ephemeral(
my_private_key,
&peer_public_key,
ring::error::Unspecified,
|_key_material| {
// In a real application, we'd apply a KDF to the key material and the
// public keys (as recommended in RFC 7748) and then derive session
// keys from the result. We omit all that here.
Ok(())
},
)?;
Structs
A key agreement algorithm.
An ephemeral private key for use (only) with
agree_ephemeral. The
signature of agree_ephemeral ensures that an EphemeralPrivateKey can be
used for at most one key agreement.A public key for key agreement.
An unparsed, possibly malformed, public key for key agreement.
Statics
ECDH using the NSA Suite B
P-256 (secp256r1)
curve.
ECDH using the NSA Suite B
P-384 (secp384r1)
curve.
Functions
Performs a key agreement with an ephemeral private key and the given public
key.