Archives
/
distant
mirror of https://github.com/chipsenkbeil/distant
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
feat/RusshSupport
master
unused/TracingSupport
refactor/UseArrayForRequestResponse
latest
v0.1.0
v0.10.0
v0.10.1
v0.11.0
v0.12.0
v0.13.0
v0.13.1
v0.14.0
v0.14.1
v0.14.2
v0.15.0
v0.15.0-alpha.1
v0.15.0-alpha.10
v0.15.0-alpha.11
v0.15.0-alpha.12
v0.15.0-alpha.13
v0.15.0-alpha.14
v0.15.0-alpha.15
v0.15.0-alpha.16
v0.15.0-alpha.17
v0.15.0-alpha.18
v0.15.0-alpha.19
v0.15.0-alpha.2
v0.15.0-alpha.20
v0.15.0-alpha.21
v0.15.0-alpha.22
v0.15.0-alpha.3
v0.15.0-alpha.4
v0.15.0-alpha.5
v0.15.0-alpha.6
v0.15.0-alpha.7
v0.15.0-alpha.8
v0.15.0-alpha.9
v0.15.0-snapshot
v0.15.1
v0.16.0
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.1
v0.17.2
v0.17.3
v0.17.4
v0.17.5
v0.17.6
v0.18.0
v0.19.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.20.0
v0.20.0-alpha.1
v0.20.0-alpha.10
v0.20.0-alpha.11
v0.20.0-alpha.12
v0.20.0-alpha.13
v0.20.0-alpha.2
v0.20.0-alpha.3
v0.20.0-alpha.4
v0.20.0-alpha.5
v0.20.0-alpha.6
v0.20.0-alpha.7
v0.20.0-alpha.8
v0.20.0-alpha.9
v0.3.0
v0.3.1
v0.3.2
v0.4.0
v0.5.0
v0.6.0
v0.7.0
v0.7.1
v0.8.0
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c88f96baba'
${ noResults }
distant/distant-core-net/src/common/transport/framed/exchange.rs

71 lines
2.0 KiB
Rust
Raw Blame History

use std::convert::TryFrom;
use std::io;
use p256::ecdh::EphemeralSecret;
use p256::PublicKey;
use rand::rngs::OsRng;
use sha2::Sha256;
use crate::common::SecretKey32;
mod pkb;
pub use pkb::PublicKeyBytes;
mod salt;
pub use salt::Salt;
/// Utility to support performing an exchange of public keys and salts in order to derive a shared
/// key between two separate entities
pub struct KeyExchange {
secret: EphemeralSecret,
salt: Salt,
}
impl Default for KeyExchange {
// Create a new handshake instance with a secret and salt
fn default() -> Self {
let secret = EphemeralSecret::random(&mut OsRng);
let salt = Salt::random();
Self { secret, salt }
}
}
impl KeyExchange {
// Return encoded bytes of public key
pub fn pk_bytes(&self) -> PublicKeyBytes {
PublicKeyBytes::from(self.secret.public_key())
}
// Return the salt contained by this handshake
pub fn salt(&self) -> &Salt {
&self.salt
}
/// Derives a shared secret using another key exchange's public key and salt
pub fn derive_shared_secret(
&self,
public_key: PublicKeyBytes,
salt: Salt,
) -> io::Result<SecretKey32> {
// Decode the public key of the other side
let decoded_public_key = PublicKey::try_from(public_key)?;
// Produce a salt that is consistent with what the other side will do
let shared_salt = self.salt ^ salt;
// Acquire the shared secret
let shared_secret = self.secret.diffie_hellman(&decoded_public_key);
// Extract entropy from the shared secret for use in producing a key
let hkdf = shared_secret.extract::<Sha256>(Some(shared_salt.as_ref()));
// Derive a shared key (32 bytes)
let mut shared_key = [0u8; 32];
match hkdf.expand(&[], &mut shared_key) {
Ok(_) => Ok(SecretKey32::from(shared_key)),
Err(x) => Err(io::Error::new(io::ErrorKind::InvalidData, x.to_string())),
}
}
}
Reference in New Issue View Git Blame Copy Permalink