Skip to main content

Module key

devolutions_crypto

Module key 

Source
Expand description

Module for dealing with wrapped keys and key exchange.

§Generation/Derivation

Using generate_keypair will generate a random keypair.

Asymmetric keys have two uses. They can be used to encrypt and decrypt data and to perform a key exchange.

§generate_keypair
use devolutions_crypto::key::{generate_keypair, KeyVersion, KeyPair};

let keypair: KeyPair = generate_keypair(KeyVersion::Latest);

§Key Exchange

The goal of using a key exchange is to get a shared secret key between two parties without making it possible for users listening on the conversation to guess that shared key.

  1. Alice and Bob generates a KeyPair each.
  2. Alice and Bob exchanges their PublicKey.
  3. Alice mix her PrivateKey with Bob’s PublicKey. This gives her the shared key.
  4. Bob mixes his PrivateKey with Alice’s PublicKey. This gives him the shared key.
  5. Both Bob and Alice has the same shared key, which they can use for symmetric encryption for further communications.
use devolutions_crypto::key::{generate_keypair, mix_key_exchange, KeyVersion, KeyPair};

let bob_keypair: KeyPair = generate_keypair(KeyVersion::Latest);
let alice_keypair: KeyPair = generate_keypair(KeyVersion::Latest);

let bob_shared = mix_key_exchange(&bob_keypair.private_key, &alice_keypair.public_key).expect("key exchange should not fail");

let alice_shared = mix_key_exchange(&alice_keypair.private_key, &bob_keypair.public_key).expect("key exchange should not fail");

// They now have a shared secret!
assert_eq!(bob_shared, alice_shared);

Re-exports§

pub use super::KeyVersion;

Structs§

KeyPair
An asymmetric keypair.
PrivateKey
A private key. This key should never be sent over an insecure channel or stored unsecurely.
PublicKey
A public key. This key can be sent in clear on unsecured channels and stored publicly.
SecretKey
A secret key for symmetric encryption. Should never be sent over an insecure channel or stored unsecurely.

Functions§

generate_keypair
Generates a KeyPair to use in a key exchange or to encrypt data.
generate_secret_key
Generates a SecretKey for use with symmetric encryption.
mix_key_exchange
Mix a PrivateKey with another client PublicKey to get a secret shared between the two parties.