Available on crate features
alloc and secure-channel only.Expand description
Secure Channel — Annex D.
§Spec: Annex D
Three layers:
crypto— primitives: AES-128, key derivation, cryptograms.mac— CBC-MAC with the S-MAC1/S-MAC2 swap on the final block.session— type-state machine wrapping the above into a usable API.
Padding is described in pad. The full handshake is rendered in
handshake.
Re-exports§
pub use frame::Direction;pub use frame::seal;pub use frame::unseal;pub use session::Challenged;pub use session::Cryptogrammed;pub use session::Disconnected;pub use session::Secure;pub use session::Session;
Modules§
- cipher
- AES-128-CBC encryption / decryption of
SCS_17/SCS_18DATA payloads. - crypto
- AES-128 primitives, key derivation, cryptograms.
- frame
- Helpers for constructing and parsing fully-secured frames.
- handshake
- Annex D.4 secure-channel handshake.
- mac
- CBC-MAC with rolling ICV and the S-MAC1/S-MAC2 swap on the final block.
- pad
- 0x80-padding rules used by the secure channel.
- session
- Type-state secure-channel state machine.
Constants§
- SCBK_D
- Default install key (
SCBK-D): bytes0x30..=0x3F.