Struct FormationKey 

pub struct FormationKey { /* private fields */ }

Formation key for shared secret authentication

All nodes in a formation share this key. Used for challenge-response authentication during connection establishment.

Implementations

impl FormationKey

pub fn new(formation_id: &str, shared_secret: &[u8; 32]) -> Self

Create a new formation key from a shared secret

The key is derived using HKDF-SHA256 with the formation ID as context, ensuring different formations have different derived keys even with the same base secret.

pub fn from_base64( formation_id: &str, base64_secret: &str, ) -> Result<Self, SecurityError>

Create a formation key from a base64-encoded shared secret

Key Derivation

• If the decoded secret is exactly 32 bytes, it’s used directly
• Otherwise, SHA-256 is used to derive a 32-byte key from the input

pub fn generate_secret() -> String

Generate a random 32-byte shared secret (for initial setup)

Returns base64-encoded 32-byte random secret.

pub fn formation_id(&self) -> &str

Get the formation ID

pub fn create_challenge(&self) -> ([u8; 32], [u8; 32])

Create a challenge for the peer to respond to

Returns tuple of (nonce, expected_response).

pub fn respond_to_challenge(&self, nonce: &[u8]) -> [u8; 32]

Respond to a challenge from a peer

pub fn verify_response(&self, nonce: &[u8], response: &[u8; 32]) -> bool

Verify a peer’s response to our challenge

Trait Implementations

impl Clone for FormationKey

fn clone(&self) -> FormationKey

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for FormationKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.