Expand description
Crate zerodds-security-keyexchange. Safety classification: SAFE (a thin wrapper around ring::agreement + ring::hkdf).
X25519 / P-256 ephemeral Diffie-Hellman for the DDS-Security 1.1 authentication handshake (spec §8.3.2).
§Layer position
Layer 4 — Core Services. Consumed by zerodds-security-pki.
§Purpose
The Authentication handshake (spec §8.3.2) needs a
SharedSecret at the end. The usual way is ephemeral DH: each side
generates a temporary key pair, exchanges the public keys,
and derives the shared secret from x25519(priv, remote_pub).
HKDF-SHA256 pulls a 32-byte key from it.
§API
use zerodds_security_keyexchange::KeyExchange;
// Both sides generate ephemerals.
let alice = KeyExchange::new().expect("alice");
let bob = KeyExchange::new().expect("bob");
// Exchange public keys (via the SPDP handshake token).
let a_pub = alice.public_key().to_vec();
let b_pub = bob.public_key().to_vec();
// Each side derives the same 32-byte SharedSecret.
let s1 = alice.derive_shared_secret(&b_pub).expect("alice derive");
let s2 = bob.derive_shared_secret(&a_pub).expect("bob derive");
assert_eq!(s1, s2);§Public API (as of 1.0.0-rc.1)
KeyExchange+KxSuite::X25519/KxSuite::EcdhP256— ephemeral-DH roundtrip with deterministic SharedSecret derivation.
§Non-goals
RSA-OAEP key transport (spec §8.3.2.11 as an optional alternative for
legacy vendors without ECDH/X25519) is explicitly not in RC1: all
relevant vendors (Cyclone DDS, FastDDS, RTI Connext) speak
ECDH or X25519, and ring 0.17 exposes no RSA encrypt API.
If a concrete legacy use case appears, the path via
the rsa crate is reintroduced as a major-2.0 additive extension.
Structs§
- KeyExchange
- Ephemeral DH key pair for a single handshake.
Enums§
- KxSuite
- DH suite selection.