aws_lc_rs::agreement

Function agree_ephemeral

Source
pub fn agree_ephemeral<B: AsRef<[u8]>, F, R, E>(
    my_private_key: EphemeralPrivateKey,
    peer_public_key: &UnparsedPublicKey<B>,
    error_value: E,
    kdf: F,
) -> Result<R, E>
where F: FnOnce(&[u8]) -> Result<R, E>,
Expand description

Performs a key agreement with an ephemeral private key and the given public key.

my_private_key is the ephemeral private key to use. Since it is moved, it will not be usable after calling agree_ephemeral, thus guaranteeing that the key is used for only one key agreement.

peer_public_key is the peer’s public key. agree_ephemeral will return Err(error_value) if it does not match my_private_key's algorithm/curve. agree_ephemeral verifies that it is encoded in the standard form for the algorithm and that the key is valid; see the algorithm’s documentation for details on how keys are to be encoded and what constitutes a valid key for that algorithm.

error_value is the value to return if an error occurs before kdf is called, e.g. when decoding of the peer’s public key fails or when the public key is otherwise invalid.

After the key agreement is done, agree_ephemeral calls kdf with the raw key material from the key agreement operation and then returns what kdf returns.

§Errors

error_value on internal failure.