Hydrogen

HydroKX

This module contains functions for key exchange.

It has not been tested very well (contributions very welcome!), and as of now I’d recommend against using it. It was published for user testing purposes, but this should not be taken as an endorsement to use it.

keygen

defn

(Fn [] HydroKXKeyPair)

                    (keygen)

generates a key for use in key exchange procedures.

kk-1

defn

(Fn [(Ref HydroKXKeyPair a), HydroKXKeyPair] (Maybe (Pair HydroKXState (Array Byte))))

                    (kk-1 skp ckp)

s called by a client initiating a connection. It initializes the state, computes an ephemeral key pair, and creates the first packet to send to the server.

If all goes well, it returns a pair of (state, packet1).

kk-2

defn

(Fn [HydroKXKeyPair, (Ref HydroKXKeyPair a), (Array Byte)] (Maybe (Array (Array Byte))))

                    (kk-2 skp ckp p)

has to be called by the server after a client request has been received. It validates the request, computes an ephemeral key pair and creates the packet to send to the client.

If all goes well, it returns [packet2, tx, `rx].

kk-3

defn

(Fn [HydroKXState, (Array Byte), HydroKXKeyPair] (Maybe (Pair (Array Byte) (Array Byte))))

                    (kk-3 st p2 kp)

has to be called by the client after having received the packet from the server. It validates the packet and computes the shared session key.

If all goes well, it returns a pair of (tx, rx).

n-1

defn

(Fn [(Ref HydroKXKeyPair a)] (Maybe (Array (Array Byte))))

                    (n-1 kp)

generates session keys and a packet with an ephemeral public key to send to the server.

If all goes well, it returns [packet1, tx, rx].

n-2

defn

(Fn [HydroKXKeyPair, (Ptr Byte)] (Maybe (Pair (Array Byte) (Array Byte))))

                    (n-2 kp p)

process the initial request from the client, and computes the session keys.

If all goes well, it returns a pair of (tx, rx).

xx-1

defn

(Fn [] (Maybe (Pair HydroKXState (Array Byte))))

                    (xx-1)

s called by a client initiating a connection. It initializes the state, computes an ephemeral key pair, and creates the first packet to send to the server.

If all goes well, it returns a pair of (state, packet1).

xx-2

defn

(Fn [HydroKXKeyPair, (Array Byte)] (Maybe (Pair HydroKXState (Array Byte))))

                    (xx-2 skp p)

has to be called by the server after a client request has been received. It validates the request, and creates the packet to send to the client.

If all goes well, it returns (state, packet2).

xx-3

defn

(Fn [HydroKXState, (Array Byte), HydroKXKeyPair] (Maybe (Array (Array Byte))))

                    (xx-3 st p2 kp)

has to be called by the client after having received the packet from the server. It validates the packet, creates another packet for the server, and computes the shared session key.

If all goes well, it returns [packet3, tx, rx].

xx-4

defn

(Fn [HydroKXState, (Array Byte)] (Maybe (Pair (Array Byte) (Array Byte))))

                    (xx-4 st p3)

has to be called by the server after having received the final packet from the client. It validates the packet, and computes the shared session key.

If all goes well, it returns a pair of (tx, rx).