diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-10-19 20:08:57 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-10-19 20:08:57 -0500 |
| commit | 08801cd1bacf08aa4d4a833ff235574f4da15a20 (patch) | |
| tree | 58e4d2202ddf196044a1b3d6387cbb1f12370603 /docs/hazmat/primitives | |
| parent | 86ae0e59011e3f10e7c41c5957276a4b1ecb4ac7 (diff) | |
| parent | 7a40209a64c800be1b964a0eded2ab1f40accf50 (diff) | |
| download | cryptography-08801cd1bacf08aa4d4a833ff235574f4da15a20.tar.gz cryptography-08801cd1bacf08aa4d4a833ff235574f4da15a20.tar.bz2 cryptography-08801cd1bacf08aa4d4a833ff235574f4da15a20.zip | |
Merge pull request #2427 from alex/ecdh
ECDH take 4
Diffstat (limited to 'docs/hazmat/primitives')
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/ec.rst | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index 7c67229c..e4df9b10 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -122,6 +122,32 @@ Elliptic Curve Signature Algorithms :returns: A new instance of a :class:`EllipticCurvePublicKey` provider. +Elliptic Curve Key Exchange algorithm +------------------------------------- + +.. class:: ECDH() + + .. versionadded:: 1.1 + + The Elliptic Curve Diffie-Hellman Key Exchange algorithm first standardized + in NIST publication `800-56A`_, and later in `800-56Ar2`_. + + For most applications the ``shared_key`` should be passed to a key + derivation function. + + .. doctest:: + + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.primitives.asymmetric import ec + >>> private_key = ec.generate_private_key( + ... ec.SECP384R1(), default_backend() + ... ) + >>> peer_public_key = ec.generate_private_key( + ... ec.SECP384R1(), default_backend() + ... ).public_key() + >>> shared_key = private_key.exchange(ec.ECDH(), peer_public_key) + + Elliptic Curves --------------- @@ -314,6 +340,22 @@ Key Interfaces :returns: :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext` + .. method:: exchange(algorithm, peer_public_key) + + Perform's a key exchange operation using the provided algorithm with + the peer's public key. + + For most applications the result should be passed to a key derivation + function. + + :param algorithm: The key exchange algorithm, currently only + :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDH` is + supported. + :param EllipticCurvePublicKey peer_public_key: The public key for the + peer. + + :returns bytes: A shared key. + .. method:: public_key() :return: :class:`EllipticCurvePublicKey` @@ -419,6 +461,8 @@ Key Interfaces .. _`FIPS 186-3`: http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf .. _`FIPS 186-4`: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf +.. _`800-56A`: http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf +.. _`800-56Ar2`: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf .. _`some concern`: https://crypto.stackexchange.com/questions/10263/should-we-trust-the-nist-recommended-ecc-parameters .. _`less than 224 bits`: http://www.ecrypt.eu.org/ecrypt2/documents/D.SPA.20.pdf .. _`elliptic curve diffie-hellman is faster than diffie-hellman`: http://digitalcommons.unl.edu/cgi/viewcontent.cgi?article=1100&context=cseconfwork |