diff --git a/xed25519.cpp b/xed25519.cpp
index 8ba19531..fcab71d0 100644
--- a/xed25519.cpp
+++ b/xed25519.cpp
@@ -20,6 +20,12 @@ x25519::x25519(const byte y[32], const byte x[32])
std::memcpy(m_sk, x, 32);
}
+x25519::x25519(const byte x[32])
+{
+ std::memcpy(m_sk, x, 32);
+ GeneratePublicKey(NullRNG(), m_sk, m_pk);
+}
+
x25519::x25519(const Integer &y, const Integer &x)
{
ArraySink ys(m_pk, 32);
@@ -29,6 +35,13 @@ x25519::x25519(const Integer &y, const Integer &x)
x.Encode(xs, 32);
}
+x25519::x25519(const Integer &x)
+{
+ ArraySink xs(m_sk, 32);
+ x.Encode(xs, 32);
+ GeneratePublicKey(NullRNG(), m_sk, m_pk);
+}
+
x25519::x25519(RandomNumberGenerator &rng)
{
GeneratePrivateKey(rng, m_sk);
diff --git a/xed25519.h b/xed25519.h
index 3d6442fa..18913489 100644
--- a/xed25519.h
+++ b/xed25519.h
@@ -2,31 +2,76 @@
// Crypto++ specific implementation wrapped around Adam
// Langley's curve25519-donna.
+// Typically the key agreement classes encapsulate their data more
+// than x25519 does below. We made them a little more accessible
+// due to crypto_box operations. Once the library cuts-in the
+// crypto_box operations the x25519 class will be more restricted.
+
#ifndef CRYPTOPP_XED25519_H
#define CRYPTOPP_XED25519_H
#include "cryptlib.h"
-#include "algparam.h"
NAMESPACE_BEGIN(CryptoPP)
class Integer;
/// \brief x25519 with key validation
+/// \since Crypto++ 8.0
class x25519 : public SimpleKeyAgreementDomain, public CryptoParameters
{
public:
+ /// \brief Create a x25519 object
+ /// \param y public key
+ /// \param x private key
+ /// \details This constructor creates a x25519 object using existing parameters.
+ /// \note The public key is not validated.
x25519(const byte y[32], const byte x[32]);
+
+ /// \brief Create a x25519 object
+ /// \param x private key
+ /// \details This constructor creates a x25519 object using existing parameters.
+ /// The public key is calculated from the private key.
+ x25519(const byte x[32]);
+
+ /// \brief Create a x25519 object
+ /// \param y public key
+ /// \param x private key
+ /// \details This constructor creates a x25519 object using existing parameters.
+ /// \note The public key is not validated.
x25519(const Integer &y, const Integer &x);
+
+ /// \brief Create a x25519 object
+ /// \param x private key
+ /// \details This constructor creates a x25519 object using existing parameters.
+ /// The public key is calculated from the private key.
+ x25519(const Integer &x);
+
+ /// \brief Create a x25519 object
+ /// \param rng RandomNumberGenerator derived class
+ /// \details This constructor creates a new x25519 using the random number generator.
x25519(RandomNumberGenerator &rng);
+
+ /// \brief Create a x25519 object
+ /// \param params public and private key
+ /// \param y private key
+ /// \details This constructor creates a x25519 object using existing parameters.
+ /// The params can be created with DEREncode.
+ /// \note The public key is not validated.
x25519(BufferedTransformation ¶ms);
+ /// \brief Decode a x25519 object
+ /// \param params serialized object
+ /// \details DEREncode() writes the public and private key as an ASN.1 structure.
+ /// The private key is written first as a BIT_STRING. The public key
+ /// is written second as an OCTET_STRING.
void DEREncode(BufferedTransformation ¶ms) const;
bool Validate(RandomNumberGenerator &rng, unsigned int level) const;
bool GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const;
void AssignFrom(const NameValuePairs &source);
CryptoParameters & AccessCryptoParameters() {return *this;}
+
unsigned int AgreedValueLength() const {return 32;}
unsigned int PrivateKeyLength() const {return 32;}
unsigned int PublicKeyLength() const {return 32;}