-
Notifications
You must be signed in to change notification settings - Fork 0
/
curve25519.go
49 lines (38 loc) · 1.28 KB
/
curve25519.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package x3dh
import (
"crypto/rand"
"io"
"golang.org/x/crypto/curve25519"
)
// Curve25519 is representation of X25519 curve.
type Curve25519 struct{}
// NewCurve25519 creates instance of X25519 curve.
func NewCurve25519() Curve25519 {
return Curve25519{}
}
// GenerateKey is used to generate private key on a given curve.
func (curve Curve25519) GenerateKey(reader io.Reader) (privateKey PrivateKey, err error) {
if reader == nil {
reader = rand.Reader
}
_, err = io.ReadFull(reader, privateKey[:])
if err != nil {
return
}
// see https://cr.yp.to/ecdh.html
privateKey[0] &= 248
privateKey[31] &= 127
privateKey[31] |= 64
return
}
// PublicKey given user's private key, computes (on curve) corresponding public key.
func (curve Curve25519) PublicKey(privateKey PrivateKey) (publicKey PublicKey) {
curve25519.ScalarBaseMult((*[PublicKeySize]byte)(&publicKey), (*[PrivateKeySize]byte)(&privateKey))
return
}
// ComputeSecret computes the shared secret using otherPublicKey as the other party's public key.
func (curve Curve25519) ComputeSecret(privateKey PrivateKey, otherPublicKey PublicKey) []byte {
var sharedSecret [PrivateKeySize]byte
curve25519.ScalarMult(&sharedSecret, (*[PrivateKeySize]byte)(&privateKey), (*[PublicKeySize]byte)(&otherPublicKey))
return sharedSecret[:]
}