[−][src]Module solana_libra_crypto::x25519

An implementation of x25519 elliptic curve key pairs required for Diffie-Hellman key exchange in the Libra project.

This is an API for Elliptic Curves for Security - RFC 7748 and it only deals with long-term key generation and handling.

Warning: This API will soon be updated in the [nextgen] module.

Examples

use crypto::x25519::{
    derive_keypair_from_seed, generate_keypair, generate_keypair_from_rng,
    generate_keypair_hybrid,
};
use rand::{rngs::StdRng, SeedableRng};

// Derive an X25519 from seed using the extract-then-expand HKDF method from RFC 5869.
let salt = &b"some salt"[..];
// In production, ensure seed has at least 256 bits of entropy.
let seed = [5u8; 32]; // seed is denoted as IKM in HKDF RFC 5869.
let info = &b"some app info"[..];

let (private_key1, public_key1) = derive_keypair_from_seed(Some(salt), &seed, Some(info));
let (private_key2, public_key2) = derive_keypair_from_seed(Some(salt), &seed, Some(info));
assert_eq!(public_key1, public_key2);

// Generate a random X25519 key pair.
let (private_key, public_key) = generate_keypair();

// Generate an X25519 key pair from an RNG (in this example a SeedableRng).
let seed = [1u8; 32];
let mut rng: StdRng = SeedableRng::from_seed(seed);
let (private_key, public_key) = generate_keypair_from_rng(&mut rng);

// Generate an X25519 key pair from an RNG and a user-provided seed.
let salt = &b"some salt"[..];
// In production, ensure seed has at least 256 bits of entropy.
let seed = [5u8; 32]; // seed is denoted as IKM in HKDF RFC 5869.
let info = &b"some app info"[..];
let (private_key1, public_key1) = generate_keypair_hybrid(Some(salt), &seed, Some(info));
let (private_key2, public_key2) = generate_keypair_hybrid(Some(salt), &seed, Some(info));
assert_ne!(public_key1, public_key2);

Structs

X25519PrivateKey	An x25519 private key.
X25519PublicKey	An x25519 public key.

Functions

derive_keypair_from_seed	Derives a keypair `(X25519PrivateKey, X25519PublicKey)` from a) salt (optional) - denoted as 'salt' in RFC 5869 b) seed - denoted as 'IKM' in RFC 5869 c) application info (optional) - denoted as 'info' in RFC 5869
generate_and_encode_keypair	Generates a random keypair `(X25519PrivateKey, X25519PublicKey)` and returns string representations tuple:
generate_keypair	Generates a random key-pair `(X25519PrivateKey, X25519PublicKey)`.
generate_keypair_for_testing	Generates a consistent keypair `(X25519PrivateKey, X25519PublicKey)` for unit tests.
generate_keypair_from_rng	Generates a keypair `(X25519PrivateKey, X25519PublicKey)` based on an RNG.
generate_keypair_hybrid	Generates a random keypair `(PrivateKey, PublicKey)` by combining the output of `EntropyRng` with a user-provided seed. This concatenated seed is used as the seed to HKDF (RFC 5869).