[crypto] Provide X25519 as a generic key exchange algorithm

Provide X25519 as a generic key exchange algorithm (independent of the
elliptic curve abstraction).

The existing RFC7748 test vectors are not structured in a way amenable
to treatment as a generic key exchange algorithm.  Retain these test
vectors unaltered for completeness, add the single "Alice/Bob" key
exchange example presented in RFC7748, and add a selection of test
vectors from Project Wycheproof (including some known edge cases).

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2026-06-05 15:07:33 +01:00
parent 5179c22cde
commit 4dc99fc040
4 changed files with 165 additions and 1 deletions
+43
View File
@@ -882,3 +882,46 @@ struct elliptic_curve x25519_curve = {
.multiply = x25519_curve_multiply,
.add = x25519_curve_add,
};
/**
* Calculate public key
*
* @v private Private key
* @v public Public key to fill in
*/
static void x25519_public ( const void *private, void *public ) {
/* Calculate public key */
x25519_key ( &x25519_generator, private, public );
}
/**
* Calculate shared secret
*
* @v private Private key
* @v partner Partner public key
* @v shared Shared secret to fill in
* @ret rc Return status code
*/
static int x25519_shared ( const void *private, const void *partner,
void *shared ) {
/* Calculate shared secret */
x25519_key ( partner, private, shared );
/* Check for point at infinity (all zeros as per RFC8422) */
if ( x25519_is_zero ( shared ) )
return -EPERM;
return 0;
}
/** X25519 key exchange algorithm */
struct exchange_algorithm x25519_algorithm = {
.name = "x25519",
.privsize = sizeof ( struct x25519_value ),
.pubsize = sizeof ( struct x25519_value ),
.sharedsize = sizeof ( struct x25519_value ),
.public = x25519_public,
.shared = x25519_shared,
};