--- cvsroot/Crypt-Ed25519/Ed25519.pm 2017/02/28 19:53:08 1.13
+++ cvsroot/Crypt-Ed25519/Ed25519.pm 2021/08/11 23:02:08 1.14
@@ -39,6 +39,26 @@
# verify, but croak on failure
Crypt::Ed25519:eddsa_verify_croak $message, $pubkey, $signature;
+ ############################################
+ # Key exchange
+
+ # side A:
+ ($pubkey_a, $privkey_a) = Crypt::Ed25519::generate_keypair;
+ # send $pubkey to side B
+
+ # side B:
+ ($pubkey_b, $privkey_b) = Crypt::Ed25519::generate_keypair;
+ # send $pubkey to side A
+
+ # side A then calculates their shared secret:
+ $shared_secret = Crypt::Ed25519::key_exchange $pubkey_b, $privkey_a;
+
+ # and side B does this:
+ $shared_secret = Crypt::Ed25519::key_exchange $pubkey_a, $privkey_b;
+
+ # the generated $shared_secret will be the same - you cna now
+ # hash it with hkdf or something else to generate symmetric private keys
+
=head1 DESCRIPTION
This module implements Ed25519 public key generation, message signing and
@@ -76,7 +96,7 @@
package Crypt::Ed25519;
BEGIN {
- $VERSION = 1.04;
+ $VERSION = 1.05;
require XSLoader;
XSLoader::load Crypt::Ed25519::, $VERSION;
@@ -188,13 +208,29 @@
key to a public/private key pair allows you to sign a small message, or
many messages, faster.
+=head1 Key Exchange
+
+As an extension to Ed25519, this module implements a key exchange similar
+(But not identical) to Curve25519. For this, both sides generate a keypair
+and send their public key to the other side. Then both sides can generate
+the same shared secret using this function:
+
+=over
+
+=item $shared_secret = Crypt::Ed25519::key_exchange $other_public_key, $own_private_key
+
+Return the 32 octet shared secret generated from the given public and
+private key. See SYNOPSIS for an actual example.
+
+=back
+
=head1 SUPPORT FOR THE PERL MULTICORE SPECIFICATION
This module supports the perl multicore specification
-(L) for key generation (usually the
-slowest operation), and all signing and verification functions.
+(L) for all operations, although it
+makes most sense to use it when signing or verifying longer messages.
-=head1 IMPLEMENTATIOIN
+=head1 IMPLEMENTATION
This module currently uses "Nightcracker's Ed25519" implementation, which
is unmodified except for some portability fixes and static delcarations,
@@ -204,7 +240,7 @@
=head1 AUTHOR
Marc Lehmann
- http://sfotware.schmorp.de/pkg/Crypt-Ed25519.html
+ http://software.schmorp.de/pkg/Crypt-Ed25519.html
=cut