ddn.crypto.kex.x25519

ECDH / X25519 Implementation (RFC 7748).

Constant-Time Implementation: This module uses the Montgomery

ladder algorithm which provides constant-time execution pattern. The conditional swaps use a branch-based implementation; for maximum side-channel resistance, consider additional countermeasures.

class X25519

Types 1

classX25519 : KeyAgreement

X25519 Key Agreement (ECDH over Curve25519).

Fields

private ubyte[32] _secret

private bool _initialized

private BigInt P

private BigInt A24

Methods

void init(PrivateKey privateKey)

ubyte[] calculateSecret(PublicKey publicKey)

ubyte[] x25519(const(ubyte)[] k, const(ubyte)[] u)Calculates X25519(k, u).

private BigInt decodeLittleEndian(const(ubyte)[] b)

private ubyte[] encodeLittleEndian(BigInt n)

private BigInt montgomeryLadder(BigInt k, BigInt u)Montgomery ladder scalar multiplication.

private void cswap(uint doSwap, ref BigInt a, ref BigInt b)Conditional swap for Montgomery ladder.

private BigInt modInverse(BigInt a, BigInt n)