Expose ed25519 curve operations

This allows to for example implement ECDH on the ed25519 curve.
jedisct1 · Feb 9, 2023 · 434fb21 · 434fb21
1 parent cf1a0c0
commit 434fb21
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 5 deletions.
diff --git a/src/common.rs b/src/common.rs
@@ -3,6 +3,7 @@ use core::ptr;
 use core::sync::atomic;
 
 use super::error::Error;
+use super::{sha512, KeyPair};
 
 /// A seed, which a key pair can be derived from.
 #[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
@@ -33,6 +34,14 @@ impl Seed {
         Ok(Seed::new(seed_))
     }
 
+    /// Get the scalar value of the seed.
+    pub fn scalar(&self) -> [u8; 32] {
+        let hash_output = sha512::Hash::hash(&self[..]);
+        let (scalar, _) = KeyPair::split(&hash_output, false, true);
+
+        scalar
+    }
+
     /// Tentatively overwrite the content of the seed with zeros.
     pub fn wipe(self) {
         Mem::wipe(self.0)

diff --git a/src/ed25519.rs b/src/ed25519.rs
@@ -397,10 +397,7 @@ impl KeyPair {
         if seed.iter().fold(0, |acc, x| acc | x) == 0 {
             panic!("All-zero seed");
         }
-        let (scalar, _) = {
-            let hash_output = sha512::Hash::hash(&seed[..]);
-            KeyPair::split(&hash_output, false, true)
-        };
+        let scalar = seed.scalar();
         let pk = ge_scalarmult_base(&scalar).to_bytes();
         let mut sk = [0u8; 64];
         sk[0..32].copy_from_slice(&*seed);

diff --git a/src/lib.rs b/src/lib.rs
@@ -114,7 +114,7 @@ pub use crate::error::*;
 #[cfg(not(feature = "disable-signatures"))]
 mod ed25519;
 #[cfg(not(feature = "disable-signatures"))]
-mod edwards25519;
+pub mod edwards25519;
 
 #[cfg(not(feature = "disable-signatures"))]
 pub use crate::ed25519::*;