Add curve25519_keypair/0 and curve25519_shared/2.

c_src/enacl_nif.c

@@ -79,6 +79,34 @@ ERL_NIF_TERM enif_crypto_verify_32(ErlNifEnv *env, int argc, ERL_NIF_TERM const
 	}
 }
 
+/* Curve 25519 */
+static
+ERL_NIF_TERM enif_crypto_curve25519_scalarmult(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
+	ErlNifBinary secret, basepoint, output;
+	uint8_t bp[crypto_scalarmult_curve25519_BYTES];
+
+	if ((argc != 2) || (!enif_inspect_binary(env, argv[0], &secret))
+			|| (!enif_inspect_binary(env, argv[1], &basepoint))
+			|| (secret.size != crypto_scalarmult_curve25519_BYTES)
+			|| (basepoint.size != crypto_scalarmult_curve25519_BYTES)) {
+		return enif_make_badarg(env);
+	}
+
+	memcpy(bp, basepoint.data, crypto_scalarmult_curve25519_BYTES);
+
+	/* Clear the high-bit. Better safe than sorry. */
+	bp[31] &= 0x7f;
+
+	if (!enif_alloc_binary(crypto_scalarmult_curve25519_BYTES, &output)) {
+		return nacl_error_tuple(env, "alloc_failed");
+	}
+
+	if (crypto_scalarmult_curve25519(output.data, secret.data, bp) < 0) {
+		return nacl_error_tuple(env, "scalarmult_curve25519_failed");
+	}
+
+	return enif_make_binary(env, &output);
+}
 
 /* Public-key cryptography */
 static
@@ -806,7 +834,9 @@ static ErlNifFunc nif_funcs[] = {
 	{"crypto_hash", 1, enif_crypto_hash, ERL_NIF_DIRTY_JOB_CPU_BOUND},
 	{"crypto_verify_16", 2, enif_crypto_verify_16},
 	{"crypto_verify_32", 2, enif_crypto_verify_32},
-	
+
+	{"crypto_curve25519_scalarmult", 2, enif_crypto_curve25519_scalarmult},
+
 	{"randombytes_b", 1, enif_randombytes},
 	{"randombytes", 1, enif_randombytes, ERL_NIF_DIRTY_JOB_CPU_BOUND},
 	

src/enacl.erl

@@ -67,6 +67,12 @@
 	verify_32/2
 ]).
 
+%% Curve25519
+-export([
+	curve25519_keypair/0,
+	curve25519_shared/2
+]).
+
 %% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl
 -export([
 	randombytes/1
@@ -168,6 +174,26 @@ verify_16(_, _) -> error(badarg).
 verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y);
 verify_32(_, _) -> error(badarg).
 
+%% Curve 25519 Crypto
+%% ------------------
+%% @doc curve25519_keypair/0 creates a new Public/Secret keypair.
+%%
+%% Generates and returns a new key pair for the Curve 25519 encryption scheme. The return value is a
+%% map in order to avoid using the public key as a secret key and vice versa.
+%% @end.
+-spec curve25519_keypair() -> #{ atom() => binary() }.
+curve25519_keypair() ->
+	<<B0:8/integer, B1:30/binary, B2:8/integer>> = randombytes(32),
+	SK = <<(B0 band 248), B1/binary, (64 bor (B2 band 127))>>,
+	PK = enacl_nif:crypto_curve25519_scalarmult(SK, <<9, 0:248>>),
+	#{ public => PK, secret => SK }.
+
+%% @doc curve25519_shared/2 creates a new shared secret from a given SecretKey and PublicKey.
+%% @end.
+-spec curve25519_shared(SecretKey :: binary(), PublicKey :: binary()) -> binary().
+curve25519_shared(SecretKey, PublicKey) ->
+	enacl_nif:crypto_curve25519_scalarmult(SecretKey, PublicKey).
+
 %% Public Key Crypto
 %% ---------------------
 %% @doc box_keypair/0 creates a new Public/Secret keypair.

src/enacl_nif.erl

@@ -71,6 +71,11 @@
 	crypto_onetimeauth_verify_b/3
 ]).
 
+%% Curve25519
+-export([
+	crypto_curve25519_scalarmult/2
+]).
+
 %% Miscellaneous helper functions
 -export([
 	crypto_hash/1,
@@ -161,6 +166,8 @@ crypto_onetimeauth_b(_Msg, _Key) -> erlang:nif_error(nif_not_loaded).
 crypto_onetimeauth_verify(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded).
 crypto_onetimeauth_verify_b(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_not_loaded).
 
+crypto_curve25519_scalarmult(_Secret, _BasePoint) -> erlang:nif_error(nif_not_loaded).
+
 crypto_hash(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded).
 crypto_hash_b(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded).
 crypto_verify_16(_X, _Y) -> erlang:nif_error(nif_not_loaded).