Monocypher

Boring crypto that simply works
CRYPTO_FROM_EDDSA_PRIVATE(3MONOCYPHER) 3MONOCYPHER CRYPTO_FROM_EDDSA_PRIVATE(3MONOCYPHER)

NAME

conversion of key pairs for EdDSA with BLAKE2b to X25519 key pairs #include <monocypher.h>
void
crypto_from_eddsa_private(uint8_t x25519[32], const uint8_t eddsa[32]);
void
crypto_from_eddsa_public(uint8_t x25519[32], const uint8_t eddsa[32]);

DESCRIPTION

These functions convert keys for use with crypto_sign() (EdDSA with the BLAKE2b hash function) to keys for use with crypto_key_exchange() and crypto_x25519(). This may be useful in some resource-constrained contexts or when no other key is available (for example, when retrieving SSH public keys from GitHub and reusing the SSH public keys as X25519 public keys).
The crypto_from_eddsa_private() function converts an EdDSA (with BLAKE2b) private key to an X25519 private key. The crypto_from_eddsa_public() function converts an EdDSA public key to an X25519 public key.
X25519 key pairs cannot be converted back to EdDSA key pairs. The conversion of private keys is specific to EdDSA with BLAKE2b because of the way EdDSA works. In particular, this means that the output of crypto_from_eddsa_private() differs from crypto_from_ed25519_private() in the optional code. However, the output of crypto_from_eddsa_public() is identical to crypto_from_ed25519_public().
The arguments are:
eddsa
The signing public key or private key to convert to a X25519 public key or private key, respectively.
x25519
The converted private key or public key.
The arguments may overlap or point at the same buffer.

RETURN VALUES

These functions return nothing. They cannot fail.

SEE ALSO

crypto_key_exchange_public_key(), crypto_sign_public_key(), intro()

HISTORY

The crypto_from_eddsa_private() and crypto_from_eddsa_public() functions first appeared in Monocypher 3.1.0.

SECURITY CONSIDERATIONS

It is generally considered poor form to reuse the same key for different purposes. While this conversion is technically safe, avoid these functions nonetheless unless you are particularly resource-constrained or have some other kind of hard requirement. It is otherwise an unnecessary risk factor.
March 25, 2020 Linux 4.15.0-118-generic