Version: 0.2.25

X25519

Curve25519 key agreement (RFC 7748). Header: pkc/x25519/noxtls_x25519.h.

Algorithm overview

X25519 is an elliptic-curve Diffie-Hellman (ECDH) scheme over Curve25519. Two peers exchange public keys and independently compute the same shared secret, which is then fed into a KDF to derive symmetric session keys.

Pros and cons

Pros

Fast and widely deployed (especially in TLS 1.3).
Good security/performance balance at ~128-bit strength.
Simple key format and robust design choices reduce implementation pitfalls.

Cons

Provides key agreement only (not signatures or identity by itself).
Lower security margin than X448/Ed448 families.
Requires additional protocol steps (KDF + authentication) for complete secure channels.

When to use

Default ECDHE choice for modern protocols and constrained/server workloads.
Preferred when compatibility and performance matter most.
Pair with certificate/PSK authentication and a strong KDF for production use.

Constants

NOXTLS_X25519_KEY_SIZE = 32

API

`noxtls_x25519_clamp_scalar`

void noxtls_x25519_clamp_scalar(uint8_t k[32]);

Clamp X25519 private scalar in place.

`noxtls_x25519_public_key`

noxtls_return_t noxtls_x25519_public_key(const uint8_t private_key[32], uint8_t public_key[32]);

Derive public key from private key.

`noxtls_x25519_shared_secret`

noxtls_return_t noxtls_x25519_shared_secret(const uint8_t private_key[32],
                                            const uint8_t peer_public_key[32],
                                            uint8_t shared_secret[32]);

Compute shared secret with peer public key.

`noxtls_x25519_generate_key`

noxtls_return_t noxtls_x25519_generate_key(uint8_t private_key[32], uint8_t public_key[32]);

Generate X25519 private/public key pair.

Algorithm overview​

Pros and cons​

When to use​

Constants​

API​

noxtls_x25519_clamp_scalar​

noxtls_x25519_public_key​

noxtls_x25519_shared_secret​

noxtls_x25519_generate_key​