Developers using the embeddable service might find it useful to be able to derive the public key from a given private key.
There was no apparent explanation for the bit setting/unsetting when generating a private key. The reading material should help developers understand the reasoning. Signed-off-by: Neutron <[email protected]> --- embeddable-dll-service/main.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/embeddable-dll-service/main.go b/embeddable-dll-service/main.go index b2e02fa4..a9b9dacd 100644 --- a/embeddable-dll-service/main.go +++ b/embeddable-dll-service/main.go @@ -53,10 +53,20 @@ func WireGuardGenerateKeypair(publicKey *byte, privateKey *byte) { if err != nil || n != len(privateKeyArray) { panic("Unable to generate random bytes") } + + // See https://www.jcraige.com/an-explainer-on-ed25519-clamping. privateKeyArray[0] &= 248 privateKeyArray[31] = (privateKeyArray[31] & 127) | 64 curve25519.ScalarBaseMult(publicKeyArray, privateKeyArray) } +//export WireGuardDerivePublicKeyFromPrivateKey +func WireGuardDerivePublicKeyFromPrivateKey(publicKey *byte, privateKey *byte) { + publicKeyArray := (*[32]byte)(unsafe.Pointer(publicKey)) + privateKeyArray := (*[32]byte)(unsafe.Pointer(privateKey)) + + curve25519.ScalarBaseMult(publicKeyArray, privateKeyArray) +} + func main() {} -- 2.32.0.windows.2
