# Ed25519 to X25519

## Purpose

[Ed25519](/digital-signatures.md) keys can be converted to [X25519](/key-exchange.md) keys. This should **ONLY** be done under either of the following circumstances:

* When you are forced to use the same key pair for key exchange and signing due to resource constraints (unlikely if using this library but possible on embedded devices).
* When you only have access to signing keys.

For example, you could retrieve someone's Ed25519 SSH public key from [GitHub](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account) and use it as an X25519 public key for key exchange to encrypt a file for them.

{% hint style="danger" %}
**It is bad practice to reuse the same key for different purposes**. Please generate separate Ed25519 and X25519 key pairs unless your circumstances match the above.
{% endhint %}

## Usage

### ComputeX25519PublicKey

Fills a span with the X25519 public key for a given Ed25519 public key.

```csharp
Ed25519.ComputeX25519PublicKey(Span<byte> x25519PublicKey, ReadOnlySpan<byte> ed25519PublicKey)
```

#### Exceptions

[ArgumentOutOfRangeException](https://docs.microsoft.com/en-us/dotnet/api/system.argumentoutofrangeexception)

`x25519PublicKey` has a length not equal to `X25519.PublicKeySize`.

[ArgumentOutOfRangeException](https://docs.microsoft.com/en-us/dotnet/api/system.argumentoutofrangeexception)

`ed25519PublicKey` has a length not equal to `Ed25519.PublicKeySize`.

[CryptographicException](https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptographicexception)

Error computing X25519 public key.

### ComputeX25519PrivateKey

Fills a span with the X25519 private key for a given Ed25519 private key.

```csharp
Ed25519.ComputeX25519PrivateKey(Span<byte> x25519PrivateKey, ReadOnlySpan<byte> ed25519PrivateKey)
```

#### Exceptions

[ArgumentOutOfRangeException](https://docs.microsoft.com/en-us/dotnet/api/system.argumentoutofrangeexception)

`x25519PrivateKey` has a length not equal to `X25519.PrivateKeySize`.

[ArgumentOutOfRangeException](https://docs.microsoft.com/en-us/dotnet/api/system.argumentoutofrangeexception)

`ed25519PrivateKey` has a length not equal to `Ed25519.PrivateKeySize`.

[CryptographicException](https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptographicexception)

Error computing X25519 private key.

## Notes

{% hint style="info" %}
There has not been much research on using the same key pair for X25519 and Ed25519. However, it should be fine for an [X25519-based KEM](https://crypto.stackexchange.com/a/42536). There is a nice summary of what a KEM is [here](https://neilmadden.blog/2021/01/22/hybrid-encryption-and-the-kem-dem-paradigm/).
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.geralt.xyz/advanced/ed25519-to-x25519.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.