# 使用X25519进行密钥å商
å¯¹åº”çš„ç®—æ³•è§„æ ¼è¯·æŸ¥çœ‹[密钥åå•†ç®—æ³•è§„æ ¼ï¼šX25519](crypto-key-agreement-overview.md#x25519)。
## å¼€å‘æ¥éª¤
1. 调用[cryptoFramework.createAsyKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygenerator)ã€[AsyKeyGenerator.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-1)ã€[AsyKeyGenerator.convertKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#convertkey-3)生æˆå¯†é’¥ç®—法为X25519çš„éžå¯¹ç§°å¯†é’¥ï¼ˆKeyPair)。
如何生æˆX25519éžå¯¹ç§°å¯†é’¥ï¼Œå¼€å‘者å¯å‚考下文示例,并结åˆ[éžå¯¹ç§°å¯†é’¥ç”Ÿæˆå’Œè½¬æ¢è§„æ ¼ï¼šX25519](crypto-asym-key-generation-conversion-spec.md#x25519)å’Œ[éšæœºç”Ÿæˆéžå¯¹ç§°å¯†é’¥å¯¹](crypto-generate-asym-key-pair-randomly.md)ç†è§£ï¼Œå‚考文档与当å‰ç¤ºä¾‹å¯èƒ½å˜åœ¨å…¥å‚差异,请在阅读时注æ„区分。
2. 调用[cryptoFramework.createKeyAgreement](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatekeyagreement),指定å—符串å‚æ•°'X25519',创建密钥算法为X25519的密钥å议生æˆå™¨ï¼ˆKeyAgreement)。
3. 调用[KeyAgreement.generateSecret](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesecret-1)ï¼ŒåŸºäºŽä¼ å…¥çš„ç§é’¥ï¼ˆKeyPair.priKey)与公钥(KeyPair.pubKey)进行密钥å商,返回共享秘密。
- 以使用awaitæ–¹å¼ï¼Œå®Œæˆå¯†é’¥å商为例:
```ts
import { cryptoFramework } from '@kit.CryptoArchitectureKit';
async function x25519Await() {
// å‡è®¾æ¤å…¬ç§é’¥å¯¹æ•°æ®ä¸ºå¤–éƒ¨ä¼ å…¥
let pubKeyArray = new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 110, 3, 33, 0, 36, 98, 216, 106, 74, 99, 179, 203, 81, 145, 147, 101, 139, 57, 74, 225, 119, 196, 207, 0, 50, 232, 93, 147, 188, 21, 225, 228, 54, 251, 230, 52]);
let priKeyArray = new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 110, 4, 34, 4, 32, 112, 65, 156, 73, 65, 89, 183, 39, 119, 229, 110, 12, 192, 237, 186, 153, 21, 122, 28, 176, 248, 108, 22, 242, 239, 179, 106, 175, 85, 65, 214, 90]);
let keyGen = cryptoFramework.createAsyKeyGenerator('X25519');
// å¤–éƒ¨ä¼ å…¥çš„å…¬ç§é’¥å¯¹A
let keyPairA = await keyGen.convertKey({ data: pubKeyArray }, { data: priKeyArray });
// 内部生æˆçš„å…¬ç§é’¥å¯¹B
let keyPairB = await keyGen.generateKeyPair();
let keyAgreement = cryptoFramework.createKeyAgreement('X25519');
// 使用A的公钥和Bçš„ç§é’¥è¿›è¡Œå¯†é’¥å商
let secret1 = await keyAgreement.generateSecret(keyPairB.priKey, keyPairA.pubKey);
// 使用Açš„ç§é’¥å’ŒB的公钥进行密钥å商
let secret2 = await keyAgreement.generateSecret(keyPairA.priKey, keyPairB.pubKey);
// 两ç§å商的结果应当一致
if (secret1.data.toString() == secret2.data.toString()) {
console.info('x25519 success');
console.info('x25519 output is ' + secret1.data);
} else {
console.error('x25519 result is not equal');
}
}
```
- åŒæ¥æ–¹æ³•ç¤ºä¾‹ï¼š
```ts
import { cryptoFramework } from '@kit.CryptoArchitectureKit';
function x25519Await() {
// å‡è®¾æ¤å…¬ç§é’¥å¯¹æ•°æ®ä¸ºå¤–éƒ¨ä¼ å…¥
let pubKeyArray = new Uint8Array([48, 42, 48, 5, 6, 3, 43, 101, 110, 3, 33, 0, 36, 98, 216, 106, 74, 99, 179, 203, 81, 145, 147, 101, 139, 57, 74, 225, 119, 196, 207, 0, 50, 232, 93, 147, 188, 21, 225, 228, 54, 251, 230, 52]);
let priKeyArray = new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 110, 4, 34, 4, 32, 112, 65, 156, 73, 65, 89, 183, 39, 119, 229, 110, 12, 192, 237, 186, 153, 21, 122, 28, 176, 248, 108, 22, 242, 239, 179, 106, 175, 85, 65, 214, 90]);
let keyGen = cryptoFramework.createAsyKeyGenerator('X25519');
// å¤–éƒ¨ä¼ å…¥çš„å…¬ç§é’¥å¯¹A
let keyPairA = keyGen.convertKeySync({ data: pubKeyArray }, { data: priKeyArray });
// 内部生æˆçš„å…¬ç§é’¥å¯¹B
let keyPairB = keyGen.generateKeyPairSync();
let keyAgreement = cryptoFramework.createKeyAgreement('X25519');
// 使用A的公钥和Bçš„ç§é’¥è¿›è¡Œå¯†é’¥å商
let secret1 = keyAgreement.generateSecretSync(keyPairB.priKey, keyPairA.pubKey);
// 使用Açš„ç§é’¥å’ŒB的公钥进行密钥å商
let secret2 = keyAgreement.generateSecretSync(keyPairA.priKey, keyPairB.pubKey);
// 两ç§å商的结果应当一致
if (secret1.data.toString() == secret2.data.toString()) {
console.info('x25519 success');
console.info('x25519 output is ' + secret1.data);
} else {
console.error('x25519 result is not equal');
}
}
```