crypto: add support for x25119 and x448 key pair generation

doc/api/crypto.md

@@ -1129,14 +1129,17 @@ passing keys as strings or `Buffer`s due to improved security features.
 <!-- YAML
 added: v11.6.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/26774
+    description: Added support for `'x25519'` and `'x448'`
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/26319
     description: Added support for `'ed25519'` and `'ed448'`
 -->
 * {string}
 
 For asymmetric keys, this property represents the type of the embedded key
-(`'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, or `'ed448'`).
+(`'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, `'ed448'`, `'x25519'` or `'x448'`).
 This property is `undefined` for symmetric keys.
 
 ### keyObject.export([options])
@@ -1903,6 +1906,9 @@ algorithm names.
 <!-- YAML
 added: v10.12.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/26774
+    description: Add ability to generate X25519 and X448 key pairs.
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/26554
     description: Add ability to generate Ed25519 and Ed448 key pairs.
@@ -1911,7 +1917,8 @@ changes:
     description: The `generateKeyPair` and `generateKeyPairSync` functions now
                  produce key objects if no encoding was specified.
 -->
-* `type`: {string} Must be `'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, or `'ed448'`.
+* `type`: {string} Must be `'rsa'`, `'dsa'`, `'ec'`, `'ed25519'`, `'ed448'`,
+  `'x25519'`, or `'x448'`.
 * `options`: {Object}
   - `modulusLength`: {number} Key size in bits (RSA, DSA).
   - `publicExponent`: {number} Public exponent (RSA). **Default:** `0x10001`.

lib/internal/crypto/keygen.js

@@ -8,6 +8,8 @@ const {
   generateKeyPairEdDSA,
   EVP_PKEY_ED25519,
   EVP_PKEY_ED448,
+  EVP_PKEY_X25519,
+  EVP_PKEY_X448,
   OPENSSL_EC_NAMED_CURVE,
   OPENSSL_EC_EXPLICIT_CURVE
 } = internalBinding('crypto');
@@ -197,8 +199,24 @@ function check(type, options, callback) {
       break;
     case 'ed25519':
     case 'ed448':
+    case 'x25519':
+    case 'x448':
       {
-        const id = type === 'ed25519' ? EVP_PKEY_ED25519 : EVP_PKEY_ED448;
+        let id;
+        switch (type) {
+          case 'ed25519':
+            id = EVP_PKEY_ED25519;
+            break;
+          case 'ed448':
+            id = EVP_PKEY_ED448;
+            break;
+          case 'x25519':
+            id = EVP_PKEY_X25519;
+            break;
+          case 'x448':
+            id = EVP_PKEY_X448;
+            break;
+        }
         impl = (wrap) => generateKeyPairEdDSA(id,
                                               publicFormat, publicType,
                                               privateFormat, privateType,
@@ -208,7 +226,7 @@ function check(type, options, callback) {
     default:
       throw new ERR_INVALID_ARG_VALUE('type', type,
                                       "must be one of 'rsa', 'dsa', 'ec', " +
-                                      "'ed25519', 'ed448'");
+                                      "'ed25519', 'ed448', 'x25519', 'x448'");
   }
 
   if (options) {

src/env.h

@@ -146,6 +146,8 @@ constexpr size_t kFsStatsBufferLength = kFsStatsFieldsNumber * 2;
   V(crypto_ec_string, "ec")                                                    \
   V(crypto_ed25519_string, "ed25519")                                          \
   V(crypto_ed448_string, "ed448")                                              \
+  V(crypto_x25519_string, "x25519")                                            \
+  V(crypto_x448_string, "x448")                                                \
   V(crypto_rsa_string, "rsa")                                                  \
   V(cwd_string, "cwd")                                                         \
   V(data_string, "data")                                                       \

src/node_crypto.cc

@@ -3451,6 +3451,10 @@ Local<String> KeyObject::GetAsymmetricKeyType() const {
     return env()->crypto_ed25519_string();
   case EVP_PKEY_ED448:
     return env()->crypto_ed448_string();
+  case EVP_PKEY_X25519:
+    return env()->crypto_x25519_string();
+  case EVP_PKEY_X448:
+    return env()->crypto_x448_string();
   default:
     CHECK(false);
   }
@@ -6336,6 +6340,8 @@ void Initialize(Local<Object> target,
   env->SetMethod(target, "generateKeyPairEdDSA", GenerateKeyPairEdDSA);
   NODE_DEFINE_CONSTANT(target, EVP_PKEY_ED25519);
   NODE_DEFINE_CONSTANT(target, EVP_PKEY_ED448);
+  NODE_DEFINE_CONSTANT(target, EVP_PKEY_X25519);
+  NODE_DEFINE_CONSTANT(target, EVP_PKEY_X448);
   NODE_DEFINE_CONSTANT(target, OPENSSL_EC_NAMED_CURVE);
   NODE_DEFINE_CONSTANT(target, OPENSSL_EC_EXPLICIT_CURVE);
   NODE_DEFINE_CONSTANT(target, kKeyEncodingPKCS1);