-rw-r--r-- 743 lib25519-20220726/crypto_dh/x25519/amd64-maa4/mont25519.c raw
#include "randombytes.h"
#include "crypto_dh.h"
#include "fe25519.h"

#define mladder CRYPTO_NAMESPACE(mladder)
extern void mladder(fe25519 *,fe25519 *,const unsigned char *);

void crypto_dh(unsigned char *r,
                      const unsigned char *p,
                      const unsigned char *s)
{
  unsigned char e[32];
  int i;
  for(i=0;i<32;i++) e[i] = s[i];
  e[0] &= 248;
  e[31] &= 127;
  e[31] |= 64; 

  fe25519 t[2];
  fe25519_unpack(t, p);
  mladder(t, t, e);
  fe25519_invert(t+1, t+1);
  fe25519_mul(t, t, t+1);
  fe25519_pack(r, t);
}

static const unsigned char basepoint[32] = {9};

void crypto_dh_keypair(unsigned char *pk,unsigned char *sk)
{
  randombytes(sk,crypto_dh_SECRETKEYBYTES);
  crypto_dh(pk,basepoint,sk);
}