#include "crypto_dh.h" #include "fe.h" void crypto_dh(unsigned char *q, const unsigned char *p, const unsigned char *n ) { unsigned char e[32]; unsigned int i; fe x1; fe x2; fe z2; fe x3; fe z3; fe tmp0; fe tmp1; int pos; unsigned int swap; unsigned int b; for (i = 0;i < 32;++i) e[i] = n[i]; e[0] &= 248; e[31] &= 127; e[31] |= 64; fe_frombytes(x1,p); fe_1(x2); fe_0(z2); fe_copy(x3,x1); fe_1(z3); swap = 0; for (pos = 254;pos >= 0;--pos) { b = e[pos / 8] >> (pos & 7); b &= 1; swap ^= b; fe_cswap(x2,x3,swap); fe_cswap(z2,z3,swap); swap = b; #include "montgomery.h" } fe_cswap(x2,x3,swap); fe_cswap(z2,z3,swap); fe_invert(z2,z2); fe_mul(x2,x2,z2); fe_tobytes(q,x2); }