libsecp256k1_core/
ecdh.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
use crate::{
    ecmult::ECMultContext,
    group::{Affine, Jacobian},
    scalar::Scalar,
};
use digest::{generic_array::GenericArray, Digest};

impl ECMultContext {
    pub fn ecdh_raw<D: Digest + Default>(
        &self,
        point: &Affine,
        scalar: &Scalar,
    ) -> Option<GenericArray<u8, D::OutputSize>> {
        let mut digest: D = Default::default();

        let mut pt = *point;
        let s = *scalar;

        if s.is_zero() {
            return None;
        }

        let mut res = Jacobian::default();
        self.ecmult_const(&mut res, &pt, &s);
        pt.set_gej(&res);

        pt.x.normalize();
        pt.y.normalize();

        let x = pt.x.b32();
        let y = 0x02 | (if pt.y.is_odd() { 1 } else { 0 });

        digest.update(&[y]);
        digest.update(&x);
        Some(digest.finalize_reset())
    }
}