Returns a shared key between our secret key and a peer's public key.
Throws an error if the given keys are of wrong length.
If rejectZero is true throws if the calculated shared key is all-zero.
From RFC 7748:
Protocol designers using Diffie-Hellman over the curves defined in
this document must not assume "contributory behavior". Specially,
contributory behavior means that both parties' private keys
contribute to the resulting shared key. Since curve25519 and
curve448 have cofactors of 8 and 4 (respectively), an input point of
small order will eliminate any contribution from the other party's
private key. This situation can be detected by checking for the all-
zero output, which implementations MAY do, as specified in Section 6.
However, a large number of existing implementations do not do this.
IMPORTANT: the returned key is a raw result of scalar multiplication.
To use it as a key material, hash it with a cryptographic hash function.
Returns a shared key between our secret key and a peer's public key.
Throws an error if the given keys are of wrong length.
If rejectZero is true throws if the calculated shared key is all-zero. From RFC 7748:
IMPORTANT: the returned key is a raw result of scalar multiplication. To use it as a key material, hash it with a cryptographic hash function.