def expand_secret(s:serialized_scalar_t) -> tuple2(serialized_scalar_t,serialized_scalar_t) :
h = sha512(s)
h_low = h[0:32]
h_high= h[32:64]
h_low[0] &= uint8(0xf8)
h_low[31] &= uint8(127)
h_low[31] |= uint8(64)
return (h_low,h_high)
def test(msg, expected224, expected256, expected384, expected512, num):
d224 = bytes.to_hex(sha224(msg))
d256 = bytes.to_hex(sha256(msg))
d384 = bytes.to_hex(sha384(msg))
d512 = bytes.to_hex(sha512(msg))
if (expected224 == d224 and expected256 == d256 and expected384 == d384
and expected512 == d512):
print("SHA-2 (224/256/384/512) Test " + str(num) + " successful!")
else:
print("Test failed!")
print("Computed: " + d224)
print("Expected: " + expected224)
print("Computed: " + d256)
print("Expected: " + expected256)
print("Computed: " + d384)
print("Expected: " + expected384)
print("Computed: " + d512)
print("Expected: " + expected512)
exit(1)
def sha512_modq(s:vlbytes) -> felem_t:
h = sha512(s)
return (to_felem(bytes.to_nat_le(h) % q25519))