def test_hash_to_curve_matches_spec(proxy_contract, signing_root, dst):
result = proxy_contract.functions.hashToCurve(signing_root).call()
converted_result = tuple(_convert_fp2_to_int(fp2_repr) for fp2_repr in result)
spec_result = normalize(hash_to_G2(signing_root, dst, hashlib.sha256))
assert converted_result == spec_result
def hash_message(message: bytes, DST: bytes = None) -> bytes:
from hashlib import sha256
from py_ecc.bls.hash import i2osp
from py_ecc.bls.hash_to_curve import hash_to_G2
from py_ecc.bls.point_compression import compress_G2
DST = DST or b'' # TODO: Use a valid DST
mapped_msg = hash_to_G2(message, DST, sha256)
z1, z2 = compress_G2(mapped_msg)
return i2osp(z1, 48) + i2osp(z2, 48)
def test_hash_to_G2(msg, x, y, H):
point = hash_to_G2(msg, DST, H)
assert is_on_curve(point, b2)
# Affine
result_x = point[0] / point[2] # X / Z
result_y = point[1] / point[2] # Y / Z
assert x == result_x
assert y == result_y
def OpBLS_HashToG2(arg):
return
op = json.loads(arg)
dst = bytes.fromhex(op['dest'])
if len(dst) > 255:
return
#dst = b'QUUX-V01-CS02-with-BLS12381G2_XMD:SHA-256_SSWU_RO_'
cleartext = bytes.fromhex(op['cleartext'])
aug = bytes.fromhex(op['aug'])
msg = aug + cleartext
point = hash_to_G2(msg, dst, sha256)
x = point[0] / point[2]
y = point[1] / point[2]
point = [[str(x.coeffs[0]), str(y.coeffs[0])],
[str(x.coeffs[1]), str(y.coeffs[1])]]
r = json.dumps(point)
return bytes(r, 'utf-8')