def conv_ext_to_xy(P):
"""
Converts extended representation to x,y
Accepts also projective representation.
:param P:
:return:
"""
x, y, z = P[0], P[1], P[2]
zi = inv(z)
x = (x * zi) % q
y = (y * zi) % q
return x, y
def encodepoint(P):
"""
Encodes point in extended coordinates form (x,y,z,t) to the bit representation
:param P:
:return:
"""
check_ed25519point(P)
(x, y, z, t) = P
zi = inv(z)
x = (x * zi) % q
y = (y * zi) % q
bits = [(y >> i) & 1 for i in range(b - 1)] + [x & 1]
# noinspection PyTypeChecker
return b"".join([
int2byte(sum([bits[i * 8 + j] << j for j in range(8)]))
for i in range(b // 8)
])
def hash_to_point(buf):
"""
H_p(buf)
Code adapted from MiniNero: https://github.com/monero-project/mininero
https://github.com/monero-project/research-lab/blob/master/whitepaper/ge_fromfe_writeup/ge_fromfe.pdf
http://archive.is/yfINb
:param key:
:return:
"""
u = _decodeint(cn_fast_hash(buf)) % q
A = 486662
w = (2 * u * u + 1) % q
xp = (w * w - 2 * A * A * u * u) % q
# like sqrt (w / x) although may have to check signs..
# so, note that if a squareroot exists, then clearly a square exists..
rx = ed25519.expmod(w * ed25519.inv(xp), (q + 3) // 8, q)
# rx is ok.
x = rx * rx * (w * w - 2 * A * A * u * u) % q
y = (2 * u * u + 1 - x) % q # w - x, if y is zero, then x = w
negative = False
if y != 0:
y = (w + x) % q # checking if you got the negative square root.
if y != 0:
negative = True
else:
rx = rx * -1 * fe_fffb1 % q
negative = False
else:
# y was 0..
rx = (rx * -1 * fe_fffb2) % q
if not negative:
rx = (rx * u) % q
z = (-2 * A * u * u) % q
sign = 0
else:
z = -1 * A
x = x * fe_sqrtm1 % q # ..
y = (w - x) % q
if y != 0:
rx = rx * fe_fffb3 % q
else:
rx = rx * -1 * fe_fffb4 % q
sign = 1
# setsign
if (rx % 2) != sign:
rx = -(rx) % q
rz = (z + w) % q
ry = (z - w) % q
rx = rx * rz % q
rt = 1
# extended representation
rt = ((rx * ry % q) * inv(rz)) % q
P = EdPoint((rx, ry, rz, rt))
P8 = scalarmult(P, EdScalar(8))
return P8