Convert the encoding and decoding functions into python code

stratospher · stratospher · commit 8424fd19fe4c · 2022-01-07T02:50:56.000+05:30
diff --git a/test/functional/test_framework/ellsq.py b/test/functional/test_framework/ellsq.py
@@ -6,6 +6,7 @@
 anything but tests."""
 
 import random
+import secrets
 import unittest
 
 from .key import modsqrt, SECP256K1, SECP256K1_FIELD_SIZE, SECP256K1_G, SECP256K1_ORDER
@@ -103,35 +104,44 @@ def r(x,y,i):
 
 def encode(P):
     while True:
-        u = field_random()
-        T = curve_negate(f(u))
-        Q = curve_add(T, P)
-        if is_infinity(Q): Q = T
+        u = fe(random.randrange(1, SECP256K1_ORDER))
+        fe1 = f(u)
+        # convert fe1 to jacobian form for EC operations
+        fe1 = (fe1[0].val, fe1[1].val, 1)
+        T = SECP256K1.negate(fe1)
+        Q = SECP256K1.add(T, P)
+        if SECP256K1.on_curve(Q) is None: Q = T
         j = secrets.choice([1,2,3,4])
-        v = r(Q, j)
-        if v is not Nothing: return (u, v)
+        Q = SECP256K1.affine(Q)
+        v = r(fe(Q[0]), fe(Q[1]), j)
+        if v is not None: return (u, v)
 
 def decode(u, v):
-    T = f(u)
-    P = curve_add(T, f(v))
-    if is_infinity(P): P = T
-    return P
+    fe1 = f(u)
+    fe2 = f(v)
+    # convert fe1 and fe2 to jacobian form for EC operations
+    jac1 = (fe1[0].val, fe1[1].val, 1)
+    jac2 = (fe2[0].val, fe2[1].val, 1)
+    T = jac1
+    S = jac2
+    P = SECP256K1.affine(SECP256K1.add(T, S))
+    if P is None: P = T # affine() returns None if at infinity.
+    return (fe(P[0]), fe(P[1]))
 
 P = SECP256K1_FIELD_SIZE
 FIELD_BITS = P.bit_length()
 FIELD_BYTES = (FIELD_BITS + 7) // 8
-PAD_BITS = FIELD_BYTES*8 - FIELD_BITS
 
 def encode_bytes(P):
     u, v = encode(P)
-    up = u + secrets.randbits(PAD_BITS) << FIELD_BITS
-    vp = v + secrets.randbits(PAD_BITS) << FIELD_BITS
+    up = u.val # since, PAD_BITS is 0, padding and masking can be left out
+    vp = v.val
     return up.to_bytes(FIELD_BYTES, 'big') + vp.to_bytes(FIELD_BYTES, 'big')
 
 def decode_bytes(enc):
     u = (int.from_bytes(enc[:FIELD_BYTES], 'big') & ((1 << FIELD_BITS) - 1)) % P
     v = (int.from_bytes(enc[FIELD_BYTES:], 'big') & ((1 << FIELD_BITS) - 1)) % P
-    return decode(u, v)
+    return decode(fe(u), fe(v))
 
 def SECP256K1_FE_CONST(d7, d6, d5, d4, d3, d2, d1, d0):
     n = []
