plume_rustcrypto 0.2.1

Implementation of PLUME: nullifier friendly signature scheme on ECDSA; using the k256 library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

use super::*;
use k256::{
    elliptic_curve::{
        hash2curve::{ExpandMsgXmd, GroupDigest},
        sec1::ToEncodedPoint,
    },
    ProjectivePoint, Secp256k1,
}; // requires 'getrandom' feature

// Hashes two values to the curve
pub(crate) fn hash_to_curve(
    m: &[u8],
    pk: &ProjectivePoint,
) -> Result<ProjectivePoint, k256::elliptic_curve::Error> {
    Secp256k1::hash_from_bytes::<ExpandMsgXmd<Sha256>>(
        &[[m, &encode_pt(pk)].concat().as_slice()],
        //b"CURVE_XMD:SHA-256_SSWU_RO_",
        &[DST],
    )
}

/// Encodes the point by compressing it to 33 bytes
pub(crate) fn encode_pt(point: &ProjectivePoint) -> Vec<u8> {
    point.to_encoded_point(true).to_bytes().to_vec()
}