Class: H2C::HashToPoint

Inherits:

Object

• Object
• H2C::HashToPoint

Defined in:

lib/h2c/hash_to_point.rb

Overview

Complete and secure function for hashing strings to points.

Instance Attribute Summary

• #suite ⇒ Object readonly

  Returns the value of attribute suite.

Instance Method Summary

• #digest(msg) ⇒ ECDSA::Point

  Hash returns a point on an elliptic curve given a message.

• #hash_to_field(msg, count, modulo = suite.curve.field.prime) ⇒ Array

  Hashes a msg of any length into an element of a finite field.

• #initialize(suite) ⇒ HashToPoint constructor

  A new instance of HashToPoint.

Constructor Details

#initialize(suite) ⇒ HashToPoint

Returns a new instance of HashToPoint.

Parameters:

• suite (H2C::Suite) —

  Hash to curve suite

# File 'lib/h2c/hash_to_point.rb', line 9

def initialize(suite)
  @suite = suite
end

Instance Attribute Details

#suite ⇒ Object (readonly)

Returns the value of attribute suite.

# File 'lib/h2c/hash_to_point.rb', line 6

def suite
  @suite
end

Instance Method Details

#digest(msg) ⇒ ECDSA::Point

Hash returns a point on an elliptic curve given a message.

Parameters:

• msg (String) —

  Message with binary to be hashed.

Returns:

• (ECDSA::Point) —

  point

# File 'lib/h2c/hash_to_point.rb', line 16

def digest(msg)
  p =
    if suite.ro
      u = hash_to_field(msg, 2)
      p0 = suite.map.map(u[0])
      p1 = suite.map.map(u[1])
      p0 + p1
    else
      u = hash_to_field(msg, 1)
      suite.map.map(u[0])
    end
  suite.curve.cofactor ? p.multiply_by_scalar(suite.curve.cofactor) : p
end

#hash_to_field(msg, count, modulo = suite.curve.field.prime) ⇒ Array

Hashes a msg of any length into an element of a finite field. www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-16.html#name-hash_to_field-implementatio hash to curve specification. Other protocols such as FROST can be order of curve.

Parameters:

• msg (String) —

  A byte string containing the message to hash.

• count (Integer) —

  The number of elements of Field to output.

• modulo (Integer) (defaults to: suite.curve.field.prime) —

  (Optional) This value is a finite field of characteristic p in the

Returns:

• (Array)

# File 'lib/h2c/hash_to_point.rb', line 37

def hash_to_field(msg, count, modulo = suite.curve.field.prime)
  len = count * suite.m * suite.l
  pseudo = suite.exp.expand(msg, len)
  u = []
  count.times do |i|
    v = []
    suite.m.times do |j|
      offset = suite.l * (j + i * suite.m)
      t = pseudo[offset, (offset + suite.l)]
      vj = t.unpack1("H*").to_i(16)
      v[j] = vj % modulo
    end
    u[i] = v
  end
  u.flatten
end