Implement hash_to_scalar

RustCrypto · Jan 7, 2022 · d24d2ac · d24d2ac
1 parent 08c4fd5
commit d24d2ac
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/elliptic-curve/Cargo.toml b/elliptic-curve/Cargo.toml
@@ -49,7 +49,7 @@ alloc = ["der/alloc", "sec1/alloc", "zeroize/alloc"] # todo: use weak activation
 arithmetic = ["ff", "group"]
 bits = ["arithmetic", "ff/bits"]
 dev = ["arithmetic", "hex-literal", "pem", "pkcs8"]
-hash2curve = ["digest", "ff", "group"]
+hash2curve = ["arithmetic", "digest", "ff", "group"]
 ecdh = ["arithmetic"]
 hazmat = []
 jwk = ["alloc", "base64ct/alloc", "serde", "serde_json", "zeroize/alloc"]

diff --git a/elliptic-curve/src/hash2curve/group_digest.rs b/elliptic-curve/src/hash2curve/group_digest.rs
@@ -1,12 +1,12 @@
 use super::MapToCurve;
 use crate::{
     hash2field::{hash_to_field, ExpandMsg, FromOkm},
-    Result,
+    ProjectiveArithmetic, Result,
 };
 use group::cofactor::CofactorGroup;
 
 /// Adds hashing arbitrary byte sequences to a valid group element
-pub trait GroupDigest {
+pub trait GroupDigest: ProjectiveArithmetic<ProjectivePoint = Self::Output> {
     /// The field element representation for a group value with multiple elements
     type FieldElement: FromOkm + MapToCurve<Output = Self::Output> + Default + Copy;
     /// The resulting group element
@@ -68,4 +68,16 @@ pub trait GroupDigest {
         let q0 = u[0].map_to_curve();
         Ok(q0.clear_cofactor())
     }
+
+    /// Computes the hash to field routine according to
+    /// <https://www.ietf.org/archive/id/draft-irtf-cfrg-hash-to-curve-13.html#section-5>
+    /// and returns a scalar.
+    fn hash_to_scalar<X: ExpandMsg>(msgs: &[&[u8]], dst: &'static [u8]) -> Result<Self::Scalar>
+    where
+        Self::Scalar: FromOkm,
+    {
+        let mut u = [Self::Scalar::default()];
+        hash_to_field::<X, _>(msgs, dst, &mut u)?;
+        Ok(u[0])
+    }
 }