Merge pull request #2 from zcash/hashtocurve-blocksize

hashtocurve.sage: the block size of BLAKE2b is 128 bytes, not 64 bytes.
This commit is contained in:
ebfull 2021-04-01 16:21:05 -06:00 committed by GitHub
commit bdf50d9ede
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions

View File

@ -423,7 +423,7 @@ def hash(hasher, msg):
return h.digest()
SHA256 = (sha256, 32, 64)
BLAKE2b = (blake2b, 64, 64)
BLAKE2b = (blake2b, 64, 128)
def hash_to_field(modulus, message, DST, count):
outlen = int(count * CHUNKLEN)
@ -514,7 +514,7 @@ print("")
# This test vector is chosen so that the first map_to_curve_simple_swu takes the gx1 square
# "branch" and the second takes the gx1 non-square "branch" (opposite to the Vesta test vector).
(P, xyz, c) = hash_to_pallas_jacobian(b"world", "z.cash:test-pallas_XMD:BLAKE2b_SSWU_RO_")
(P, xyz, c) = hash_to_pallas_jacobian(b"Trans rights now!", "z.cash:test-pallas_XMD:BLAKE2b_SSWU_RO_")
print("Ep { x: 0x%064x, y: 0x%064x, z: 0x%064x }" % xyz)
print("")