Add functions to compute ellswift encoding, x-only ECDH

stratospher · sipa · stratospher · commit 41166b19b68a · 2023-06-01T23:10:22.000+05:30
Co-authored-by: Pieter Wuille &lt;pieter.wuille@gmail.com&gt;
diff --git a/test/functional/test_framework/ellswift.py b/test/functional/test_framework/ellswift.py
@@ -70,6 +70,19 @@ def xelligatorswift(x):
         if t is not None:
             return u, t
 
+def ellswift_create():
+    """Generate a (privkey, ellswift_pubkey) pair."""
+    priv = random.randrange(1, GE.ORDER)
+    u, t = xelligatorswift((priv * G).x)
+    return priv.to_bytes(32, 'big'), u.to_bytes() + t.to_bytes()
+
+def ellswift_ecdh_xonly(pubkey_theirs, privkey):
+    """Compute X coordinate of shared ECDH point between ellswift pubkey and privkey."""
+    u = FE(int.from_bytes(pubkey_theirs[:32], 'big'))
+    t = FE(int.from_bytes(pubkey_theirs[32:], 'big'))
+    d = int.from_bytes(privkey, 'big')
+    return (d * GE.lift_x(xswiftec(u, t))).x.to_bytes()
+
 
 class TestFrameworkEllSwift(unittest.TestCase):
     def test_elligator_forward(self):
@@ -92,3 +105,11 @@ def test_elligator_roundtrip(self):
             u, t = xelligatorswift(x)
             x2 = xswiftec(u, t)
             self.assertEqual(x2, x)
+
+    def test_ellswift_ecdh_xonly(self):
+        for _ in range(32):
+            privkey1, encoding1 = ellswift_create()
+            privkey2, encoding2 = ellswift_create()
+            shared_secret1 = ellswift_ecdh_xonly(encoding1, privkey2)
+            shared_secret2 = ellswift_ecdh_xonly(encoding2, privkey1)
+            assert shared_secret1 == shared_secret2
