elligator: API changes for encoding + function documentations

3 files changed, 157 insertions, 152 deletions

diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 53150bedc..50937324d 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -2664,22 +2664,6 @@ GNUNET_CRYPTO_edx25519_public_key_derive (
   size_t seedsize,
   struct GNUNET_CRYPTO_Edx25519PublicKey *result);
 
-/**
- * Note: Included in header for testing purposes. GNUNET_CRYPTO_ecdhe_elligator_decoding will be the correct API for the direct map.
- * TODO: Make static.
- * @ingroup crypto
- * Encodes an element of the underlying finite field, so called representative, of Curve25519 to a point on the curve
- * This transformation is deterministic
- *
- * @param representative element of the finite field
- * @param point destination for the calculated point on the curve
- * @param high_y destination set to "True" if corresponding y-coordinate is > 2 ^ 254 - 10
- */
-bool
-GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point,
-                                          bool *high_y,
-                                          uint8_t *representative);
-
 
 /**
  * @ingroup crypto
@@ -2687,9 +2671,9 @@ GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point,
  *
  * @param representative serialized elligator representative of an element of Curves25519's finite field
  * @param point destination for the calculated point on the curve
- * @param high_y value pointed to will be set to true if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed.
+ * @param high_y bool pointed to will be set to 'true' if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed.
  */
-bool
+void
 GNUNET_CRYPTO_ecdhe_elligator_decoding (
   struct GNUNET_CRYPTO_EcdhePublicKey *point,
   bool *high_y,
@@ -2697,23 +2681,25 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (
 
 /**
  * @ingroup crypto
- * Encodes a point on Curve25519 to a an element of the underlying finite field
- * This transformation is deterministic
+ * Encodes a point on Curve25519 to a an element of the underlying finite field.
+ * This transformation is deterministic.
  *
- * @param point a point on the curve
+ * @param r storage for the calculated representative
+ * @param pub a point on the curve
  * @param high_y encodes if y-coordinate is > 2 ^254 - 10, which determines the representative value out of two
- * @param representative destination for the calculated element of the finite field
+ * @return 'true' if the given point can be encoded into a representative. Otherwise 'false' is returned and the content of the representative storage is undefined
  */
 bool
-GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative,
-                                           const uint8_t *point,
-                                           bool high_y);
+GNUNET_CRYPTO_ecdhe_elligator_encoding (
+  struct GNUNET_CRYPTO_ElligatorRepresentative *r,
+  const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
+  bool high_y);
 
 
 /**
  * @ingroup crypto
- * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point
- * following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key
+ * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point.
+ * Following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key.
  *
  * @param pub valid public key for elligator inverse map
  * @param pk private key for generating valid public key
@@ -2727,7 +2713,7 @@ GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (
 
 /**
  * @ingroup crypto
- * Generates a private key for Curve25519 and the elligator representative of the corresponding public key
+ * Generates a private key for Curve25519 and the elligator representative of the corresponding public key.
  *
  * @param repr representative of the public key
  * @param pk Curve25519 private key
@@ -2740,8 +2726,8 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create (
 /**
  * @ingroup crypto
  * Carries out ecdh encapsulation with given public key and the private key from a freshly created ephemeral key pair.
+ * Following the terminology in https://eprint.iacr.org/2021/509.pdf.
  *
- * Following the terminology in https://eprint.iacr.org/2021/509.pdf
  * @param pub given edwards curve public key (X)
  * @param r representative of ephemeral public key A to use for the ECDH (direct_map(r)=A=aG)
  * @param key_material where to write the key material H(aX)=H(x(aG))
@@ -2756,8 +2742,8 @@ GNUNET_CRYPTO_eddsa_elligator_kem_encaps (
 /**
  * @ingroup crypto
  * Carries out ecdh decapsulation with own private key and the representative of the received public key.
+ * Following the terminology in https://eprint.iacr.org/2021/509.pdf.
  *
- * Following the terminology in https://eprint.iacr.org/2021/509.pdf
  * @param priv own private key (x)
  * @param r received representative r, from which we can obtain the public key A (direct_map(r)=A=aG)
  * @param key_material where to write the key material H(xA)=H(a(xG))
diff --git a/src/lib/util/crypto_elligator.c b/src/lib/util/crypto_elligator.c
index 11bc086a9..91db517b0 100644
--- a/src/lib/util/crypto_elligator.c
+++ b/src/lib/util/crypto_elligator.c
@@ -95,87 +95,87 @@ static const uint8_t lookupTable[8][crypto_scalarmult_SCALARBYTES] = {
 
 // main.c from Kleshnis's elligator implementation
 static const unsigned char p_bytes[P_BYTES] = {
-  0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x7f
+  0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
 };
 
 static const unsigned char negative_1_bytes[P_BYTES] = {
-  0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x7f
+  0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
 };
 
 static const unsigned char negative_2_bytes[P_BYTES] = {
-  0xeb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x7f
+  0xeb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
 };
 
 static const unsigned char divide_negative_1_2_bytes[P_BYTES] = {
-  0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x3f
+  0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f
 };
 
 static const unsigned char divide_plus_p_3_8_bytes[P_BYTES] = {
-  0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x0f
+  0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f
 };
 
 static const unsigned char divide_minus_p_1_2_bytes[P_BYTES] = {
-  0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x3f
+  0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f
 };
 
 static const unsigned char square_root_negative_1_bytes[P_BYTES] = {
-  0xb0, 0xa0, 0x0e, 0x4a, 0x27, 0x1b, 0xee, 0xc4, 0x78, 0xe4, 0x2f, 0xad, 0x06,
-  0x18, 0x43, 0x2f,
-  0xa7, 0xd7, 0xfb, 0x3d, 0x99, 0x00, 0x4d, 0x2b, 0x0b, 0xdf, 0xc1, 0x4f, 0x80,
-  0x24, 0x83, 0x2b
+  0xb0, 0xa0, 0x0e, 0x4a, 0x27, 0x1b, 0xee, 0xc4,
+  0x78, 0xe4, 0x2f, 0xad, 0x06, 0x18, 0x43, 0x2f,
+  0xa7, 0xd7, 0xfb, 0x3d, 0x99, 0x00, 0x4d, 0x2b,
+  0x0b, 0xdf, 0xc1, 0x4f, 0x80, 0x24, 0x83, 0x2b
 };
 
 static const unsigned char A_bytes[P_BYTES] = {
-  0x06, 0x6d, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00
+  0x06, 0x6d, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 };
 
 static const unsigned char negative_A_bytes[P_BYTES] = {
-  0xe7, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x7f
+  0xe7, 0x92, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
 };
 
 static const unsigned char u_bytes[P_BYTES] = {
-  0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00
+  0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
 };
 
 static const unsigned char inverted_u_bytes[P_BYTES] = {
-  0xf7, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff,
-  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-  0xff, 0xff, 0x3f
+  0xf7, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f
 };
 
 static const unsigned char d_bytes[P_BYTES] = {
-  0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, 0xab, 0xd8, 0x41, 0x41, 0x4d,
-  0x0a, 0x70, 0x00,
-  0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c, 0x73, 0xfe, 0x6f, 0x2b, 0xee,
-  0x6c, 0x03, 0x52
+  0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75,
+  0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00,
+  0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c,
+  0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52
 };
 
 static mp_limb_t p[P_LIMBS];
@@ -193,6 +193,7 @@ static mp_limb_t d[P_LIMBS];
 
 static mp_size_t scratch_space_length;
 
+// TODO
 static void
 decode_bytes (mp_limb_t *number, const uint8_t *bytes)
 {
@@ -206,8 +207,7 @@ decode_bytes (mp_limb_t *number, const uint8_t *bytes)
 }
 
 
-// Erases the number
-
+// TODO
 static void
 encode_bytes (uint8_t *bytes, mp_limb_t *number)
 {
@@ -218,6 +218,9 @@ encode_bytes (uint8_t *bytes, mp_limb_t *number)
 }
 
 
+/**
+ * Initialize elligator scratch space.
+*/
 void __attribute__ ((constructor))
 GNUNET_CRYPTO_ecdhe_elligator_initialize ()
 {
@@ -268,14 +271,12 @@ GNUNET_CRYPTO_ecdhe_elligator_initialize ()
     mpn_sec_powm_itch (P_LIMBS, P_BITS - 1, P_LIMBS),
 
     // For Elligator_2_Curve25519_convert_from_Ed25519
-    /*
     mpn_sec_sqr_itch (P_LIMBS),
     mpn_sec_div_r_itch (P_LIMBS + P_LIMBS, P_LIMBS),
     mpn_sec_mul_itch (P_LIMBS, P_LIMBS),
     mpn_sec_add_1_itch (P_LIMBS),
     mpn_sec_powm_itch (P_LIMBS, P_BITS - 1, P_LIMBS),
     mpn_sec_sub_1_itch (P_LIMBS)
-    */
   };
 
   for (size_t i = 0; i < sizeof scratch_space_lengths
@@ -291,8 +292,14 @@ GNUNET_CRYPTO_ecdhe_elligator_initialize ()
 }
 
 
-// Returns trash if the number is a quadratic non-residue
-
+/**
+ * Calculates the root of a given number.
+ * Returns trash if the number is a quadratic non-residue.
+ *
+ * @param root storage for calculated root
+ * @param number value for which the root is calculated
+ * @param scratch_space buffer for calculation
+ */
 static void
 least_square_root (mp_limb_t *root,
                    const mp_limb_t *number,
@@ -332,10 +339,14 @@ least_square_root (mp_limb_t *root,
 
 
 bool
-GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative,
-                                           const uint8_t *point,
-                                           bool high_y)
+GNUNET_CRYPTO_ecdhe_elligator_encoding (
+  struct GNUNET_CRYPTO_ElligatorRepresentative *r,
+  const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
+  bool high_y)
 {
+  uint8_t *representative = (uint8_t *) r->r;
+  uint8_t *point = (uint8_t *) pub->q_y;
+
   mp_limb_t scratch_space[scratch_space_length];
 
   mp_limb_t a[P_LIMBS + P_LIMBS];
@@ -384,10 +395,21 @@ GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative,
 }
 
 
-bool
-GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point,
-                                          bool *high_y,
-                                          uint8_t *representative)
+/**
+ * Takes a number of the underlying finite field of Curve25519 and projects it into a valid point on that curve.
+ * This function works deterministically.
+ * This step is also known as elligators "decoding" step.
+ * Taken from https://github.com/Kleshni/Elligator-2/blob/master/main.c.
+ *
+ * @param point storage for calculated point on Curve25519
+ * @param high_y The 'high_y' argument of the corresponding GNUNET_CRYPTO_ecdhe_elligator_encoding call
+ * @param representative Given representative
+ * @return 'false' if extra step during direct map calculation is needed, otherwise 'true'
+ */
+static bool
+elligator_direct_map (uint8_t *point,
+                      bool *high_y,
+                      uint8_t *representative)
 {
   mp_limb_t scratch_space[scratch_space_length];
 
@@ -444,7 +466,7 @@ GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point,
 }
 
 
-bool
+void
 GNUNET_CRYPTO_ecdhe_elligator_decoding (
   struct GNUNET_CRYPTO_EcdhePublicKey *point,
   bool *high_y,
@@ -459,15 +481,25 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (
     high_y_ptr = high_y;
 
   struct GNUNET_CRYPTO_ElligatorRepresentative r_tmp;
-  memcpy (&r_tmp, &representative->r, sizeof(r_tmp.r));
+  memcpy (&r_tmp.r, &representative->r, sizeof(r_tmp.r));
   r_tmp.r[31] &= 63;
   // GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Print high_y\n");
-  return GNUNET_CRYPTO_ecdhe_elligator_direct_map ((uint8_t *) point->q_y,
-                                                   high_y_ptr,
-                                                   (uint8_t *) r_tmp.r);
+  elligator_direct_map ((uint8_t *) point->q_y,
+                        high_y_ptr,
+                        (uint8_t *) r_tmp.r);
 }
 
 
+/**
+ * Takes a number of the underlying finite field of Curve25519 and projects it into a valid point on that curve.
+ * This function works deterministically.
+ * This step is also known as elligators "decoding" step.
+ * Taken from https://github.com/Kleshni/Elligator-2/blob/master/main.c.
+ *
+ * @param point storage for calculated point on Curve25519
+ * @param source Ed25519 curve point
+ * @return 'false' if source is not a valid Ed25519 point. In this case the 'point' array will be undefined but dependend on source.
+ */
 static bool
 convert_from_ed_to_curve (uint8_t *point,
                           const uint8_t *source)
@@ -595,12 +627,11 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create (
                                 sizeof(int8_t));
     high_y = random_tweak & 1;
 
-    validKey = GNUNET_CRYPTO_ecdhe_elligator_inverse_map (
-      (unsigned char*) &(repr->r),
-      (unsigned char*) pub.q_y,
-      high_y ?
-      GNUNET_YES :
-      GNUNET_NO);
+    validKey = GNUNET_CRYPTO_ecdhe_elligator_encoding (repr,
+                                                       &pub,
+                                                       high_y ?
+                                                       GNUNET_YES :
+                                                       GNUNET_NO);
   }
 
   // Setting most significant bit and second most significant bit randomly
diff --git a/src/lib/util/test_crypto_elligator.c b/src/lib/util/test_crypto_elligator.c
index 8fd4d4093..2e178b7b1 100644
--- a/src/lib/util/test_crypto_elligator.c
+++ b/src/lib/util/test_crypto_elligator.c
@@ -7,36 +7,38 @@
 
 
 // Test vector from https://github.com/Kleshni/Elligator-2/blob/master/test-vectors.c
+// Using Decoding as a wrapper around direct_map
 static int
 testDirectMap (void)
 {
   int ok = GNUNET_OK;
 
   uint8_t repr1[32] = {
-    0x17, 0x9f, 0x24, 0x73, 0x0d, 0xed, 0x2c, 0xe3, 0x17, 0x39, 0x08, 0xec,
-    0x61, 0x96, 0x46, 0x53,
-    0xb8, 0x02, 0x7e, 0x38, 0x3f, 0x40, 0x34, 0x6c, 0x1c, 0x9b, 0x4d, 0x2b,
-    0xdb, 0x1d, 0xb7, 0x6c
+    0x95, 0xa1, 0x60, 0x19, 0x04, 0x1d, 0xbe, 0xfe,
+    0xd9, 0x83, 0x20, 0x48, 0xed, 0xe1, 0x19, 0x28,
+    0xd9, 0x03, 0x65, 0xf2, 0x4a, 0x38, 0xaa, 0x7a,
+    0xef, 0x1b, 0x97, 0xe2, 0x39, 0x54, 0x10, 0x1b
   };
 
   uint8_t point1[32] = {
-    0x10, 0x74, 0x54, 0x97, 0xd3, 0x5c, 0x6e, 0xde, 0x6e, 0xa6, 0xb3, 0x30,
-    0x54, 0x6a, 0x6f, 0xcb,
-    0xf1, 0x5c, 0x90, 0x3a, 0x7b, 0xe2, 0x8a, 0xe6, 0x9b, 0x1c, 0xa1, 0x4e,
-    0x0b, 0xf0, 0x9b, 0x60
+    0x79, 0x4f, 0x05, 0xba, 0x3e, 0x3a, 0x72, 0x95,
+    0x80, 0x22, 0x46, 0x8c, 0x88, 0x98, 0x1e, 0x0b,
+    0xe5, 0x78, 0x2b, 0xe1, 0xe1, 0x14, 0x5c, 0xe2,
+    0xc3, 0xc6, 0xfd, 0xe1, 0x6d, 0xed, 0x53, 0x63
   };
 
-  uint8_t pointResult[32];
+  struct GNUNET_CRYPTO_EcdhePublicKey pointResult = {0};
+  struct GNUNET_CRYPTO_ElligatorRepresentative representative = {0};
+  memcpy (&representative.r, &repr1, sizeof(repr1));
+
   bool highYResult;
-  bool isLeastSqrRoot = GNUNET_CRYPTO_ecdhe_elligator_direct_map (pointResult,
-                                                                  &highYResult,
-                                                                  repr1);
 
-  if (isLeastSqrRoot == false)
-  {
-    ok = GNUNET_OK;
-  }
-  if (memcmp (point1,pointResult,sizeof(point1)) != 0)
+  GNUNET_CRYPTO_ecdhe_elligator_decoding (
+    &pointResult,
+    &highYResult,
+    &representative);
+
+  if (memcmp (point1, pointResult.q_y, sizeof(point1)) != 0)
   {
     ok = GNUNET_SYSERR;
   }
@@ -51,29 +53,33 @@ testInverseMap (void)
 {
   int ok = GNUNET_OK;
   uint8_t point1[32] = {
-    0x33, 0x95, 0x19, 0x64, 0x00, 0x3c, 0x94, 0x08, 0x78, 0x06, 0x3c, 0xcf,
-    0xd0, 0x34, 0x8a, 0xf4,
-    0x21, 0x50, 0xca, 0x16, 0xd2, 0x64,0x6f, 0x2c, 0x58, 0x56, 0xe8, 0x33, 0x83,
-    0x77, 0xd8, 0x00
+    0x33, 0x95, 0x19, 0x64, 0x00, 0x3c, 0x94, 0x08,
+    0x78, 0x06, 0x3c, 0xcf, 0xd0, 0x34, 0x8a, 0xf4,
+    0x21, 0x50, 0xca, 0x16, 0xd2, 0x64, 0x6f, 0x2c,
+    0x58, 0x56, 0xe8, 0x33, 0x83, 0x77, 0xd8, 0x00
   };
 
   uint8_t repr1[32] = {
-    0x99, 0x9b, 0x59, 0x1b, 0x66, 0x97, 0xd0, 0x74, 0xf2, 0x66, 0x19, 0x22,0x77,
-    0xd5, 0x54, 0xde,
-    0xc3, 0xc2, 0x4c, 0x2e,0xf6, 0x10, 0x81, 0x01, 0xf6, 0x3d, 0x94, 0xf7, 0xff,
-    0xf3, 0xa0, 0x13
+    0x99, 0x9b, 0x59, 0x1b, 0x66, 0x97, 0xd0, 0x74,
+    0xf2, 0x66, 0x19, 0x22, 0x77, 0xd5, 0x54, 0xde,
+    0xc3, 0xc2, 0x4c, 0x2e, 0xf6, 0x10, 0x81, 0x01,
+    0xf6, 0x3d, 0x94, 0xf7, 0xff, 0xf3, 0xa0, 0x13
   };
 
-  uint8_t reprResult1[32];
+  // uint8_t reprResult1[32];
+  struct GNUNET_CRYPTO_ElligatorRepresentative r = {0};
+  struct GNUNET_CRYPTO_EcdhePublicKey pub = {0};
+  memcpy (&pub.q_y,&point1,sizeof(point1));
   bool yHigh1 = false;
-  bool success = GNUNET_CRYPTO_ecdhe_elligator_inverse_map (reprResult1,
-                                                            point1,
-                                                            yHigh1);
+
+  bool success = GNUNET_CRYPTO_ecdhe_elligator_encoding (&r,
+                                                         &pub,
+                                                         yHigh1);
   if (success == false)
   {
     ok = GNUNET_SYSERR;
   }
-  if (memcmp (repr1,reprResult1,sizeof(repr1)) != 0)
+  if (memcmp (&repr1,&r.r,sizeof(repr1)) != 0)
   {
     ok = GNUNET_SYSERR;
   }
@@ -104,11 +110,6 @@ testGeneratePkScalarMult (void)
   }
   crypto_scalarmult_base (pubPrimeCurve, pk.d);
 
-  // printf ("pubWholeCurve\n");
-  // printLittleEndianHex (pubWholeCurve,32);
-  // printf ("pubPrimeCurve\n");
-  // printLittleEndianHex (pubPrimeCurve,32);
-  // TODO: Currently utilizing ecdsa function for ecdhe testing, due to clamping. Clean this part later.
   struct GNUNET_CRYPTO_EcdsaPrivateKey clampedPk;
   GNUNET_CRYPTO_ecdsa_key_create (&clampedPk);
   crypto_scalarmult_base (pubWholeCurve.q_y, clampedPk.d);
@@ -204,14 +205,8 @@ testTimeDecoding (void)
   {
     fprintf (stderr, "%s", ".");
     fflush (stderr);
-    if (false ==
-        GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr[i]))
-    {
-      fprintf (stderr,
-               "GNUNET_CRYPTO_ecdhe_elligator_decoding SYSERR\n");
-      ok = GNUNET_SYSERR;
-      continue;
-    }
+    GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr[i]);
+
   }
 
   printf ("%d decoded public keys generated in %s\n",
@@ -253,13 +248,6 @@ elligatorKEM ()
 }
 
 
-/*
-*More tests to implement:
-* Adding more test vectors from different sources for inverse and direct map
-  * check if inverse map rightfully fails for points which are not "encodable"
-*/
-
-
 int
 main (int argc, char *argv[])
 {