primeorder: improve initialization from uncompressed point (RustCrypt…

…o#891)
makavity · May 17, 2023 · 1ccab73 · 1ccab73
1 parent f955566
commit 1ccab73
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/primeorder/src/affine.rs b/primeorder/src/affine.rs
@@ -182,8 +182,11 @@ where
             }
             sec1::Coordinates::Uncompressed { x, y } => {
                 C::FieldElement::from_repr(*y).and_then(|y| {
-                    Self::decompress(x, y.is_odd())
-                        .and_then(|point| CtOption::new(point, point.y.ct_eq(&y)))
+                    C::FieldElement::from_repr(*x).and_then(|x| {
+                        let lhs = y * &y;
+                        let rhs = x * &x * &x + &(C::EQUATION_A * &x) + &C::EQUATION_B;
+                        CtOption::new(Self { x, y, infinity: 0 }, lhs.ct_eq(&rhs))
+                    })
                 })
             }
         }