RustCrypto · tarcieri · Jan 15, 2022 · Jan 7, 2022 · Jan 7, 2022 · Jan 8, 2022
diff --git a/.github/workflows/k256.yml b/.github/workflows/k256.yml
@@ -41,6 +41,7 @@ jobs:
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdh
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa-core
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa
+      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features hash2curve
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features jwk
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features keccak256
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features pem
@@ -49,7 +50,7 @@ jobs:
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features sha256
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa,keccak256
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa,sha256
-      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features arithmetic,bits,ecdh,ecdsa,jwk,keccak256,pem,pkcs8,serde,sha256
+      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features arithmetic,bits,ecdh,ecdsa,hash2curve,jwk,keccak256,pem,pkcs8,serde,sha256
 
   benches:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/p256.yml b/.github/workflows/p256.yml
@@ -41,13 +41,14 @@ jobs:
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdh
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa-core
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features ecdsa
+      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features hash2curve
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features jwk
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features pem
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features pkcs8
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features serde
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features sha256
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features voprf
-      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features arithmetic,bits,ecdh,ecdsa,jwk,pem,pkcs8,serde,sha256,voprf
+      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features arithmetic,bits,ecdh,ecdsa,hash2curve,jwk,pem,pkcs8,serde,sha256,voprf
 
   test:
     runs-on: ubuntu-latest

diff --git a/k256/Cargo.toml b/k256/Cargo.toml
@@ -19,7 +19,7 @@ rust-version = "1.56"
 
 [dependencies]
 cfg-if = "1.0"
-elliptic-curve = { version = "0.11.6", default-features = false, features = ["hazmat", "sec1"] }
+elliptic-curve = { version = "0.11.7", default-features = false, features = ["hazmat", "sec1"] }
 sec1 = { version = "0.2", default-features = false }
 
 # optional dependencies
@@ -46,6 +46,7 @@ digest = ["ecdsa-core/digest", "ecdsa-core/hazmat"]
 ecdh = ["arithmetic", "elliptic-curve/ecdh"]
 ecdsa = ["arithmetic", "digest", "ecdsa-core/sign", "ecdsa-core/verify"]
 expose-field = ["arithmetic"]
+hash2curve = ["elliptic-curve/hash2curve"]
 jwk = ["elliptic-curve/jwk"]
 keccak256 = ["digest", "sha3"]
 pem = ["elliptic-curve/pem", "ecdsa-core/pem", "pkcs8"]

diff --git a/k256/src/arithmetic.rs b/k256/src/arithmetic.rs
@@ -2,6 +2,8 @@
 
 pub(crate) mod affine;
 mod field;
+#[cfg(feature = "hash2curve")]
+mod hash2curve;
 mod mul;
 pub(crate) mod projective;
 pub(crate) mod scalar;

diff --git a/k256/src/arithmetic/affine.rs b/k256/src/arithmetic/affine.rs
@@ -154,7 +154,7 @@ impl DecompressPoint<Secp256k1> for AffinePoint {
                 let y = FieldElement::conditional_select(
                     &beta.negate(1),
                     &beta,
-                    beta.normalize().is_odd().ct_eq(&y_is_odd),
+                    beta.is_odd().ct_eq(&y_is_odd),
                 );
 
                 Self {

diff --git a/k256/src/arithmetic/field/field_impl.rs b/k256/src/arithmetic/field/field_impl.rs
@@ -89,8 +89,7 @@ impl FieldElementImpl {
     }
 
     pub fn is_odd(&self) -> Choice {
-        debug_assert!(self.normalized);
-        self.value.is_odd()
+        self.normalize().value.is_odd()
     }
 
     pub fn negate(&self, magnitude: u32) -> Self {