3 files changed, 53 insertions, 10 deletions

diff --git a/src/exhaustive/ansi.c b/src/exhaustive/ansi.c
index 30db530..a2b24c8 100644
--- a/src/exhaustive/ansi.c
+++ b/src/exhaustive/ansi.c
@@ -40,7 +40,8 @@ static void seed_hash(seed_t *seed) {
 static void seed_tsh(seed_t *seed, const config_t *cfg) {
 	pari_sp ltop = avma;
 	seed->ansi.t = utoi(cfg->bits);
-	seed->ansi.s = floorr(rdivii(subis(seed->ansi.t, 1), stoi(160), DEFAULTPREC));
+	seed->ansi.s = floorr(
+		rdivii(subis(seed->ansi.t, 1), stoi(160), DEFAULTPREC));
 	seed->ansi.h = subii(seed->ansi.t, mulis(seed->ansi.s, 160));
 	gerepileall(ltop, 3, &seed->ansi.t, &seed->ansi.s, &seed->ansi.h);
 }
@@ -120,6 +121,7 @@ UNROLL(ansi_unroll_seed) {
 }
 
 static GENERATOR(ansi_gen_equation_fp) {
+	pari_sp ltop = avma;
 	bits_t *c0 = bits_from_raw(curve->seed->hash20, 160);
 	bits_shortenz(c0, 160 - itos(curve->seed->ansi.h));
 
@@ -128,32 +130,59 @@ static GENERATOR(ansi_gen_equation_fp) {
 
 	bits_t *W = seed_process(curve->seed, W0);
 
-	return 0;
+	long ti = itos(curve->seed->ansi.t);
+	GEN r = gen_0;
+	for (long i = 1; i <= ti; ++i) {
+		GEN Wi = stoi(GET_BIT(W->bits, i - 1));
+		r = addii(r, mulii(Wi, int2n(ti - i)));
+	}
+	curve->seed->ansi.r = r;
+
+	GEN r_inv = Fp_invsafe(r, curve->field);
+	GEN a;
+	GEN b2;
+	do {
+		a = random_int(cfg->bits);
+		b2 = mulii(powis(a, 3), r_inv);
+	}while (!Fp_issquare(b2, curve->field));
+	GEN b = Fp_sqrt(b2, curve->field);
+
+	curve->a = a;
+	curve->b = b;
+
+	gerepileall(ltop, 3, &r, &a, &b);
+	bits_free(&c0);
+	bits_free(&W0);
+	bits_free(&W);
+	return 1;
 }
 
 static GENERATOR(ansi_gen_equation_f2m) {
+	pari_sp ltop = avma;
 	bits_t *b0 = bits_from_raw(curve->seed->hash20, 160);
 	bits_shortenz(b0, 160 - itos(curve->seed->ansi.h));
 
 	bits_t *b = seed_process(curve->seed, b0);
 	GEN ib = bits_to_i(b);
 	if (gequal0(ib)) {
+		avma = ltop;
 		return -3;
 	}
 	GEN a = random_int(cfg->bits);
 	curve->a = field_ielement(curve->field, a);
 	curve->b = field_ielement(curve->field, ib);
+
+	gerepileall(ltop, 2, &curve->a, &curve->b);
+	bits_free(&b0);
+	bits_free(&b);
 	return 1;
 }
 
 GENERATOR(ansi_gen_equation) {
 	switch (cfg->field) {
-		case FIELD_PRIME:
-			return ansi_gen_equation_fp(curve, cfg, args);
-		case FIELD_BINARY:
-			return ansi_gen_equation_f2m(curve, cfg, args);
-		default:
-			pari_err_BUG("Field not prime or binary?");
+		case FIELD_PRIME: return ansi_gen_equation_fp(curve, cfg, args);
+		case FIELD_BINARY: return ansi_gen_equation_f2m(curve, cfg, args);
+		default: pari_err_BUG("Field not prime or binary?");
 			return INT_MIN; /* NOT REACHABLE */
 	}
 }
diff --git a/src/gen/types.h b/src/gen/types.h
index 8b53da7..38d8a64 100644
--- a/src/gen/types.h
+++ b/src/gen/types.h
@@ -35,6 +35,7 @@ typedef struct seed_t {
 			GEN t;
 			GEN s;
 			GEN h;
+			GEN r;
 		} ansi;
 		struct {
 			bits_t *f;
diff --git a/test/src/exhaustive/test_ansi.c b/test/src/exhaustive/test_ansi.c
index 996f3a5..1f29f10 100644
--- a/test/src/exhaustive/test_ansi.c
+++ b/test/src/exhaustive/test_ansi.c
@@ -166,10 +166,24 @@ ParameterizedTestParameters(ansi, test_seed_prime_examples) {
 	return cr_make_param_array(struct prime_params, params, nb_params, NULL);
 }
 ParameterizedTest(struct prime_params *param, ansi, test_seed_prime_examples) {
-	//TODO: implement the test
 	config_t cfg = {};
 	cfg.bits = param->bits;
+	cfg.field = FIELD_PRIME;
+	cfg.seed = param->seed;
 	curve_t curve = {};
+	bits_t *p = bits_from_hex(param->p);
+	curve.field = bits_to_i(p);
+
+	int ret = ansi_gen_seed_argument(&curve, &cfg, NULL);
+	cr_assert_eq(ret, 1,);
+
+	ret = ansi_gen_equation(&curve, &cfg, NULL);
+	cr_assert_eq(ret, 1,);
+	GEN expected_r = bits_to_i(bits_from_hex(param->r));
+	cr_assert(gequal(curve.seed->ansi.r, expected_r),);
+
+	bits_free(&p);
+	seed_free(&curve.seed);
 }
 
 struct binary_params {
@@ -246,7 +260,6 @@ ParameterizedTestParameters(ansi, test_seed_binary_examples) {
 	params[9].b = cr_strdup("2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988");
 
 	size_t nb_params = sizeof(params) / sizeof(struct binary_params);
-	//nb_params = 1;
 	return cr_make_param_array(struct binary_params, params, nb_params, binary_params_cleanup);
 }
 ParameterizedTest(struct binary_params *param, ansi, test_seed_binary_examples) {