from Crypto.PublicKey import ECC
from Crypto.Protocol.KDF import scrypt
from Crypto.Random import get_random_bytes
from Crypto.Cipher import AES
from secrets import randbelow

prime = 0xffffffffffffffffffffffffffffffff000000000000000000000001

def generate_secret(c = 0):
	# 'DER' format for byte output
        return ECC.generate(curve='NIST P-224').export_key(format='DER')

def H(secret):
	# secret should be bytearray[], pref. from generate_secret() function
	salt = get_random_bytes(16)
	key = scrypt(bytes(secret), salt, 16, N=2**14, r=8, p=1)
	return key[:32] # first 32 bytes of generated key

def coin_toss():
	x = randbelow(2 ** 64)
	if x & 1:
		return False
	else:
		return True

def encrypt(key, data):
	cipher = AES.new(key, AES.MODE_CTR)
	ct = cipher.encrypt(data)
	nonce = cipher.nonce
	return ct, nonce

def decrypt(ct, nonce, key):
	cipher = AES.new(key, AES.MODE_CTR, nonce=nonce)
	pt = cipher.decrypt(ct)
	return pt