Add Ed25519 to FROST and remove expand_xmd for elliptic_curve's

Doesn't fully utilize ec's hash2curve module as k256 Scalar doesn't have FromOkm for some reason. The previously present bigint reduction is preserved. Updates ff/group to 0.12. Premised on https://github.com/cfrg/draft-irtf-cfrg-frost/pull/205 being merged, as while this Ed25519 is vector compliant, it's technically not spec compliant due to that conflict.
2025-12-09 12:49:23 +00:00 · 2022-06-06 02:18:25 -04:00
parent 55a895d65a
commit e0ce6e5c12
15 changed files with 189 additions and 266 deletions
--- a/crypto/frost/src/tests/literal/kp256.rs
+++ b/crypto/frost/src/tests/literal/kp256.rs
@@ -1,9 +1,7 @@
 use rand::rngs::OsRng;

 use crate::{
-  Curve,
-  curves::kp256::{KP256Instance, P256},
-  algorithm::Hram,
+  curves::kp256::{P256, IetfP256Hram},
  tests::{curve::test_curve, schnorr::test_schnorr, vectors::{Vectors, vectors}}
 };

@@ -20,18 +18,6 @@ fn p256_schnorr() {
  test_schnorr::<_, P256>(&mut OsRng);
 }

-#[derive(Clone)]
-pub struct IetfP256Hram;
-impl Hram<P256> for IetfP256Hram {
-  #[allow(non_snake_case)]
-  fn hram(R: &p256::ProjectivePoint, A: &p256::ProjectivePoint, m: &[u8]) -> p256::Scalar {
-    P256::hash_to_F(
-      &[P256::CONTEXT, b"chal"].concat(),
-      &[&P256::G_to_bytes(R), &P256::G_to_bytes(A), m].concat()
-    )
-  }
-}
-
 #[test]
 fn p256_vectors() {
  vectors::<P256, IetfP256Hram>(