You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Various fixes and improvements to hash2curve (#1813)
This was mainly to fix a bug in handling large DSTs for
`expand_message_xof`.
- `ExpandMsg::expand_message()`s `len_in_bytes` parameter is now a
`NonZero`, moving one run-time error to the type system.
- In tandem `FromOkm::Length` now requires `typenum::NonZero`.
- Added generic `K` parameter to `ExpandMsg` implementers.
- `ExpandMsgXmd` only uses it to follow constraints set by the
specification more closely. See
https://www.rfc-editor.org/rfc/rfc9380.html#section-5.3.1-2.1.
- More importantly, `ExpandMsgXof`, requires `K` to calculate the size
for the computed DST if the given DST is larger than 255 bytes. This was
previously not implemented correctly in that it always used a 32-byte
long computed DST.
- Added `type K` to the `GroupDigest` trait. This allows blanket
implementations to use the right `K` for `ExpandMsgXmd` and
`ExpandMsgXof`.
- Added `HashMarker` to the constraints of `HashT` for `ExpandMsgXof`.
- Moved documentation from `ExpandMsg` trait implementations to the
actual type and added links to the specification.
Cc @mikelodder7.
0 commit comments