From a0d900bce6ff67786b7352213f9e29a664be3707 Mon Sep 17 00:00:00 2001 From: Conrado Gouvea Date: Wed, 10 Jul 2024 08:19:20 -0300 Subject: [PATCH] docs: update spec links to the final URL (#700) --- frost-core/src/keys.rs | 8 ++++---- frost-core/src/lib.rs | 14 +++++++------- frost-core/src/round1.rs | 10 +++++----- frost-core/src/round2.rs | 4 ++-- frost-core/src/traits.rs | 24 ++++++++++++------------ frost-ed25519/src/lib.rs | 12 ++++++------ frost-ed448/src/lib.rs | 12 ++++++------ frost-p256/src/lib.rs | 12 ++++++------ frost-ristretto255/src/lib.rs | 12 ++++++------ frost-secp256k1/src/lib.rs | 12 ++++++------ 10 files changed, 60 insertions(+), 60 deletions(-) diff --git a/frost-core/src/keys.rs b/frost-core/src/keys.rs index 8b7b9c68..ba24b13b 100644 --- a/frost-core/src/keys.rs +++ b/frost-core/src/keys.rs @@ -416,7 +416,7 @@ where /// This also implements `derive_group_info()` from the [spec] (which is very similar), /// but only for this participant. /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.2-4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#appendix-C.2-3 pub fn verify(&self) -> Result<(VerifyingShare, VerifyingKey), Error> { let f_result = ::generator() * self.signing_share.to_scalar(); let result = evaluate_vss(self.identifier, &self.commitment); @@ -466,7 +466,7 @@ pub enum IdentifierList<'a, C: Ciphersuite> { /// /// Implements [`trusted_dealer_keygen`] from the spec. /// -/// [`trusted_dealer_keygen`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C +/// [`trusted_dealer_keygen`]: https://datatracker.ietf.org/doc/html/rfc9591#appendix-C pub fn generate_with_dealer( max_signers: u16, min_signers: u16, @@ -541,7 +541,7 @@ pub fn split( /// /// Implements [`polynomial_evaluate`] from the spec. /// -/// [`polynomial_evaluate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-evaluation-of-a-polynomial +/// [`polynomial_evaluate`]: https://datatracker.ietf.org/doc/html/rfc9591#name-additional-polynomial-opera fn evaluate_polynomial( identifier: Identifier, coefficients: &[Scalar], @@ -830,7 +830,7 @@ pub(crate) fn generate_secret_polynomial( /// /// Implements [`secret_share_shard`] from the spec. /// -/// [`secret_share_shard`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#appendix-C.1 +/// [`secret_share_shard`]: https://datatracker.ietf.org/doc/html/rfc9591#name-shamir-secret-sharing pub(crate) fn generate_secret_shares( secret: &SigningKey, max_signers: u16, diff --git a/frost-core/src/lib.rs b/frost-core/src/lib.rs index b54f3cc3..b93195ec 100644 --- a/frost-core/src/lib.rs +++ b/frost-core/src/lib.rs @@ -62,7 +62,7 @@ pub use verifying_key::VerifyingKey; /// A type refinement for the scalar field element representing the per-message _[challenge]_. /// -/// [challenge]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-challenge-computa +/// [challenge]: https://datatracker.ietf.org/doc/html/rfc9591#name-signature-challenge-computa #[derive(Copy, Clone)] #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] @@ -114,8 +114,8 @@ where /// /// This is the only invocation of the H2 hash function from the [RFC]. /// -/// [FROST]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-challenge-computa -/// [RFC]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.2 +/// [FROST]: https://datatracker.ietf.org/doc/html/rfc9591#name-signature-challenge-computa +/// [RFC]: https://datatracker.ietf.org/doc/html/rfc9591#name-cryptographic-hash-function #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] fn challenge( @@ -241,7 +241,7 @@ where /// [`compute_binding_factors`] in the spec /// -/// [`compute_binding_factors`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-4.4 +/// [`compute_binding_factors`]: https://datatracker.ietf.org/doc/html/rfc9591#name-binding-factors-computation #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] pub(crate) fn compute_binding_factor_list( @@ -339,7 +339,7 @@ fn compute_lagrange_coefficient( /// /// Implements [`derive_interpolating_value()`] from the spec. /// -/// [`derive_interpolating_value()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-polynomials +/// [`derive_interpolating_value()`]: https://datatracker.ietf.org/doc/html/rfc9591#name-polynomials #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] fn derive_interpolating_value( @@ -489,7 +489,7 @@ where /// /// Implements [`compute_group_commitment`] from the spec. /// -/// [`compute_group_commitment`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-4.5 +/// [`compute_group_commitment`]: https://datatracker.ietf.org/doc/html/rfc9591#name-group-commitment-computatio #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] fn compute_group_commitment( @@ -595,7 +595,7 @@ where // // Implements [`aggregate`] from the spec. // - // [`aggregate`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-5.3 + // [`aggregate`]: https://datatracker.ietf.org/doc/html/rfc9591#name-signature-share-aggregation let mut z = <::Field>::zero(); for signature_share in signature_shares.values() { diff --git a/frost-core/src/round1.rs b/frost-core/src/round1.rs index dfe1eb0f..27e1c229 100644 --- a/frost-core/src/round1.rs +++ b/frost-core/src/round1.rs @@ -43,7 +43,7 @@ where /// /// An implementation of `nonce_generate(secret)` from the [spec]. /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-nonce-generation + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#name-nonce-generation pub fn new(secret: &SigningShare, rng: &mut R) -> Self where R: CryptoRng + RngCore, @@ -314,9 +314,9 @@ where } } - /// Computes the [signature commitment share] from these round one signing commitments. + /// Computes the [commitment share] from these round one signing commitments. /// - /// [signature commitment share]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-share-verificatio + /// [commitment share]: https://datatracker.ietf.org/doc/html/rfc9591#name-signature-share-aggregation #[cfg(any(feature = "internals", feature = "cheater-detection"))] #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] @@ -368,7 +368,7 @@ pub struct GroupCommitmentShare(pub(super) Element); /// Returns a byte string containing the serialized representation of the /// commitment list. /// -/// [`encode_group_commitment_list()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-list-operations +/// [`encode_group_commitment_list()`]: https://datatracker.ietf.org/doc/html/rfc9591#name-list-operations pub(super) fn encode_group_commitments( signing_commitments: &BTreeMap, SigningCommitments>, ) -> Result, Error> { @@ -422,7 +422,7 @@ where /// Generates the signing nonces and commitments to be used in the signing /// operation. /// -/// [`commit`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-round-one-commitment +/// [`commit`]: https://datatracker.ietf.org/doc/html/rfc9591#name-round-one-commitment pub fn commit( secret: &SigningShare, rng: &mut R, diff --git a/frost-core/src/round2.rs b/frost-core/src/round2.rs index a6a0c18d..7b0fd450 100644 --- a/frost-core/src/round2.rs +++ b/frost-core/src/round2.rs @@ -58,7 +58,7 @@ where /// /// This is the final step of [`verify_signature_share`] from the spec. /// - /// [`verify_signature_share`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-signature-share-verificatio + /// [`verify_signature_share`]: https://datatracker.ietf.org/doc/html/rfc9591#name-signature-share-aggregation #[cfg(any(feature = "cheater-detection", feature = "internals"))] #[cfg_attr(feature = "internals", visibility::make(pub))] #[cfg_attr(docsrs, doc(cfg(feature = "internals")))] @@ -121,7 +121,7 @@ fn compute_signature_share( /// Assumes the participant has already determined which nonce corresponds with /// the commitment that was assigned by the coordinator in the SigningPackage. /// -/// [`sign`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-round-two-signature-share-g +/// [`sign`]: https://datatracker.ietf.org/doc/html/rfc9591#name-round-two-signature-share-g pub fn sign( signing_package: &SigningPackage, signer_nonces: &round1::SigningNonces, diff --git a/frost-core/src/traits.rs b/frost-core/src/traits.rs index b96f27b0..a1ff62fe 100644 --- a/frost-core/src/traits.rs +++ b/frost-core/src/traits.rs @@ -43,13 +43,13 @@ pub trait Field: Copy + Clone { /// Generate a random scalar from the entire space [0, l-1] /// - /// + /// fn random(rng: &mut R) -> Self::Scalar; /// A member function of a [`Field`] that maps a [`Scalar`] to a unique byte array buf of /// fixed length Ne. /// - /// + /// fn serialize(scalar: &Self::Scalar) -> Self::Serialization; /// A member function of a [`Field`] that maps a [`Scalar`] to a unique byte array buf of @@ -63,7 +63,7 @@ pub trait Field: Copy + Clone { /// Fails if the input is not a valid byte representation of an [`Scalar`] of the /// [`Field`]. This function can raise an [`Error`] if deserialization fails. /// - /// + /// fn deserialize(buf: &Self::Serialization) -> Result; } @@ -104,21 +104,21 @@ pub trait Group: Copy + Clone + PartialEq { /// Additive [identity] of the prime order group. /// - /// [identity]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.2 + /// [identity]: https://datatracker.ietf.org/doc/html/rfc9591#section-3.1-4.4 fn identity() -> Self::Element; /// The fixed generator element of the prime order group. /// /// The 'base' of ['ScalarBaseMult()'] from the spec. /// - /// [`ScalarBaseMult()`]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-3.1-3.5 + /// [`ScalarBaseMult()`]: https://datatracker.ietf.org/doc/html/rfc9591#section-3.1-4.10 fn generator() -> Self::Element; /// A member function of a group _G_ that maps an [`Element`] to a unique /// byte array buf of fixed length Ne. This function raises an error if the /// element is the identity element of the group. /// - /// + /// fn serialize(element: &Self::Element) -> Result; /// A member function of a [`Group`] that attempts to map a byte array `buf` to an [`Element`]. @@ -127,7 +127,7 @@ pub trait Group: Copy + Clone + PartialEq { /// [`Group`]. This function can raise an [`Error`] if deserialization fails or if the /// resulting [`Element`] is the identity element of the group /// - /// + /// fn deserialize(buf: &Self::Serialization) -> Result; } @@ -137,7 +137,7 @@ pub type Element = <::Group as Group>::Element; /// A [FROST ciphersuite] specifies the underlying prime-order group details and cryptographic hash /// function. /// -/// [FROST ciphersuite]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-ciphersuites +/// [FROST ciphersuite]: https://datatracker.ietf.org/doc/html/rfc9591#name-ciphersuites pub trait Ciphersuite: Copy + Clone + PartialEq + Debug { /// The ciphersuite ID string. It should be equal to the contextString in /// the spec. For new ciphersuites, this should be a string that identifies @@ -159,28 +159,28 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug { /// /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field. /// - /// [H1]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function + /// [H1]: https://datatracker.ietf.org/doc/html/rfc9591#name-cryptographic-hash-function fn H1(m: &[u8]) -> <::Field as Field>::Scalar; /// [H2] for a FROST ciphersuite. /// /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field. /// - /// [H2]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function + /// [H2]: https://datatracker.ietf.org/doc/html/rfc9591#name-cryptographic-hash-function fn H2(m: &[u8]) -> <::Field as Field>::Scalar; /// [H3] for a FROST ciphersuite. /// /// Maps arbitrary inputs to `Self::Scalar` elements of the prime-order group scalar field. /// - /// [H3]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function + /// [H3]: https://datatracker.ietf.org/doc/html/rfc9591#name-cryptographic-hash-function fn H3(m: &[u8]) -> <::Field as Field>::Scalar; /// [H4] for a FROST ciphersuite. /// /// Usually an an alias for the ciphersuite hash function _H_ with domain separation applied. /// - /// [H4]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#name-cryptographic-hash-function + /// [H4]: https://datatracker.ietf.org/doc/html/rfc9591#name-cryptographic-hash-function fn H4(m: &[u8]) -> Self::HashOutput; /// [H5] for a FROST ciphersuite. diff --git a/frost-ed25519/src/lib.rs b/frost-ed25519/src/lib.rs index 355e37a0..1e33b2d9 100644 --- a/frost-ed25519/src/lib.rs +++ b/frost-ed25519/src/lib.rs @@ -156,7 +156,7 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar { /// Context string from the ciphersuite in the [spec] /// -/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-1 +/// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-1 const CONTEXT_STRING: &str = "FROST-ED25519-SHA512-v1"; /// An implementation of the FROST(Ed25519, SHA-512) ciphersuite. @@ -174,35 +174,35 @@ impl Ciphersuite for Ed25519Sha512 { /// H1 for FROST(Ed25519, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.1 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-2.4.2.2 fn H1(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m]) } /// H2 for FROST(Ed25519, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.2 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-2.4.2.4 fn H2(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[m]) } /// H3 for FROST(Ed25519, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.3 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-2.4.2.6 fn H3(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m]) } /// H4 for FROST(Ed25519, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-2.4.2.8 fn H4(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m]) } /// H5 for FROST(Ed25519, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.1-2.2.2.5 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.1-2.4.2.10 fn H5(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m]) } diff --git a/frost-ed448/src/lib.rs b/frost-ed448/src/lib.rs index f867c494..4ceb707e 100644 --- a/frost-ed448/src/lib.rs +++ b/frost-ed448/src/lib.rs @@ -150,7 +150,7 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar { /// Context string from the ciphersuite in the [spec] /// -/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-1 +/// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-1 const CONTEXT_STRING: &str = "FROST-ED448-SHAKE256-v1"; /// An implementation of the FROST(Ed448, SHAKE256) ciphersuite. @@ -168,35 +168,35 @@ impl Ciphersuite for Ed448Shake256 { /// H1 for FROST(Ed448, SHAKE256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.1 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-2.4.2.2 fn H1(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m]) } /// H2 for FROST(Ed448, SHAKE256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.2 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-2.4.2.4 fn H2(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[b"SigEd448\0\0", m]) } /// H3 for FROST(Ed448, SHAKE256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.3 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-2.4.2.6 fn H3(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m]) } /// H4 for FROST(Ed448, SHAKE256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-2.4.2.8 fn H4(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m]) } /// H5 for FROST(Ed448, SHAKE256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.3-2.2.2.5 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.3-2.4.2.10 fn H5(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m]) } diff --git a/frost-p256/src/lib.rs b/frost-p256/src/lib.rs index 2c54b10f..7491d3d6 100644 --- a/frost-p256/src/lib.rs +++ b/frost-p256/src/lib.rs @@ -168,7 +168,7 @@ fn hash_to_scalar(domain: &[u8], msg: &[u8]) -> Scalar { /// Context string from the ciphersuite in the [spec] /// -/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-1 +/// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-1 const CONTEXT_STRING: &str = "FROST-P256-SHA256-v1"; /// An implementation of the FROST(P-256, SHA-256) ciphersuite. @@ -186,35 +186,35 @@ impl Ciphersuite for P256Sha256 { /// H1 for FROST(P-256, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.1 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-2.4.2.2 fn H1(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "rho").as_bytes(), m) } /// H2 for FROST(P-256, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.2 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-2.4.2.4 fn H2(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "chal").as_bytes(), m) } /// H3 for FROST(P-256, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.3 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-2.4.2.6 fn H3(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "nonce").as_bytes(), m) } /// H4 for FROST(P-256, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-2.4.2.8 fn H4(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m]) } /// H5 for FROST(P-256, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.4-2.2.2.5 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.4-2.4.2.10 fn H5(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m]) } diff --git a/frost-ristretto255/src/lib.rs b/frost-ristretto255/src/lib.rs index f6a608c4..d82d5405 100644 --- a/frost-ristretto255/src/lib.rs +++ b/frost-ristretto255/src/lib.rs @@ -142,7 +142,7 @@ fn hash_to_scalar(inputs: &[&[u8]]) -> Scalar { /// Context string from the ciphersuite in the [spec]. /// -/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-1 +/// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-1 const CONTEXT_STRING: &str = "FROST-RISTRETTO255-SHA512-v1"; /// An implementation of the FROST(ristretto255, SHA-512) ciphersuite. @@ -160,35 +160,35 @@ impl Ciphersuite for Ristretto255Sha512 { /// H1 for FROST(ristretto255, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.1 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-2.4.2.2 fn H1(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"rho", m]) } /// H2 for FROST(ristretto255, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.2 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-2.4.2.4 fn H2(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"chal", m]) } /// H3 for FROST(ristretto255, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.3 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-2.4.2.6 fn H3(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar(&[CONTEXT_STRING.as_bytes(), b"nonce", m]) } /// H4 for FROST(ristretto255, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-2.4.2.8 fn H4(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m]) } /// H5 for FROST(ristretto255, SHA-512) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.2-2.2.2.5 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.2-2.4.2.10 fn H5(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m]) } diff --git a/frost-secp256k1/src/lib.rs b/frost-secp256k1/src/lib.rs index 1ebeaedb..4d25266b 100644 --- a/frost-secp256k1/src/lib.rs +++ b/frost-secp256k1/src/lib.rs @@ -168,7 +168,7 @@ fn hash_to_scalar(domain: &[u8], msg: &[u8]) -> Scalar { /// Context string from the ciphersuite in the [spec]. /// -/// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-1 +/// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-1 const CONTEXT_STRING: &str = "FROST-secp256k1-SHA256-v1"; /// An implementation of the FROST(secp256k1, SHA-256) ciphersuite. @@ -186,35 +186,35 @@ impl Ciphersuite for Secp256K1Sha256 { /// H1 for FROST(secp256k1, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.1 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-2.4.2.2 fn H1(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "rho").as_bytes(), m) } /// H2 for FROST(secp256k1, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.2 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-2.4.2.4 fn H2(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "chal").as_bytes(), m) } /// H3 for FROST(secp256k1, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.3 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-2.4.2.6 fn H3(m: &[u8]) -> <::Field as Field>::Scalar { hash_to_scalar((CONTEXT_STRING.to_owned() + "nonce").as_bytes(), m) } /// H4 for FROST(secp256k1, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.4 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-2.4.2.8 fn H4(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"msg", m]) } /// H5 for FROST(secp256k1, SHA-256) /// - /// [spec]: https://www.ietf.org/archive/id/draft-irtf-cfrg-frost-14.html#section-6.5-2.2.2.5 + /// [spec]: https://datatracker.ietf.org/doc/html/rfc9591#section-6.5-2.4.2.10 fn H5(m: &[u8]) -> Self::HashOutput { hash_to_array(&[CONTEXT_STRING.as_bytes(), b"com", m]) }