Allow scalars except nonces to have value zero

[dconnolly]

Per https://github.com/cfrg/draft-irtf-cfrg-frost/pull/130

[dconnolly]

Pretty sure curve25519-dalek does the correct thing and Scalar allows zero under the hood: https://github.com/dalek-cryptography/curve25519-dalek/blob/main/src/scalar.rs

And we use Scalar::random() to generate and do filter the result.

https://github.com/ZcashFoundation/frost/blob/main/frost-ristretto255/src/frost/keys.rs#L186