Open mikelodder7 opened 8 months ago
RFC9390 requires an XoF, and gives sha2 xmd as a named cipher suite, but RFC9390 permits choosing another XoF like shake128 instead. I guess maybe the traits expose this option?
Yes they do. If you look ExpandMsg supports ExpandMsgXmd or ExpandMsgXof
Alright, so already possible to choose shake128 with this PR? nice :)
Yes any XOF, Shake128, Shake256, etc.
Fyi it is RFC 9380 not 9390 :)
Adds hash_to_curve for Edwards points according to RFC9390