accept "0" in Secp256k1Scalar::from

[oleiba]

"0" is a valid input.
Previously, ECScalar::from(&BigInt::from("0")) has panicked.
This PR returns ECScalar::zero() in such case.

Motivation for this change:
In https://github.com/KZen-networks/centipede the struct Witness is defined:

pub struct Witness {
    pub x_vec: Vec<FE>,
    pub r_vec: Vec<FE>,
}

where x_vec is a vector of octets, often containing '0'. Therefore, the deserialization of the serialization of such instance of the struct, panics.

[omershlo]

Looks good.

1. Please do the same change for other curves as well
2. this pr raised my concerns again for not being constant time. Concretely there's not much to do for this pr but I will open an issue on this topic

[0xmountaintop]

I think putting this check at the end of the function can avoid not being constant time?
i.e.,

fn from(n: &BigInt) -> Secp256k1Scalar {
    let curve_order = FE::q();
    let n_reduced = BigInt::mod_add(n, &BigInt::from(0), &curve_order);
    let mut v = BigInt::to_vec(&n_reduced);

    if v.len() < SECRET_KEY_SIZE {
        let mut template = vec![0; SECRET_KEY_SIZE - v.len()];
        template.extend_from_slice(&v);
        v = template;
    }

    if n.eq(&BigInt::zero()) {
        Self::zero()
    } else {
        Secp256k1Scalar {
            purpose: "from_big_int",
            fe: SK::from_slice(&v).unwrap(),
        }
    }
}

The above code passes cargo build --features ec_secp256k1

[0xmountaintop]

1. Please do the same change for other curves as well

Other relevant codes:

• fn from(n: &BigInt) -> JubjubScalar in src/elliptic/curves/curve_jubjub.rs
• fn from(n: &BigInt) -> RistrettoScalar in src/elliptic/curves/curve_ristretto.rs
• fn from(n: &BigInt) -> Ed25519Scalar in src/elliptic/curves/ed25519.rs

[elichai]

This is no longer a problem since #120