From: Loup Vaillant Date: Sat, 9 Sep 2017 11:02:27 +0000 (+0200) Subject: Clarified why we need to hash the message twice in EdDSA X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=057958167028e5c1d116396b8a7383a13ed1209b;p=Monocypher.git Clarified why we need to hash the message twice in EdDSA The code isn't crystal clear about the fact we reuse the result of the first hash in the second hash. A little comment makes sure reviewers don't miss it. --- diff --git a/src/monocypher.c b/src/monocypher.c index aaf2b00..2a096df 100644 --- a/src/monocypher.c +++ b/src/monocypher.c @@ -1536,6 +1536,8 @@ void crypto_sign(u8 signature[64], ge_scalarmult_base(&R, r); ge_tobytes(signature, &R); + // Hash R, the public key, and the message together. + // It cannot be done in paralell with the first hash. u8 h_ram[64]; hash_ram(h_ram, signature, pk, message, message_size);