LoupVaillant / Monocypher

An easy to use, easy to deploy crypto library
https://monocypher.org
Other
614 stars 80 forks source link

Comment mistake in "Dirty ephemeral public key generation" #222

Closed Myriachan closed 3 years ago

Myriachan commented 3 years ago

https://github.com/LoupVaillant/Monocypher/blob/baca5d31259c598540e4d1284bc8d8f793abf83a/src/monocypher.c#L2497

The order L is 2^252 + e, not 2^255 + e.

https://datatracker.ietf.org/doc/html/rfc8032#section-5.1

Myriachan commented 3 years ago

never mind

LoupVaillant commented 3 years ago

Yeah, it’s easy to get confused here, since we always call L the "order of the curve". While "order of the prime order subgroup of the curve" is more correct, it’s quite a mouthful.

Glad to know people are still looking closely enough at my code to catch that kind of thing, though. Please let me know if you find anything suspicious or unclear.