Myriachan
commented
3 years ago never mind
Closed Myriachan closed 3 years ago
Myriachan
commented
3 years ago never mind
LoupVaillant
commented
3 years ago Yeah, it’s easy to get confused here, since we always call L the "order of the curve". While "order of the prime order subgroup of the curve" is more correct, it’s quite a mouthful.
Glad to know people are still looking closely enough at my code to catch that kind of thing, though. Please let me know if you find anything suspicious or unclear.
https://github.com/LoupVaillant/Monocypher/blob/baca5d31259c598540e4d1284bc8d8f793abf83a/src/monocypher.c#L2497
The order L is 2^252 + e, not 2^255 + e.
https://datatracker.ietf.org/doc/html/rfc8032#section-5.1