skaunov
commented
4 months ago 1) add $p$ to the test signature and verify
2) find a hash greater than $p$
3) test the signing-verifying with it
4) consider adding Eq kind of trait in Rust implementations
(also hash improbable to be equal $p$ and basically should be rejected)
It might be a RustCrypto thing which just panics on certain methods when bytes yields the value larger than $p$, but it's still a worthy case to have in the suite across implementation to be sure that wrapping is done correctly, and that signatures equality can be facilitated.