Jarkko Sakkinen <[email protected]> wrote:
> I'd use the wording you used already in commit message, which
> factors more descriptive than what you have here. E.g., name
> it "external_digest".
ML-DSA uses "external" to mean that the caller does the
digestion/hashing/XOF-ing/whatever Eric wants to call it, but the caller also
has to put other stuff into the digest/hash/XOF/thing that then gets passed to
ML-DSA if it does this.
For added confusion, the NIST FIPS tests seem to consider what this patch does
as 'external' but an "external mu" as 'internal':
"tgId": 1,
"testType": "AFT",
"parameterSet": "ML-DSA-44",
"signatureInterface": "external",
"preHash": "pure",
vs:
"tgId": 7,
"testType": "AFT",
"parameterSet": "ML-DSA-44",
"signatureInterface": "internal",
"externalMu": true,
I haven't come up with a better name that particularly describes this. Maybe
use "no_prehash" or "algo_takes_hash" or "algo_takes_data"?
Maybe better than using a true/false value, use an enum?
enum public_key_hash {
ALGO_SIGNS_HASH, /* RSA, ECDSA, ... */
ALGO_SIGNS_DATA, /* MLDSA, ... */
};
David
