On Wed, Jan 21, 2026 at 12:31:35PM +0000, David Howells wrote: > Jarkko Sakkinen <[email protected]> wrote: > > > I'd use the wording you used already in commit message, which > > factors more descriptive than what you have here. E.g., name > > it "external_digest". > > ML-DSA uses "external" to mean that the caller does the > digestion/hashing/XOF-ing/whatever Eric wants to call it, but the caller also > has to put other stuff into the digest/hash/XOF/thing that then gets passed to > ML-DSA if it does this. > > For added confusion, the NIST FIPS tests seem to consider what this patch does > as 'external' but an "external mu" as 'internal': > > "tgId": 1, > "testType": "AFT", > "parameterSet": "ML-DSA-44", > "signatureInterface": "external", > "preHash": "pure", > > vs: > > "tgId": 7, > "testType": "AFT", > "parameterSet": "ML-DSA-44", > "signatureInterface": "internal", > "externalMu": true, > > I haven't come up with a better name that particularly describes this. Maybe > use "no_prehash" or "algo_takes_hash" or "algo_takes_data"? > > Maybe better than using a true/false value, use an enum? > > enum public_key_hash { > ALGO_SIGNS_HASH, /* RSA, ECDSA, ... */ > ALGO_SIGNS_DATA, /* MLDSA, ... */ > };
I think this would be better idea, as it makes the states more explicit. And I was actually considering to suggest enum so yeah, I'm on board with this suggestion. > > David > BR, Jarkko
