From: Florian Dold <florian.dold@gmail.com>
Date: Mon, 25 May 2020 21:53:29 +0000 (+0530)
Subject: replace Christian's FIXME with an explanation
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=5a69caa07f3f334a76a61f13d8336608b3c5d5e9;p=oweals%2Fgnunet.git

replace Christian's FIXME with an explanation
---

diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 96d546185..e1608ae55 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -544,10 +544,18 @@ void
 GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 {
   BENCHMARK_START (eddsa_key_create);
+  /*
+   * We do not clamp for EdDSA, since all functions that use the private key do
+   * their own clamping (just like in libsodium).  What we call "private key"
+   * here, actually corresponds to the seed in libsodium.
+   *
+   * (Contrast this to ECDSA, where functions using the private key can't clamp
+   * due to properties needed for GNS.  That is a worse/unsafer API, but
+   * required for the GNS constructions to work.)
+   */
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
                               pk,
                               sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
-  // FIXME: should we not do the clamping here? Or is this done elsewhere?
   BENCHMARK_END (eddsa_key_create);
 }