X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/77fdf13a3806b30dd8c2caac23ce5c160904bac9..bd6d65e32b835551677456bf286d09ced6859882:/pub/dsa-misc.c

diff --git a/pub/dsa-misc.c b/pub/dsa-misc.c
index 4f68c7bc..3902f68e 100644
--- a/pub/dsa-misc.c
+++ b/pub/dsa-misc.c
@@ -67,7 +67,7 @@ mp *dsa_h2n(mp *d, mp *r, const void *h, size_t hsz)
  *		@mp *q@ = order of the DSA group
  *		@mp *x@ = secret key
  *		@const octet *m@ = message hash
- *		@const gchash *h@ = hash class
+ *		@const gchash *ch@ = hash class
  *		@grand *r@ = random bit source, or null
  *
  * Returns:	A nonce.
@@ -84,6 +84,7 @@ mp *dsa_nonce(mp *d, mp *q, mp *x, const octet *m,
   size_t bsz = 2*n + 2*ch->hashsz;
   octet *b = XS_ALLOC(bsz);
   octet *kb = b, *rb = kb + n, *hb = rb + ch->hashsz;
+  static const char prefix[] = "catacomb-dsa-nonce";
   ghash *h;
 
   mp_storeb(x, kb, n);
@@ -92,6 +93,7 @@ mp *dsa_nonce(mp *d, mp *q, mp *x, const octet *m,
   do {
     for (j = 0; j < n; j += ch->hashsz) {
       h = GH_INIT(ch);
+      GH_HASH(h, prefix, sizeof(prefix));
       GH_HASHBUF32(h, kb, n);
       GH_HASHBUF32(h, m, ch->hashsz);
       if (r) GH_HASHBUF32(h, rb, ch->hashsz);