From e749e4e85deed27dd274c0562509d9b3ff29178e Mon Sep 17 00:00:00 2001
From: Kevin Heifner <heifnerk@objectcomputing.com>
Date: Tue, 5 Dec 2023 08:14:59 -0600
Subject: [PATCH] GH-19 Use affine non-montgomery form of public key for proof
 of possession

---
 src/signatures.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/signatures.cpp b/src/signatures.cpp
index 3ad2d6a..63b7f20 100644
--- a/src/signatures.cpp
+++ b/src/signatures.cpp
@@ -630,7 +630,7 @@ bool aggregate_verify(
 g2 pop_prove(const array<uint64_t, 4>& sk)
 {
     g1 pk = public_key(sk);
-    array<uint8_t, 96> msg = pk.toAffineBytesLE(true);
+    array<uint8_t, 96> msg = pk.toAffineBytesLE(false);
     g2 hashed_key = fromMessage(vector<uint8_t>(msg.begin(), msg.end()), POP_CIPHERSUITE_ID);
     return hashed_key.scale(sk);
 }
@@ -640,7 +640,7 @@ bool pop_verify(
     const g2& signature_proof
 )
 {
-    array<uint8_t, 96> msg = pubkey.toAffineBytesLE(true);
+    array<uint8_t, 96> msg = pubkey.toAffineBytesLE(false);
     const g2 hashedPoint = fromMessage(vector<uint8_t>(msg.begin(), msg.end()), POP_CIPHERSUITE_ID);
 
     if(!pubkey.isOnCurve() || !pubkey.inCorrectSubgroup())