From 6f70986cb17dd2248a3eb73760834d7941baadc5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Olivier=20Ch=C3=A9ron?= <olivier.cheron@gmail.com>
Date: Tue, 4 Feb 2020 21:39:50 +0100
Subject: [PATCH] Avoid signature padding when not required

---
 Crypto/PubKey/EdDSA.hs | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/Crypto/PubKey/EdDSA.hs b/Crypto/PubKey/EdDSA.hs
index 7754bcc..fc69a06 100644
--- a/Crypto/PubKey/EdDSA.hs
+++ b/Crypto/PubKey/EdDSA.hs
@@ -178,10 +178,12 @@ encodeSignature :: EllipticCurveEdDSA curve
                 => proxy curve
                 -> (Bytes, Point curve, Scalar curve)
                 -> Signature curve
-encodeSignature prx (bsR, _, sS) =
-    let bsS  = encodeScalarLE prx sS :: Bytes
-        len0 = signatureSize prx - B.length bsR - B.length bsS
-     in Signature $ B.concat [ bsR, bsS, B.zero len0 ]
+encodeSignature prx (bsR, _, sS) = Signature $
+    if len0 > 0 then B.concat [ bsR, bsS, pad0 ] else B.append bsR bsS
+  where
+    bsS  = encodeScalarLE prx sS
+    len0 = signatureSize prx - B.length bsR - B.length bsS
+    pad0 = B.zero len0
 
 decodeSignature :: EllipticCurveEdDSA curve
                 => proxy curve