[hsmtool] Add TODO for ML-DSA domain preparation

Adds a TODO to sign and verify commands to clarify whether domain preparation should be performed by the tool or offloaded to the HSM.

Signed-off-by: Willy Zhang <[email protected]>

Author: Willy Zhang

sw/host/hsmtool/src/commands/mldsa/sign.rs

@@ -52,6 +52,7 @@ impl Dispatch for Sign {
         let object = helper::find_one_object(session, &attrs)?;
 
         let data = fs::read(&self.input)?;
+        // TODO: decide whether domain preparation should be done in this program or if the HSM is expected to do it.
         let data = self.format.mldsa_prepare(self.domain, &data)?;
         let mechanism = self.format.mechanism(KeyType::MlDsa)?;
         let result = session.sign(&mechanism, object, &data)?;

sw/host/hsmtool/src/commands/mldsa/verify.rs

@@ -52,6 +52,7 @@ impl Dispatch for Verify {
         let object = helper::find_one_object(session, &attrs)?;
 
         let data = fs::read(&self.input)?;
+        // TODO: decide whether domain preparation should be done in this program or if the HSM is expected to do it.
         let data = self.format.mldsa_prepare(self.domain, &data)?;
         let mechanism = self.format.mechanism(KeyType::MlDsa)?;
         let signature = if let Some(filename) = &self.signature {