Add note about verifying public keys

commit: 1e6e86fa43c890f02b169f0570ac988ac431d40b [log] [tgz]
author: Ken MacKay <kmackay@gmail.com> Wed Oct 07 17:26:47 2020 -0700
committer: Ken MacKay <kmackay@gmail.com> Wed Oct 07 17:26:47 2020 -0700
tree: 00c8394765efe2737d6365e5669624c211cc0ebf
parent: 6e9241793febb61b5790278cec58f9d42d18f58d [diff]
diff --git a/uECC.h b/uECC.h
index b9243b9..dcbdbfa 100644
--- a/uECC.h
+++ b/uECC.h

@@ -166,7 +166,9 @@
 int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve);
 
 /* uECC_shared_secret() function.
-Compute a shared secret given your secret key and someone else's public key.
+Compute a shared secret given your secret key and someone else's public key. If the public key
+is not from a trusted source and has not been previously verified, you should verify it first
+using uECC_valid_public_key().
 Note: It is recommended that you hash the result of uECC_shared_secret() before using it for
 symmetric encryption or HMAC.
commit	1e6e86fa43c890f02b169f0570ac988ac431d40b	[log] [tgz]
author	Ken MacKay <kmackay@gmail.com>	Wed Oct 07 17:26:47 2020 -0700
committer	Ken MacKay <kmackay@gmail.com>	Wed Oct 07 17:26:47 2020 -0700
tree	00c8394765efe2737d6365e5669624c211cc0ebf
parent	6e9241793febb61b5790278cec58f9d42d18f58d [diff]