Security Scol plugin
|
ed25519 message accumulator More...
#include <xed25519.h>
Public Member Functions | |
CRYPTOPP_CONSTANT (RESERVE_SIZE=2048+64) | |
CRYPTOPP_CONSTANT (SIGNATURE_LENGTH=64) | |
ed25519_MessageAccumulator () | |
Create a message accumulator. | |
ed25519_MessageAccumulator (RandomNumberGenerator &rng) | |
Create a message accumulator. | |
void | Update (const byte *msg, size_t len) |
Add data to the accumulator. | |
void | Restart () |
Reset the accumulator. | |
byte * | signature () |
Retrieve pointer to signature buffer. | |
const byte * | signature () const |
Retrieve pointer to signature buffer. | |
const byte * | data () const |
Retrieve pointer to data buffer. | |
size_t | size () const |
Retrieve size of data buffer. | |
Public Member Functions inherited from HashTransformation | |
HashTransformation & | Ref () |
Provides a reference to this object. | |
virtual byte * | CreateUpdateSpace (size_t &size) |
Request space which can be written into by the caller. | |
virtual void | Final (byte *digest) |
Computes the hash of the current message. | |
unsigned int | TagSize () const |
virtual unsigned int | BlockSize () const |
Provides the block size of the compression function. | |
virtual unsigned int | OptimalBlockSize () const |
Provides the input block size most efficient for this hash. | |
virtual unsigned int | OptimalDataAlignment () const |
Provides input and output data alignment for optimal performance. | |
virtual void | CalculateDigest (byte *digest, const byte *input, size_t length) |
Updates the hash with additional input and computes the hash of the current message. | |
virtual bool | Verify (const byte *digest) |
Verifies the hash of the current message. | |
virtual bool | VerifyDigest (const byte *digest, const byte *input, size_t length) |
Updates the hash with additional input and verifies the hash of the current message. | |
virtual void | CalculateTruncatedDigest (byte *digest, size_t digestSize, const byte *input, size_t length) |
Updates the hash with additional input and computes the hash of the current message. | |
virtual bool | TruncatedVerify (const byte *digest, size_t digestLength) |
Verifies the hash of the current message. | |
virtual bool | VerifyTruncatedDigest (const byte *digest, size_t digestLength, const byte *input, size_t length) |
Updates the hash with additional input and verifies the hash of the current message. | |
Public Member Functions inherited from Algorithm | |
Algorithm (bool checkSelfTestStatus=true) | |
Interface for all crypto algorithms. | |
virtual std::string | AlgorithmName () const |
Provides the name of this algorithm. | |
virtual std::string | AlgorithmProvider () const |
Retrieve the provider of this algorithm. | |
Public Member Functions inherited from Clonable | |
virtual Clonable * | Clone () const |
Copies this object. | |
Protected Attributes | |
std::vector< byte, AllocatorWithCleanup< byte > > | m_msg |
Additional Inherited Members | |
Protected Member Functions inherited from HashTransformation | |
void | ThrowIfInvalidTruncatedSize (size_t size) const |
Validates a truncated digest size. | |
ed25519 message accumulator
ed25519 buffers the entire message, and does not digest the message incrementally. You should be careful with large messages like files on-disk. The behavior is by design because Bernstein feels small messages should be authenticated; and larger messages will be digested by the application.
The accumulator is used for signing and verification. The first 64-bytes of storage is reserved for the signature. During signing the signature storage is unused. During verification the first 64 bytes holds the signature. The signature is provided by the PK_Verifier framework and the call to PK_Signer::InputSignature. Member functions data() and size() refer to the accumulated message. Member function signature() refers to the signature with an implicit size of SIGNATURE_LENGTH bytes.
Applications which digest large messages, like an ISO disk file, should take care because the design effectively disgorges the format operation from the signing operation. Put another way, be careful to ensure what you are signing is is in fact a digest of the intended message, and not a different message digest supplied by an attacker.
Definition at line 278 of file xed25519.h.
|
inline |
Create a message accumulator.
Definition at line 284 of file xed25519.h.
|
inline |
Create a message accumulator.
ed25519 does not use a RNG. You can safely use NullRNG() because IsProbablistic returns false.
Definition at line 291 of file xed25519.h.
|
inline |
Retrieve pointer to data buffer.
Definition at line 323 of file xed25519.h.
|
inlinevirtual |
Reset the accumulator.
Reimplemented from HashTransformation.
Definition at line 304 of file xed25519.h.
|
inline |
Retrieve pointer to signature buffer.
Definition at line 311 of file xed25519.h.
|
inline |
Retrieve pointer to signature buffer.
Definition at line 317 of file xed25519.h.
|
inline |
Retrieve size of data buffer.
Definition at line 329 of file xed25519.h.
|
inlinevirtual |
Add data to the accumulator.
msg | pointer to the data to accumulate |
len | the size of the data, in bytes |
Implements HashTransformation.
Definition at line 298 of file xed25519.h.
|
protected |
Definition at line 335 of file xed25519.h.