Find
C
ase-sensitive
R
egexp search
Path
comm-central
/
third_party
/
botan
/
src
/
lib
/
pubkey
/
eckcdsa
Navigation
Enable keyboard shortcuts
Name
Description
Size
eckcdsa.cpp
@brief Truncate hash output if needed. If the output length of the hash function exceeds the size of the group order, ISO/IEC 14888-3:2018 specifies a truncation of the hash output when calculating the witness R (the first part of the signature) and H. The truncation is specified as follows: R = I2BS(beta', BS2I(gamma, R) mod 2^beta') H = I2BS(beta', BS2I(gamma, H) mod 2^beta') where - gamma: the output bit-length of the hash-function - beta: the bit-length of the prime number q (i.e. the group order size) - beta' = 8 * ceil(beta / 8) This essentially means a truncation on the byte level happens from the low side of the hash. @param[in,out] digest The hash output to potentially truncate. @param[in] group_order_bytes Size of the group order.
10145
eckcdsa.h
This class represents ECKCDSA public keys.
4398
info.txt
224