]> Cypherpunks repositories - keks.git/commitdiff
projects / keks.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af18c92)
Draft -merkle hashing modes
authorSergey Matveev <stargrave@stargrave.org>
Sun, 26 Jan 2025 15:01:13 +0000 (18:01 +0300)
committerSergey Matveev <stargrave@stargrave.org>
Sun, 26 Jan 2025 15:01:13 +0000 (18:01 +0300)
spec/format/hashed.texi patch | blob | history

diff --git a/spec/format/hashed.texi b/spec/format/hashed.texi
index 2653b327adb8fe224d64ad57340492aa7748258f77043ceb49bfb9dbac3f3213..8bf30f92bb1a3a09645bc66e08e473673afec14a89aaaaaab7c9d2fa18bd8e2b 100644 (file)
--- a/spec/format/hashed.texi
+++ b/spec/format/hashed.texi
@@ -22,10 +22,21 @@ algorithms.
 @node pki-hashed-blake2b
 @subsection pki-hashed with BLAKE2b
 
-@url{https://www.blake2.net/, BLAKE2b} with
-512-bit output has @code{blake2b} algorithm identifier.
+    @url{https://www.blake2.net/, BLAKE2b} with
+    512-bit output has @code{blake2b} algorithm identifier.
 
-256-bit output has @code{blake2b256} algorithm identifier.
+    256-bit output has @code{blake2b256} algorithm identifier.
+
+@node pki-hashed-blake2b-merkle
+@subsection pki-hashed with BLAKE2b in Merkle-tree mode
+
+    BLAKE2b-512 is used in Merkle tree hashing mode, as described in
+    @url{https://datatracker.ietf.org/doc/html/rfc9162, RFC 9162},
+    except that no @code{0x00}/@code{0x01} constants are appended to
+    the hashed data, but BLAKE2b is initialised in keyed mode with
+    either "LEAF" or "NODE" keys.
+
+    @code{blake2b-merkle} algorithm identifier is used.
 
 @node pki-hashed-blake3
 @subsection pki-hashed with BLAKE3
@@ -46,27 +57,33 @@ algorithms.
     @url{https://keccak.team/, SHAKE} XOF function with fixed
     256 (SHAKE128) or 512 (SHAKE256) bit output.
 
-    Following algorithm identifiers are acceptable:
-    @code{shake128}, @code{shake256}.
+    @code{shake128}, @code{shake256} algorithm identifiers are used.
 
 @node pki-hashed-skein512
 @subsection pki-hashed with Skein-512
 
     512-bit @url{https://www.schneier.com/academic/skein/, Skein-512} hash.
 
-    @code{skein512} is acceptable algorithm identifier.
+    @code{skein512} algorithm identifier is used.
 
 @node pki-hashed-gost3411
 @subsection pki-hashed with GOST R 34.11-2012
 
     Streebog must be big-endian serialised.
 
-    Following algorithm identifiers are acceptable:
-    @code{streebog256}, @code{streebog512}.
+    @code{streebog256}, @code{streebog512} algorithm identifiers are used.
+
+@node pki-hashed-gost3411-merkle
+@subsection pki-hashed with GOST R 34.11-2012 in Merkle tree mode
+
+    Streebog-512 is used in Merkle tree hashing mode, as described in
+    @url{https://datatracker.ietf.org/doc/html/rfc9162, RFC 9162}.
+
+    @code{streebog512-merkle} algorithm identifier is used.
 
 @node pki-hashed-xxh3-128
 @subsection pki-hashed with XXH3-128
 
     128-bit @url{https://xxhash.com/, XXH3} hash must be big-endian encoded.
 
-    @code{xxh3-128} is acceptable algorithm identifier.
+    @code{xxh3-128} algorithm identifier is used.
KEKS codec