Skip to content

Commit

Permalink
Merge pull request #73 from davidben/issue-72
Browse files Browse the repository at this point in the history 
Simplify hashing by not padding to hash block size
  • Loading branch information
@davidben
davidben authored Sep 8, 2023
2 parents ea8d114 + b98688d commit 17c42e0
Showing 1 changed file with 3 additions and 4 deletions.
7 changes: 3 additions & 4 deletions draft-davidben-tls-merkle-tree-certs.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -522,7 +522,6 @@ struct {
uint8 distinguisher = 0;
opaque issuer_id<1..32>;
uint32 batch_number;
opaque pad[N];
uint64 index;
uint8 level;
} HashEmptyInput;
Expand All @@ -531,7 +530,6 @@ struct {
uint8 distinguisher = 1;
opaque issuer_id<1..32>;
uint32 batch_number;
opaque pad[N];
uint64 index;
uint8 level;
opaque left[hash.length];
Expand All @@ -548,13 +546,12 @@ struct {
uint8 distinguisher = 2;
opaque issuer_id<1..32>;
uint32 batch_number;
opaque pad[N];
uint64 index;
AbridgedAssertion abridged_assertion;
} HashAssertionInput;
~~~

`issuer_id` and `batch_number` are set to the CA's `issuer_id` and the current batch number. `pad` is an array of zeros to pad up to the hash function's block size. For SHA-256, the block size is 64 bytes. `HashAssertionInput.abridged_assertion.subject_info_hash` is set to `hash(assertion.subject_info)` from the function input `assertion`, and the remaining fields of `HashAssertionInput.abridged_assertion` are taken unmodified from `assertion`. The remaining fields, such as `index`, are set to inputs of the function.
`issuer_id` and `batch_number` are set to the CA's `issuer_id` and the current batch number. `HashAssertionInput.abridged_assertion.subject_info_hash` is set to `hash(assertion.subject_info)` from the function input `assertion`, and the remaining fields of `HashAssertionInput.abridged_assertion` are taken unmodified from `assertion`. The remaining fields, such as `index`, are set to inputs of the function.

Tree levels are computed iteratively as follows:

Expand Down Expand Up @@ -1239,6 +1236,8 @@ The authors additionally thank Bob Beck, Ryan Dickson, Nick Harper, Dennis Jacks
## Since draft-davidben-tls-merkle-tree-certs-00
{:numbered="false"}

- Simpify hashing by removing the internal padding to align with block size. #72

- Avoid the temptation of floating points. #66

- Require `lifetime` to be a multiple of `batch_duration`. #65
Expand Down

0 comments on commit 17c42e0

Please sign in to comment.