Add Digest::from_bytes#1495
Conversation
`Digest::from_bytes` can be used to create a `Digest` structure from an external source, without any knowledge of the digested message. I agree to license my contributions to each file under the terms given at the top of each file I changed.
ldufr
force-pushed
the
b/digest-from-bytes
branch
from
be34e59 to
ce1ca78
Compare
| return Err(crate::error::Unspecified); | ||
| } | ||
|
|
||
| const SIZE: usize = 512 / 8 / core::mem::size_of::<BigEndian<u64>>(); |
There was a problem hiding this comment.
That's a bit dodgy and there is certainly a much better way. Do you have a recommendation?
|
I'm not excited about this idea. The idea of What is the use case you're trying to address? |
|
In my case, it's impractical to have the original message, because it can be 100s of MBs, on a different machine. Furthermore, I can't send the private key to the machine with the data, for security reasons. The goal is to split the digesting of this message and the signing of the message, which can be done with this PR in combination with #1493. Edit: I will confirm later today that's still my case. I realize now that this might have been an original assumption which was in fact incorrect. |
|
I double checked and it was indeed an incorrect assumption, because the digest received doesn't need to be encrypted, but instead the digest of a "document" containing this digest. This mean that we still compute the digest ourselves. Anyway, thanks for your time and have a nice day! |
2 participants
Digest::from_bytescan be used to create aDigeststructure from an external source, without any knowledge of the digested message.This can be particularly useful in combination with MR #1493 to sign a digest on behalf of a user authenticated through other means without exposing the private key of the user.