ed25519_dalek/verifying/
stream.rs

1use curve25519_dalek::edwards::CompressedEdwardsY;
2use sha2::Sha512;
3
4use crate::verifying::RCompute;
5use crate::{signature::InternalSignature, InternalError, SignatureError, VerifyingKey};
6
7/// An IUF verifier for ed25519.
8///
9/// Created with [`VerifyingKey::verify_stream()`] or [`SigningKey::verify_stream()`].
10///
11/// [`SigningKey::verify_stream()`]: super::SigningKey::verify_stream()
12#[allow(non_snake_case)]
13pub struct StreamVerifier {
14    cr: RCompute<Sha512>,
15    sig_R: CompressedEdwardsY,
16}
17
18impl StreamVerifier {
19    /// Constructs new stream verifier.
20    ///
21    /// Seeds hash state with public key and signature components.
22    pub(crate) fn new(public_key: VerifyingKey, signature: InternalSignature) -> Self {
23        Self {
24            cr: RCompute::new(&public_key, signature, None),
25            sig_R: signature.R,
26        }
27    }
28
29    /// Digest message chunk.
30    pub fn update(&mut self, chunk: impl AsRef<[u8]>) {
31        self.cr.update(chunk.as_ref());
32    }
33
34    /// Finalize verifier and check against candidate signature.
35    #[allow(non_snake_case)]
36    pub fn finalize_and_verify(self) -> Result<(), SignatureError> {
37        let expected_R = self.cr.finish();
38
39        if expected_R == self.sig_R {
40            Ok(())
41        } else {
42            Err(InternalError::Verify.into())
43        }
44    }
45}
ed25519_dalek/verifying/stream.rs

ed25519_dalek/verifying/
stream.rs
