Skip to content

Include SHAKE256-512 digest algorithm.

Yutaka Niibe requested to merge gniibe-main-patch-73135 into main

It is useful for Ed448 users because Ed448 computation uses SHAKE256 internally; When message is hashed by SHAKE256-512, it will be possible for the signature computation by only Keccak primitive (not depending SHA2). This allows minimum support of Ed448 may be smaller.

SHAKE is a bit different to other digest algorithms. It it produces outputs with any desired length. Here, for use of Ed448 message hashing in mind, specific length 512-bit is used.

Merge request reports