Some SDK APIs require a random number data source. A BitSupplier provides a source of random data. This function should be a cryptographically secure random number generator.
Member code works with private keys, so member code must be run in a trusted environment.
The EpidZeroMemory
function is used by the memory allocation routines EpidAlloc
, EpidRealloc
and EpidFree
to wipe the memory as memory is freed.
EpidZeroMemory
function may be optimized away by some compilers. If it is, you should consider using a compiler or operating system specific memory sanitization function (e.g. memcpy_s
or SecureZeroMemory
).SDK math primitives are designed to be replaced with your own implementation if you need to rely on custom hardware for performance. The SDK is designed to simplify this process by isolating implementation details behind a clearly defined interface, defined by the non-internal headers in the epid/common/math
directory. Math functionality has detailed tests to ease validation.
Serialized information in the SDK is passed in fixed size buffer types whenever possible. Collectively these fixed size buffer types are called Octstrings.
In epid/common/types.h, there are a large number of packed structs that contain other packed structs, which eventually contain OctStr* types. Normally these are named *Str and are refered to as Str types.
OctStr* types are buffers that hold N bits, where N is the number at the end of the type name. These types usually represent numbers in a Big Endian format (buffer[0] is the most significant value).
Str types generally represent fixed size groups of numbers such as a point or vector.
OctStr* and Str types are usually populated by reading a buffer from a file or other storage, or by calling a serialize function. OctStr* and Str types must be packed so that the compiler does not insert padding. In the current code, this is done using pragmas.
Many APIs use void* parameters where OctStr* types are expected. If more than one size is allowed, a size parameter is usually also required.
A common idiom in the SDK is the use of flexible array types. These types are structs with the last element being an array of size 1 of some type. Flexible array types always have a size value embedded in the struct. The name of the count and array fields differs between flexible array types.
Flexible array types are expected to be in a buffer of size sizeof(FA) + ((N-1) * sizeof(E))
where FA is the flexible array type, N is the number of elements in the array and E is the type of each element. Note that this may be smaller than sizeof(FA)
if N is 0, in which case referencing any element is an error.
In many cases, functions that accept flexible array types will also expect a buffer size that is compared against the computed size of the array as a sanity check.