18 std::span<uint8_t> output,
19 std::span<const uint8_t> input,
20 std::span<const uint8_t> domain_sep) {
21 if(domain_sep.size() > 0xFF) {
23 throw Not_Implemented(
"XMD does not currently implement oversize DST handling");
26 const uint8_t domain_sep_len =
static_cast<uint8_t
>(domain_sep.size());
29 const size_t block_size = hash->hash_block_size();
34 const size_t hash_output_size = hash->output_length();
35 if(output.size() > 255 * hash_output_size || output.size() > 0xFFFF) {
36 throw Invalid_Argument(
"expand_message_xmd requested output length too long");
41 hash->update(std::vector<uint8_t>(block_size));
43 hash->update_be(
static_cast<uint16_t
>(output.size()));
45 hash->update(domain_sep);
46 hash->update(domain_sep_len);
54 hash->update(domain_sep);
55 hash->update(domain_sep_len);
61 const size_t produced = std::min(output.size(), hash_output_size);
63 copy_mem(&output[0], b_i.data(), produced);
64 output = output.subspan(produced);
75 hash->update(domain_sep);
76 hash->update(domain_sep_len);