Documentation
¶
Overview ¶
Package slhdsa implements SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) using Cloudflare's circl library with automatic CGO optimizations when available.
SLH-DSA (FIPS 205, formerly SPHINCS+) is a post-quantum signature scheme based on hash functions. It provides quantum-resistant digital signatures with stateless operation.
Index ¶
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func GetPublicKeySize ¶ added in v1.4.18
GetPublicKeySize returns the size of a public key for the given mode
func GetSignatureSize ¶ added in v1.4.18
GetSignatureSize returns the size of a signature for the given mode
Types ¶
type Mode ¶
type Mode int
Mode represents different security levels and variants of SLH-DSA
const ( // SHA2_128s provides 128-bit security with small signatures (NIST Level 1) SHA2_128s Mode = iota // SHAKE_128s provides 128-bit security with small signatures using SHAKE (NIST Level 1) SHAKE_128s // SHA2_128f provides 128-bit security with fast signing (NIST Level 1) SHA2_128f // SHAKE_128f provides 128-bit security with fast signing using SHAKE (NIST Level 1) SHAKE_128f // SHA2_192s provides 192-bit security with small signatures (NIST Level 3) SHA2_192s // SHAKE_192s provides 192-bit security with small signatures using SHAKE (NIST Level 3) SHAKE_192s // SHA2_192f provides 192-bit security with fast signing (NIST Level 3) SHA2_192f // SHAKE_192f provides 192-bit security with fast signing using SHAKE (NIST Level 3) SHAKE_192f // SHA2_256s provides 256-bit security with small signatures (NIST Level 5) SHA2_256s // SHAKE_256s provides 256-bit security with small signatures using SHAKE (NIST Level 5) SHAKE_256s // SHA2_256f provides 256-bit security with fast signing (NIST Level 5) SHA2_256f // SHAKE_256f provides 256-bit security with fast signing using SHAKE (NIST Level 5) SHAKE_256f )
type PrivateKey ¶
type PrivateKey struct {
PublicKey *PublicKey
// contains filtered or unexported fields
}
PrivateKey represents an SLH-DSA private key
func GenerateKey ¶
func GenerateKey(rand io.Reader, mode Mode) (*PrivateKey, error)
GenerateKey generates a new SLH-DSA key pair using circl
func PrivateKeyFromBytes ¶
func PrivateKeyFromBytes(mode Mode, data []byte) (*PrivateKey, error)
PrivateKeyFromBytes deserializes a private key
func (*PrivateKey) Bytes ¶
func (priv *PrivateKey) Bytes() []byte
Bytes returns the serialized private key
func (*PrivateKey) Public ¶ added in v1.4.18
func (priv *PrivateKey) Public() crypto.PublicKey
Public returns the public key
func (*PrivateKey) Sign ¶
func (priv *PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) ([]byte, error)
Sign signs a message with the private key using circl
type PublicKey ¶
type PublicKey struct {
// contains filtered or unexported fields
}
PublicKey represents an SLH-DSA public key
func PublicKeyFromBytes ¶
PublicKeyFromBytes deserializes a public key
func (*PublicKey) Verify ¶
func (pub *PublicKey) Verify(message, signature []byte, opts crypto.SignerOpts) bool
Verify verifies a signature with the public key using circl The opts parameter is ignored but kept for crypto.Signer interface compatibility
func (*PublicKey) VerifySignature ¶ added in v1.4.18
VerifySignature verifies a signature with the public key (simplified API)
Source Files