SLH-DSA Python API¶
How to use the crypto_condor.primitives.SLHDSA
module to test
implementations of SLH-DSA.
Test signing¶
- crypto_condor.primitives.SLHDSA.test_sign(sign, paramset, prehash=False, deterministic=None)¶
Tests a function that signs with SLH-DSA.
Signs messages with the given implementation and then verifies them. The test passes if the signatures are valid.
SLH-DSA has two variants: a hedged, randomized variant, and a deterministic one. Testing the hedged version requires an implementation to actually verify the signatures, while the deterministic one can be tested by directly comparing the signature to the one provided in the test vector. Currently crypto-condor only supports testing the deterministic variant.
- Parameters:
sign (Sign) – The function to test.
paramset (Paramset) – The parameter set implemented.
prehash (bool) – If True, the function implements HashSLH-DSA (message pre-hashing).
deterministic (bool | None) – If True, the function implements deterministic signing. This option is ignored for now, as only deterministic signing can be tested.
- Returns:
A dictionary of results, with one instance of
Results
per test vectors file.- Return type:
Test verifying¶
- crypto_condor.primitives.SLHDSA.test_verify(verify, paramset, prehash=False)¶
Tests a function that verifies SLH-DSA signatures.
Verifies signatures from test vectors using the given function. The test passes if valid signature are accepted, while invalid signatures are rejected.
- Parameters:
- Returns:
A dictionary of results, with one instance of
Results
per test vectors file.- Return type:
Test sign-verify invariant¶
- crypto_condor.primitives.SLHDSA.test_invariant(sign, verify, paramset, prehash=False)¶
Tests the sign then verify invariant.
Signing a message then verifying the signature with the same implementation should always work, unless an error occurs while signing. To test this invariant, crypto-condor uses some values from test vectors (key pairs, messages, and context string) to perform both operations. The test passes if the signatures generated are valid.
- Parameters:
- Returns:
A dictionary of results.
- Return type:
Parameters¶
- enum crypto_condor.primitives.SLHDSA.Paramset(value)¶
SLH-DSA parameter set.
- Member Type:
str
Valid values are as follows:
- SHA2_128S = <Paramset.SHA2_128S: 'SHA2-128s'>¶
- SHAKE_128S = <Paramset.SHAKE_128S: 'SHAKE-128s'>¶
- SHA2_128F = <Paramset.SHA2_128F: 'SHA2-128f'>¶
- SHAKE_128F = <Paramset.SHAKE_128F: 'SHAKE-128f'>¶
- SHA2_192S = <Paramset.SHA2_192S: 'SHA2-192s'>¶
- SHAKE_192S = <Paramset.SHAKE_192S: 'SHAKE-192s'>¶
- SHA2_192F = <Paramset.SHA2_192F: 'SHA2-192f'>¶
- SHAKE_192F = <Paramset.SHAKE_192F: 'SHAKE-192f'>¶
- SHA2_256S = <Paramset.SHA2_256S: 'SHA2-256s'>¶
- SHAKE_256S = <Paramset.SHAKE_256S: 'SHAKE-256s'>¶
- SHA2_256F = <Paramset.SHA2_256F: 'SHA2-256f'>¶
- SHAKE_256F = <Paramset.SHAKE_256F: 'SHAKE-256f'>¶
The
Enum
and its members also have the following methods:- classmethod from_name(pset_hash, pset_strength)¶
Creates instance from a function name.
- property pk_size: int¶
Returns the size of the public key in bytes.
- property sk_size: int¶
Returns the size of the secret key in bytes.
- property sig_size: int¶
Returns the size of the signature in bytes.
Protocols¶
- protocol crypto_condor.primitives.SLHDSA.Keygen¶
Represents a function that generates SLH-DSA keys.
Classes that implement this protocol must have the following methods / attributes:
- __call__()¶
Generates a SLH-DSA key pair.
- Returns:
A tuple
(sk, pk)
containing the secret keysk
and the public keypk
.- Return type:
tuple[bytes, bytes]
- protocol crypto_condor.primitives.SLHDSA.Sign¶
Represents a function that signs with SLH-DSA.
Classes that implement this protocol must have the following methods / attributes:
- __call__(sk, msg, ctx, ph)¶
Signs with SLH-DSA.
- Parameters:
sk (bytes) – The secret key.
msg (bytes) – The message to sign.
ctx (bytes) – The context string. It can be empty.
ph (str) – For the pre-hash variant only, the name of the pre-hash function. For the pure variant, it is an empty string and should be ignored.
- Returns:
The signature.
- Return type:
bytes
- protocol crypto_condor.primitives.SLHDSA.Verify¶
Represents a function that verifies SLH-DSA signatures.
Classes that implement this protocol must have the following methods / attributes:
- __call__(pk, msg, sig, ctx, ph)¶
Verifies SLH-DSA signatures.
- Parameters:
pk (bytes) – The public key.
msg (bytes) – The message.
sig (bytes) – The signature.
ctx (bytes) – The context string. It can be empty.
ph (str) – For the pre-hash variant only, the name of the pre-hash function. For the pure variant, it is an empty string and should be ignored.
- Returns:
True if the signature is valid, False otherwise.
- Return type:
bool