SLH-DSA Python API

How to use the crypto_condor.primitives.SLHDSA module to test implementations of SLH-DSA.

Test signing

crypto_condor.primitives.SLHDSA.test_sign(sign, paramset, prehash=False, deterministic=None)

Tests a function that signs with SLH-DSA.

Signs messages with the given implementation and then verifies them. The test passes if the signatures are valid.

SLH-DSA has two variants: a hedged, randomized variant, and a deterministic one. Testing the hedged version requires an implementation to actually verify the signatures, while the deterministic one can be tested by directly comparing the signature to the one provided in the test vector. Currently crypto-condor only supports testing the deterministic variant.

Parameters:

  • sign (Sign) – The function to test.

  • paramset (Paramset) – The parameter set implemented.

  • prehash (bool) – If True, the function implements HashSLH-DSA (message pre-hashing).

  • deterministic (bool | None) – If True, the function implements deterministic signing. This option is ignored for now, as only deterministic signing can be tested.

Returns:

A dictionary of results, with one instance of Results per test vectors file.

Return type:

ResultsDict

Test verifying

crypto_condor.primitives.SLHDSA.test_verify(verify, paramset, prehash=False)

Tests a function that verifies SLH-DSA signatures.

Verifies signatures from test vectors using the given function. The test passes if valid signature are accepted, while invalid signatures are rejected.

Parameters:

  • verify (Verify) – The function to test.

  • paramset (Paramset) – The parameter set implemented.

  • prehash (bool) – If True, the function implements HashSLH-DSA (message pre-hashing).

Returns:

A dictionary of results, with one instance of Results per test vectors file.

Return type:

ResultsDict

Test sign-verify invariant

crypto_condor.primitives.SLHDSA.test_invariant(sign, verify, paramset, prehash=False)

Tests the sign then verify invariant.

Signing a message then verifying the signature with the same implementation should always work, unless an error occurs while signing. To test this invariant, crypto-condor uses some values from test vectors (key pairs, messages, and context string) to perform both operations. The test passes if the signatures generated are valid.

Parameters:

  • sign (Sign) – The signing function.

  • verify (Verify) – The verification function.

  • paramset (Paramset) – The parameter set to test.

  • prehash (bool) – If True, the function implements HashSLH-DSA (message pre-hashing).

Returns:

A dictionary of results.

Return type:

ResultsDict

Parameters

enum crypto_condor.primitives.SLHDSA.Paramset(value)

SLH-DSA parameter set.

Member Type:

str

Valid values are as follows:

SHA2_128S = <Paramset.SHA2_128S: 'SHA2-128s'>
SHAKE_128S = <Paramset.SHAKE_128S: 'SHAKE-128s'>
SHA2_128F = <Paramset.SHA2_128F: 'SHA2-128f'>
SHAKE_128F = <Paramset.SHAKE_128F: 'SHAKE-128f'>
SHA2_192S = <Paramset.SHA2_192S: 'SHA2-192s'>
SHAKE_192S = <Paramset.SHAKE_192S: 'SHAKE-192s'>
SHA2_192F = <Paramset.SHA2_192F: 'SHA2-192f'>
SHAKE_192F = <Paramset.SHAKE_192F: 'SHAKE-192f'>
SHA2_256S = <Paramset.SHA2_256S: 'SHA2-256s'>
SHAKE_256S = <Paramset.SHAKE_256S: 'SHAKE-256s'>
SHA2_256F = <Paramset.SHA2_256F: 'SHA2-256f'>
SHAKE_256F = <Paramset.SHAKE_256F: 'SHAKE-256f'>

The Enum and its members also have the following methods:

classmethod from_name(pset_hash, pset_strength)

Creates instance from a function name.

property pk_size: int

Returns the size of the public key in bytes.

property sk_size: int

Returns the size of the secret key in bytes.

property sig_size: int

Returns the size of the signature in bytes.

Protocols

protocol crypto_condor.primitives.SLHDSA.Keygen

Represents a function that generates SLH-DSA keys.

Classes that implement this protocol must have the following methods / attributes:

__call__()

Generates a SLH-DSA key pair.

Returns:

A tuple (sk, pk) containing the secret key sk and the public key pk.

Return type:

tuple[bytes, bytes]

protocol crypto_condor.primitives.SLHDSA.Sign

Represents a function that signs with SLH-DSA.

Classes that implement this protocol must have the following methods / attributes:

__call__(sk, msg, ctx, ph)

Signs with SLH-DSA.

Parameters:

  • sk (bytes) – The secret key.

  • msg (bytes) – The message to sign.

  • ctx (bytes) – The context string. It can be empty.

  • ph (str) – For the pre-hash variant only, the name of the pre-hash function. For the pure variant, it is an empty string and should be ignored.

Returns:

The signature.

Return type:

bytes

protocol crypto_condor.primitives.SLHDSA.Verify

Represents a function that verifies SLH-DSA signatures.

Classes that implement this protocol must have the following methods / attributes:

__call__(pk, msg, sig, ctx, ph)

Verifies SLH-DSA signatures.

Parameters:

  • pk (bytes) – The public key.

  • msg (bytes) – The message.

  • sig (bytes) – The signature.

  • ctx (bytes) – The context string. It can be empty.

  • ph (str) – For the pre-hash variant only, the name of the pre-hash function. For the pure variant, it is an empty string and should be ignored.

Returns:

True if the signature is valid, False otherwise.

Return type:

bool