Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lms-signature v0.0.1 #815

Merged
merged 1 commit into from
Apr 16, 2024
Merged

lms-signature v0.0.1 #815

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions lms/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# Changelog

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## 0.0.1 (2024-04-16)

- Initial release
12 changes: 3 additions & 9 deletions lms/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
[package]
name = "lms-signature"
version = "0.0.0"
description = "Pure Rust implementation of Leighton-Micali Hash-Based Signatures (RFC 8554)"
version = "0.0.1"
edition = "2021"
license = "Apache-2.0 OR MIT"
repository = "https://github.com/RustCrypto/signatures/tree/master/lms"
Expand All @@ -9,16 +10,9 @@ rust-version = "1.73"
categories = ["cryptography"]
keywords = ["crypto", "signature"]

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[lib]
name = "lms"
path = "src/lib.rs"
edition = "2021"

[dependencies]
digest = "0.10.7"
generic-array = {version = "0.14.4", features = ["zeroize"]}
generic-array = { version = "0.14.4", features = ["zeroize"] }
rand = "0.8.5"
sha2 = "0.10.8"
static_assertions = "1.1.0"
Expand Down
44 changes: 34 additions & 10 deletions lms/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
# Leighton-Micali Hash-Based Signatures
# [RustCrypto]: Leighton-Micali Signatures

[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
[![Build Status][build-image]][build-link]
![Apache2/MIT licensed][license-image]
![MSRV][rustc-image]
[![Project Chat][chat-image]][chat-link]

This repository contains implementations of [Leighton-Micali Hash-Based
Signatures (RFC 8554)](https://datatracker.ietf.org/doc/html/rfc8554).
Expand All @@ -17,10 +24,9 @@ persistent storage after each signature is generated and before it is released
to the rest of the application. Failure to adhere to this requirement is a
security vulnerability in your application.

For a stateless hash-based signature algorithm, see
[SPHINCS+](https://sphincs.org).
For a stateless hash-based signature algorithm, see [SLH-DSA].

NOTE: this project has not been externally audited, but the entire codebase
NOTE: this project has not been externally audited, but the entire codebase
was internally reviewed by cryptographers at Trail of Bits.

## Installation
Expand All @@ -35,10 +41,10 @@ Our implementation uses strongly typed private and public key types.

```rust
let mut rng = thread_rng();
let mut seckey = lms::lms::PrivateKey::new::<LmsSha256M32H10<LmsOtsSha256N32W4>>(&mut rng);
let mut seckey = lms::lms::PrivateKey::new::<LmsSha256M32H10<LmsOtsSha256N32W4> > ( & mut rng);
let pubkey = seckey.public(); // of type lms::lms::PublicKey<LmsSha256M32H10>
let sig = seckey.try_sign_with_rng(&mut rng, "example".as_bytes()).unwrap();
let sig_valid = pubkey.verify("example".as_bytes(), &sig).is_ok();
let sig = seckey.try_sign_with_rng( & mut rng, "example".as_bytes()).unwrap();
let sig_valid = pubkey.verify("example".as_bytes(), & sig).is_ok();
```

We can generate LMOTS signatures in the same way using `lms::ots::PrivateKey`
Expand All @@ -58,13 +64,31 @@ good**.

All crates licensed under either of

* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)
* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)

at your option.

## Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.
dual licensed as above, without any additional terms or conditions.

[//]: # (badges)

[crate-image]: https://buildstats.info/crate/lms-signature
[crate-link]: https://crates.io/crates/lms-signature
[docs-image]: https://docs.rs/lms-signature/badge.svg
[docs-link]: https://docs.rs/lms-signature/
[build-image]: https://github.com/RustCrypto/signatures/actions/workflows/lms.yml/badge.svg
[build-link]: https://github.com/RustCrypto/signatures/actions/workflows/lms.yml
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.73+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260048-signatures

[//]: # (links)

[RustCrypto]: https://github.com/RustCrypto
[SLH-DSA]: https://github.com/RustCrypto/signatures/tree/master/slh-dsa
Loading