Skip to content

Commit

Permalink
lms-signature v0.0.1 (#815)
Browse files Browse the repository at this point in the history
  • Loading branch information
tarcieri authored Apr 16, 2024
1 parent ed9be46 commit fae9707
Show file tree
Hide file tree
Showing 4 changed files with 43 additions and 20 deletions.
2 changes: 1 addition & 1 deletion Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions lms/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# Changelog

All notable changes to this project will be documented in this file.

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## 0.0.1 (2024-04-16)

- Initial release
12 changes: 3 additions & 9 deletions lms/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
[package]
name = "lms-signature"
version = "0.0.0"
description = "Pure Rust implementation of Leighton-Micali Hash-Based Signatures (RFC 8554)"
version = "0.0.1"
edition = "2021"
license = "Apache-2.0 OR MIT"
repository = "https://github.com/RustCrypto/signatures/tree/master/lms"
Expand All @@ -9,16 +10,9 @@ rust-version = "1.73"
categories = ["cryptography"]
keywords = ["crypto", "signature"]

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[lib]
name = "lms"
path = "src/lib.rs"
edition = "2021"

[dependencies]
digest = "0.10.7"
generic-array = {version = "0.14.4", features = ["zeroize"]}
generic-array = { version = "0.14.4", features = ["zeroize"] }
rand = "0.8.5"
sha2 = "0.10.8"
static_assertions = "1.1.0"
Expand Down
44 changes: 34 additions & 10 deletions lms/README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
# Leighton-Micali Hash-Based Signatures
# [RustCrypto]: Leighton-Micali Signatures

[![crate][crate-image]][crate-link]
[![Docs][docs-image]][docs-link]
[![Build Status][build-image]][build-link]
![Apache2/MIT licensed][license-image]
![MSRV][rustc-image]
[![Project Chat][chat-image]][chat-link]

This repository contains implementations of [Leighton-Micali Hash-Based
Signatures (RFC 8554)](https://datatracker.ietf.org/doc/html/rfc8554).
Expand All @@ -17,10 +24,9 @@ persistent storage after each signature is generated and before it is released
to the rest of the application. Failure to adhere to this requirement is a
security vulnerability in your application.

For a stateless hash-based signature algorithm, see
[SPHINCS+](https://sphincs.org).
For a stateless hash-based signature algorithm, see [SLH-DSA].

NOTE: this project has not been externally audited, but the entire codebase
NOTE: this project has not been externally audited, but the entire codebase
was internally reviewed by cryptographers at Trail of Bits.

## Installation
Expand All @@ -35,10 +41,10 @@ Our implementation uses strongly typed private and public key types.

```rust
let mut rng = thread_rng();
let mut seckey = lms::lms::PrivateKey::new::<LmsSha256M32H10<LmsOtsSha256N32W4>>(&mut rng);
let mut seckey = lms::lms::PrivateKey::new::<LmsSha256M32H10<LmsOtsSha256N32W4> > ( & mut rng);
let pubkey = seckey.public(); // of type lms::lms::PublicKey<LmsSha256M32H10>
let sig = seckey.try_sign_with_rng(&mut rng, "example".as_bytes()).unwrap();
let sig_valid = pubkey.verify("example".as_bytes(), &sig).is_ok();
let sig = seckey.try_sign_with_rng( & mut rng, "example".as_bytes()).unwrap();
let sig_valid = pubkey.verify("example".as_bytes(), & sig).is_ok();
```

We can generate LMOTS signatures in the same way using `lms::ots::PrivateKey`
Expand All @@ -58,13 +64,31 @@ good**.

All crates licensed under either of

* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)
* [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
* [MIT license](http://opensource.org/licenses/MIT)

at your option.

## Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted
for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
dual licensed as above, without any additional terms or conditions.
dual licensed as above, without any additional terms or conditions.

[//]: # (badges)

[crate-image]: https://buildstats.info/crate/lms-signature
[crate-link]: https://crates.io/crates/lms-signature
[docs-image]: https://docs.rs/lms-signature/badge.svg
[docs-link]: https://docs.rs/lms-signature/
[build-image]: https://github.com/RustCrypto/signatures/actions/workflows/lms.yml/badge.svg
[build-link]: https://github.com/RustCrypto/signatures/actions/workflows/lms.yml
[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
[rustc-image]: https://img.shields.io/badge/rustc-1.73+-blue.svg
[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260048-signatures

[//]: # (links)

[RustCrypto]: https://github.com/RustCrypto
[SLH-DSA]: https://github.com/RustCrypto/signatures/tree/master/slh-dsa

0 comments on commit fae9707

Please sign in to comment.