bc_components/mldsa/mldsa_signature.rs
1use anyhow::{ anyhow, Result };
2use dcbor::prelude::*;
3use pqcrypto_mldsa::*;
4use pqcrypto_traits::sign::*;
5
6use crate::tags;
7
8use super::MLDSA;
9
10/// A digital signature created with the ML-DSA post-quantum signature algorithm.
11///
12/// `MLDSASignature` represents a digital signature created using the ML-DSA
13/// (Module Lattice-based Digital Signature Algorithm) post-quantum algorithm.
14/// It supports multiple security levels through the variants:
15///
16/// - `MLDSA44`: NIST security level 2 (roughly equivalent to AES-128)
17/// - `MLDSA65`: NIST security level 3 (roughly equivalent to AES-192)
18/// - `MLDSA87`: NIST security level 5 (roughly equivalent to AES-256)
19///
20/// ML-DSA signatures can be verified using the corresponding public key.
21///
22/// # Examples
23///
24/// ```
25/// use bc_components::MLDSA;
26///
27/// // Generate a keypair
28/// let (private_key, public_key) = MLDSA::MLDSA44.keypair();
29///
30/// // Sign a message
31/// let message = b"Hello, post-quantum world!";
32/// let signature = private_key.sign(message);
33///
34/// // Verify the signature
35/// assert!(public_key.verify(&signature, message).unwrap());
36/// ```
37#[derive(Clone)]
38pub enum MLDSASignature {
39 /// An ML-DSA44 signature (NIST security level 2)
40 MLDSA44(Box<mldsa44::DetachedSignature>),
41 /// An ML-DSA65 signature (NIST security level 3)
42 MLDSA65(Box<mldsa65::DetachedSignature>),
43 /// An ML-DSA87 signature (NIST security level 5)
44 MLDSA87(Box<mldsa87::DetachedSignature>),
45}
46
47/// Implements equality comparison for ML-DSA signatures.
48impl PartialEq for MLDSASignature {
49 /// Compares two ML-DSA signatures for equality.
50 ///
51 /// Two ML-DSA signatures are equal if they have the same raw byte representation.
52 fn eq(&self, other: &Self) -> bool {
53 self.as_bytes() == other.as_bytes()
54 }
55}
56
57impl MLDSASignature {
58 /// Returns the security level of this ML-DSA signature.
59 pub fn level(&self) -> MLDSA {
60 match self {
61 MLDSASignature::MLDSA44(_) => MLDSA::MLDSA44,
62 MLDSASignature::MLDSA65(_) => MLDSA::MLDSA65,
63 MLDSASignature::MLDSA87(_) => MLDSA::MLDSA87,
64 }
65 }
66
67 /// Returns the size of this ML-DSA signature in bytes.
68 pub fn size(&self) -> usize {
69 self.level().signature_size()
70 }
71
72 /// Returns the raw bytes of this ML-DSA signature.
73 pub fn as_bytes(&self) -> &[u8] {
74 match self {
75 MLDSASignature::MLDSA44(sig) => sig.as_bytes(),
76 MLDSASignature::MLDSA65(sig) => sig.as_bytes(),
77 MLDSASignature::MLDSA87(sig) => sig.as_bytes(),
78 }
79 }
80
81 /// Creates an ML-DSA signature from raw bytes and a security level.
82 ///
83 /// # Parameters
84 ///
85 /// * `level` - The security level of the signature.
86 /// * `bytes` - The raw bytes of the signature.
87 ///
88 /// # Returns
89 ///
90 /// An `MLDSASignature` if the bytes represent a valid signature for the given level,
91 /// or an error otherwise.
92 ///
93 /// # Errors
94 ///
95 /// Returns an error if the bytes do not represent a valid ML-DSA signature
96 /// for the specified security level.
97 pub fn from_bytes(level: MLDSA, bytes: &[u8]) -> Result<Self> {
98 match level {
99 MLDSA::MLDSA44 =>
100 Ok(
101 MLDSASignature::MLDSA44(
102 Box::new(
103 mldsa44::DetachedSignature::from_bytes(bytes).map_err(|e| anyhow!(e))?
104 )
105 )
106 ),
107 MLDSA::MLDSA65 =>
108 Ok(
109 MLDSASignature::MLDSA65(
110 Box::new(
111 mldsa65::DetachedSignature::from_bytes(bytes).map_err(|e| anyhow!(e))?
112 )
113 )
114 ),
115 MLDSA::MLDSA87 =>
116 Ok(
117 MLDSASignature::MLDSA87(
118 Box::new(
119 mldsa87::DetachedSignature::from_bytes(bytes).map_err(|e| anyhow!(e))?
120 )
121 )
122 ),
123 }
124 }
125}
126
127/// Provides debug formatting for ML-DSA signatures.
128impl std::fmt::Debug for MLDSASignature {
129 /// Formats the signature as a string for debugging purposes.
130 fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
131 match self {
132 MLDSASignature::MLDSA44(_) => f.write_str("MLDSA44Signature"),
133 MLDSASignature::MLDSA65(_) => f.write_str("MLDSA65Signature"),
134 MLDSASignature::MLDSA87(_) => f.write_str("MLDSA87Signature"),
135 }
136 }
137}
138
139/// Defines CBOR tags for ML-DSA signatures.
140impl CBORTagged for MLDSASignature {
141 /// Returns the CBOR tag for ML-DSA signatures.
142 fn cbor_tags() -> Vec<Tag> {
143 tags_for_values(&[tags::TAG_MLDSA_SIGNATURE])
144 }
145}
146
147/// Converts an `MLDSASignature` to CBOR.
148impl From<MLDSASignature> for CBOR {
149 /// Converts to tagged CBOR.
150 fn from(value: MLDSASignature) -> Self {
151 value.tagged_cbor()
152 }
153}
154
155/// Implements CBOR encoding for ML-DSA signatures.
156impl CBORTaggedEncodable for MLDSASignature {
157 /// Creates the untagged CBOR representation as an array with level and signature bytes.
158 fn untagged_cbor(&self) -> CBOR {
159 vec![self.level().into(), CBOR::to_byte_string(self.as_bytes())].into()
160 }
161}
162
163/// Attempts to convert CBOR to an `MLDSASignature`.
164impl TryFrom<CBOR> for MLDSASignature {
165 type Error = dcbor::Error;
166
167 /// Converts from tagged CBOR.
168 fn try_from(cbor: CBOR) -> dcbor::Result<Self> {
169 Self::from_tagged_cbor(cbor)
170 }
171}
172
173/// Implements CBOR decoding for ML-DSA signatures.
174impl CBORTaggedDecodable for MLDSASignature {
175 /// Creates an `MLDSASignature` from untagged CBOR.
176 ///
177 /// # Errors
178 /// Returns an error if the CBOR value doesn't represent a valid ML-DSA signature.
179 fn from_untagged_cbor(untagged_cbor: CBOR) -> dcbor::Result<Self> {
180 match untagged_cbor.as_case() {
181 CBORCase::Array(elements) => {
182 if elements.len() != 2 {
183 return Err("MLDSASignature must have two elements".into());
184 }
185
186 let level = MLDSA::try_from(elements[0].clone())?;
187 let data = CBOR::try_into_byte_string(elements[1].clone())?;
188 Ok(MLDSASignature::from_bytes(level, &data)?)
189 }
190 _ => {
191 return Err("MLDSASignature must be an array".into());
192 }
193 }
194 }
195}