Expand description
This crate contains utility functions which are used by FN-DSA for key pair generation, signing, and verifying. It is not meant to be used directly.
Modules§
- codec
- Encoding/decoding primitives.
- mq
- Computations with polynomials modulo X^n+1 and modulo q = 12289.
- mq_avx2
- Specialized versions of
mqwhich use AVX2 opcodes (on x86 CPUs). - shake
- SHAKE implementation.
Structs§
- Domain
Context - When a message is signed or verified, it is accompanied with a domain
separation context, which is an arbitrary sequence of bytes of length
at most 255. Such a context is wrapped in a
DomainContextstructure. - Hash
Identifier - The message for which a signature is to be generated or verified is pre-hashed by the caller and provided as a hash value along with an identifier of the used hash function. The identifier is normally an encoded ASN.1 OID. A special identifier is used for “raw” messages (i.e. not pre-hashed at all); it uses a single byte of value 0x00.
- RngError
- Error type of random number generators
Constants§
- DOMAIN_
NONE - Empty domain separation context.
- FN_
DSA_ LOGN_ 512 - Symbolic constant for FN-DSA with degree 512 (
logn = 9). - FN_
DSA_ LOGN_ 1024 - Symbolic constant for FN-DSA with degree 1024 (
logn = 10). - HASH_
ID_ ORIGINAL_ FALCON - Hash function identifier: original Falcon design.
- HASH_
ID_ RAW - Hash function identifier: none.
- HASH_
ID_ SHA3_ 256 - Hash function identifier: SHA3-256
- HASH_
ID_ SHA3_ 384 - Hash function identifier: SHA3-384
- HASH_
ID_ SHA3_ 512 - Hash function identifier: SHA3-512
- HASH_
ID_ SHA256 - Hash function identifier: SHA-256
- HASH_
ID_ SHA384 - Hash function identifier: SHA-384
- HASH_
ID_ SHA512 - Hash function identifier: SHA-512
- HASH_
ID_ SHA512_ 256 - Hash function identifier: SHA-512-256
- HASH_
ID_ SHAK E128 - Hash function identifier: SHAKE128
- HASH_
ID_ SHAK E256 - Hash function identifier: SHAKE256
Traits§
- Crypto
Rng - A marker trait used to indicate that an
RngCoreorBlockRngCoreimplementation is supposed to be cryptographically secure. - PRNG
- Trait for a deterministic pseudorandom generator.
- RngCore
- The core of a random number generator.
Functions§
- has_
avx2 - Do a rutime check for AVX2 support (x86 and x86_64 only).
- hash_
to_ point - Hash a message into a polynomial modulo q = 12289.
- sign_
key_ size - Get the size (in bytes) of a signing key for the provided degree
(degree is
n = 2^logn, with2 <= logn <= 10). - signature_
size - Get the size (in bytes) of a signature for the provided degree
(degree is
n = 2^logn, with2 <= logn <= 10). - vrfy_
key_ size - Get the size (in bytes) of a verifying key for the provided degree
(degree is
n = 2^logn, with2 <= logn <= 10).