Expand description
This crate contains utility functions which are used by FN-DSA for key pair generation, signing, and verifying. It is not meant to be used directly.
Modules§
- Encoding/decoding primitives.
- Computations with polynomials modulo X^n+1 and modulo q = 12289.
- Specialized versions of
mq
which use AVX2 opcodes (on x86 CPUs). - SHAKE implementation.
Structs§
- When a message is signed or verified, it is accompanied with a domain separation context, which is an arbitrary sequence of bytes of length at most 255. Such a context is wrapped in a
DomainContext
structure. - The message for which a signature is to be generated or verified is pre-hashed by the caller and provided as a hash value along with an identifier of the used hash function. The identifier is normally an encoded ASN.1 OID. A special identifier is used for “raw” messages (i.e. not pre-hashed at all); it uses a single byte of value 0x00.
- Error type of random number generators
Constants§
- Empty domain separation context.
- Symbolic constant for FN-DSA with degree 512 (
logn = 9
). - Symbolic constant for FN-DSA with degree 1024 (
logn = 10
). - Hash function identifier: original Falcon design.
- Hash function identifier: none.
- Hash function identifier: SHA3-256
- Hash function identifier: SHA3-384
- Hash function identifier: SHA3-512
- Hash function identifier: SHA-256
- Hash function identifier: SHA-384
- Hash function identifier: SHA-512
- Hash function identifier: SHA-512-256
- Hash function identifier: SHAKE128
- Hash function identifier: SHAKE256
Traits§
- A marker trait used to indicate that an
RngCore
orBlockRngCore
implementation is supposed to be cryptographically secure. - Trait for a deterministic pseudorandom generator.
- The core of a random number generator.
Functions§
- Do a rutime check for AVX2 support (x86 and x86_64 only).
- Hash a message into a polynomial modulo q = 12289.
- Get the size (in bytes) of a signing key for the provided degree (degree is
n = 2^logn
, with2 <= logn <= 10
). - Get the size (in bytes) of a signature for the provided degree (degree is
n = 2^logn
, with2 <= logn <= 10
). - Get the size (in bytes) of a verifying key for the provided degree (degree is
n = 2^logn
, with2 <= logn <= 10
).