Expand description
Quantum-Sign cryptographic module boundary. Provides deterministic randomness interfaces and (eventually) signature/KEM glue.
Re-exports§
pub use public::kid_from_spki_der;pub use public::spki_der_canonical;pub use public::spki_mldsa_paramset;pub use public::spki_subject_key_bytes;
Modules§
- mldsa87
- FIPS 204 ML-DSA-87 canonical lengths (bytes).
- public
- Utilities for canonical SPKI handling and key identifiers.
Structs§
- Hmac
Sha512 Drbg - HMAC-DRBG (SHA-512) wrapper implementing
DeterministicRng. - Keypair
- Simple keypair container.
Enums§
- Crypto
Error - Cryptographic operation errors.
- Digest
Alg - Supported artifact digest algorithms.
- Drbg
Error - Errors surfaced by deterministic random bit generators inside the crypto module.
Constants§
- MLDS
A87_ PUBLIC_ KEY_ LEN - Length in bytes of an ML-DSA-87 verifying key.
- MLDS
A87_ SECRET_ KEY_ LEN - Length in bytes of an ML-DSA-87 signing key.
- MLDS
A87_ SIGNATURE_ LEN - Length in bytes of an ML-DSA-87 signature.
- TRANSCRIPT_
DIGEST_ LEN - Length of the transcript digest (SHA-256 output).
Traits§
- Deterministic
Rng - Trait implemented by deterministic random bit generators used by Quantum-Sign.
Functions§
- is_
level5_ sig_ alg - Return true when the supplied signature algorithm identifier satisfies Level-5 policy.
- keypair_
mldsa87 - Generate an ML-DSA-87 keypair using the provided DRBG.
- kid_
from_ public_ key - Compute the canonical key identifier for an ML-DSA-87 verifying key.
- public_
key_ to_ spki - Convert a raw ML-DSA-87 public key into canonical SPKI DER bytes.
- random_
bytes - Utility for generating a fixed number of bytes using a fresh OS-seeded DRBG.
- sign_
mldsa87 - Produce an ML-DSA-87 signature over
message(usually a digest) with explicit context. - transcript_
digest - Compute the policy-bound transcript digest consumed by ML-DSA signatures.
- verify_
mldsa87 - Verify an ML-DSA-87 signature over
message. - verify_
mldsa87_ spki - Verify an ML-DSA-87 signature against an SPKI-encoded public key.