Skip to main content

Crate sqisign_verify

Crate sqisign_verify 

Source
Expand description

SQIsign signature verification in pure Rust.

This crate is no_std-compatible, heap-free, and independent of the quaternion algebra stack. It contains all the arithmetic layers needed for verification: field arithmetic (params, fp), elliptic curves (ec), theta model (theta), precomputed constants (precomp), and the verification protocol itself.

§Verify a signature

All verification goes through pk.verify(msg, &sig) via the RustCrypto Verifier trait. It accepts any signature type: Signature, ExpandedSignature, CompressedSignature, or AnySignature (auto-detected from raw bytes).

use hex_literal::hex;
use sqisign_verify::{PublicKey, Signature, Verifier};

let pk_bytes = hex!(
    "07CCD21425136F6E865E497D2D4D208F0054AD81372066E817480787AAF7B202"
    "9550C89E892D618CE3230F23510BFBE68FCCDDAEA51DB1436B462ADFAF008A01"
    "0B"
);
let sig_bytes = hex!(
    "84228651F271B0F39F2F19F2E8718F31ED3365AC9E5CB303AFE663D0CFC11F04"
    "55D891B0CA6C7E653F9BA2667730BB77BEFE1B1A31828404284AF8FD7BAACC01"
    "0001D974B5CA671FF65708D8B462A5A84A1443EE9B5FED7218767C9D85CEED04"
    "DB0A69A2F6EC3BE835B3B2624B9A0DF68837AD00BCACC27D1EC806A448402674"
    "71D86EFF3447018ADB0A6551EE8322AB30010202"
);
let msg = hex!(
    "D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556A"
    "C8"
);

let pk: PublicKey = PublicKey::from_bytes(&pk_bytes)?;
let sig: Signature = Signature::from_bytes(&sig_bytes)?;
pk.verify(&msg, &sig)?;

For raw bytes where the format is unknown, parse into AnySignature first:

use hex_literal::hex;
use sqisign_verify::{formats::AnySignature, PublicKey, Verifier};

let pk: PublicKey = PublicKey::from_bytes(&pk_bytes)?;
let sig = AnySignature::from_bytes(&sig_bytes)?;
pk.verify(&msg, &sig)?;

Re-exports§

pub use formats::CompressedSignature;
pub use formats::ExpandedSignature;
pub use hash::hash_to_challenge;
pub use types::PublicKey;
pub use types::Scalar;
pub use types::Signature;
pub use fp::Fp;
pub use fp::Fp2;
pub use fp::FpBackend;
pub use params::Level1;
pub use params::Level3;
pub use params::Level5;
pub use params::SecurityLevel;
pub use precomp::LevelPrecomp;
pub use signature;

Modules§

ec
Provides Montgomery curve types and arithmetic in projective (X:Z) coordinates, Jacobian (X:Y:Z) coordinates, isogeny types, and torsion-basis types. All types are generic over the security level.
formats
Three wire formats with different size/speed tradeoffs:
fp
SQIsign.
hash
params
Defines the SecurityLevel trait and the marker structs Level1, Level3, Level5 for NIST security levels I, III, V. Downstream crates are generic over L: SecurityLevel and the compiler monomorphizes one specialized copy per level from a single source.
precomp
Contains the base curve E0, torsion point bases, and other per-level constant data needed by the EC and isogeny layers.
theta
Implements the SQIsign2D-West approach for fast verification by working with 2-dimensional isogenies in theta coordinates on abelian surfaces.
types
Wire formats exactly match the v2.0 specification.
verify
Implements the verification protocol from the v2.0 spec, Section 6.

Enums§

Error
Error type for verification failures.

Traits§

SignatureEncoding
Support for decoding/encoding signatures as bytes.
Verifier
Verify the provided message bytestring using Self (e.g. a public key)