| commit | 2d7608cd8216042521249b62b40908bf4ab742a8 | [log] [tgz] |
|---|---|---|
| author | joshuayuen99 <[email protected]> | Wed Sep 27 18:04:17 2023 -0400 |
| committer | joshuayuen99 <[email protected]> | Tue Oct 03 17:19:49 2023 -0400 |
| tree | dd5f0473eaf7aa8c22b1a2ad519cbbeb34c4913a | |
| parent | 7e730f5f984887ecdbe2dd700c23e19c44b2a134 [diff] |
Fix old expected pub and K values for tests
This Python package contains a free and open source implementation of HSS/LMS Hash-based Digital Signatures as defined in RFC 8554.
Generate a HSS/LMS private key:
priv_key = pyhsslms.HssLmsPrivateKey.genkey('mykey', levels=2)
The private key is stored in mykey.prv, and the public key is stored in mykey.pub. Of course, the mykey.prv must be protected from disclosure, and it gets updated every time a signature is created. Restoring mykey.prv from backup can cause a node in the tree to be used more that once, forfeiting all security.
Sign a file with a HSS/LMS private key:
priv_key.signFile('myfile.txt')
The private key was generated above is used to sign the content of myfile.txt, and the signature is stored in myfile.txt.sig.
Sign a buffer with a HSS/LMS private key:
sigbuf = prv_key.sign(buffer)
The private key was generated above is used to sign the content of buffer, and the signature is returned in sigbuf.
Verify a signature on a file with a HSS/LMS public key:
pub_key = pyhsslms.HssLmsPublicKey('mykey') if pub_key.verifyFile('myfile.txt'): print('Signature is valid') else: print('Signature is NOT valid!')
Verify a signature on a buffer with a HSS/LMS public key:
pub_key = pyhsslms.HssLmsPublicKey('mykey') validity = pub_key.verify(buffer, sigbuf) if validity: print('Signature is valid') else: print('Signature is NOT valid!')
The pyhsslms package is distributed under terms and conditions of license.
Source code is freely available as a GitHub repo.
You could pip install pyhsslms or download it from PyPI.
Copyright (c) 2020, Vigil Security, LLC All rights reserved.