Google Git
Sign in
android / platform / external / python / pyhsslms / 9fbbefa264758f3c97618cef01612415bdbcec7b
commit9fbbefa264758f3c97618cef01612415bdbcec7b[log] [tgz]
authorRuss Housley <[email protected]>Wed Oct 25 17:10:45 2023 -0400
committerGitHub <[email protected]>Wed Oct 25 17:10:45 2023 -0400
tree4f9d7be551a4f00407f92946c7a77d5110e38b56
parent20c79b99207baf3387a5fbed5d230f8b4ee7cf45 [diff]
parent02df47e19b31ff828dc30f6074f2c7d3f1850c24 [diff]
Merge pull request #10 from joshuayuen99/fix_lmots_public_key_generation

Fix LMOTS public key generation and allow for bigger HssPrivateKeys
tree: 4f9d7be551a4f00407f92946c7a77d5110e38b56
  1. pyhsslms/
  2. tests/
  3. CHANGES.txt
  4. LICENSE.txt
  5. pyproject.toml
  6. README.md
  7. requirements.txt
  8. setup.cfg
  9. setup.py
README.md

pyhsslms

HSS/LMS Digital Signature library for Python

PyPI

Python Versions

GitHub license

This Python package contains a free and open source implementation of HSS/LMS Hash-based Digital Signatures as defined in RFC 8554.

Features

  • Generate HSS/LMS private keys and then sign with them
  • Validate signatures with HSS/LMS public keys
  • 100% Python, works with Python 2.7 and 3.5+

How to use pyhsslms

Generate a HSS/LMS private key:

priv_key = pyhsslms.HssLmsPrivateKey.genkey('mykey', levels=2)

The private key is stored in mykey.prv, and the public key is stored in mykey.pub. Of course, the mykey.prv must be protected from disclosure, and it gets updated every time a signature is created. Restoring mykey.prv from backup can cause a node in the tree to be used more that once, forfeiting all security.

Sign a file with a HSS/LMS private key:

priv_key.signFile('myfile.txt')

The private key was generated above is used to sign the content of myfile.txt, and the signature is stored in myfile.txt.sig.

Sign a buffer with a HSS/LMS private key:

sigbuf = prv_key.sign(buffer)

The private key was generated above is used to sign the content of buffer, and the signature is returned in sigbuf.

Verify a signature on a file with a HSS/LMS public key:

pub_key = pyhsslms.HssLmsPublicKey('mykey')
if pub_key.verifyFile('myfile.txt'):
    print('Signature is valid')
else:
    print('Signature is NOT valid!')

Verify a signature on a buffer with a HSS/LMS public key:

pub_key = pyhsslms.HssLmsPublicKey('mykey')
validity = pub_key.verify(buffer, sigbuf)
if validity:
    print('Signature is valid')
else:
    print('Signature is NOT valid!')

How to get pyhsslms

The pyhsslms package is distributed under terms and conditions of license.

Source code is freely available as a GitHub repo.

You could pip install pyhsslms or download it from PyPI.

Copyright (c) 2020, Vigil Security, LLC All rights reserved.