Expand description
This implements the HashML-DSA algorithm specified in FIPS 204 which is useful for cases where you need to process the to-be-signed message in chunks, and you cannot use the external mu mode of MLDSA; possibly because you have to digest the message before you know which public key will sign it.
HashML-DSA is a full signature algorithm implementing the Signature trait:
use bouncycastle_core_interface::errors::SignatureError;
use bouncycastle_mldsa::{HashMLDSA65_with_SHA512, MLDSATrait, HashMLDSA44_with_SHA512};
use bouncycastle_core_interface::traits::Signature;
let msg = b"The quick brown fox jumped over the lazy dog";
let (pk, sk) = HashMLDSA65_with_SHA512::keygen().unwrap();
let sig: Vec<u8> = HashMLDSA65_with_SHA512::sign(&sk, msg, None).unwrap();
// This is the signature value that you can save to a file or whatever you need.
match HashMLDSA65_with_SHA512::verify(&pk, msg, None, &sig) {
Ok(()) => println!("Signature is valid!"),
Err(SignatureError::SignatureVerificationFailed) => println!("Signature is invalid!"),
Err(e) => panic!("Something else went wrong: {:?}", e),
}But you also have access to the pre-hashed function available from PHSignature:
use bouncycastle_core_interface::errors::SignatureError;
use bouncycastle_mldsa::{HashMLDSA65_with_SHA512, MLDSATrait, HashMLDSA44_with_SHA512};
use bouncycastle_core_interface::traits::{Signature, PHSignature, Hash};
use bouncycastle_sha2::SHA512;
let msg = b"The quick brown fox jumped over the lazy dog";
// Here, and in contrast to External Mu mode of ML-DSA, we can pre-hash the message before
// even generating the signing key.
let ph: [u8; 64] = SHA512::default().hash(msg).as_slice().try_into().unwrap();
let (pk, sk) = HashMLDSA65_with_SHA512::keygen().unwrap();
let sig: Vec<u8> = HashMLDSA65_with_SHA512::sign_ph(&sk, &ph, None).unwrap();
// This is the signature value that you can save to a file or whatever you need.
// This verifies either through the usual one-shot API of the [Signature] trait
match HashMLDSA65_with_SHA512::verify(&pk, msg, None, &sig) {
Ok(()) => println!("Signature is valid!"),
Err(SignatureError::SignatureVerificationFailed) => println!("Signature is invalid!"),
Err(e) => panic!("Something else went wrong: {:?}", e),
}
// Or though the verify_ph of the [PHSignature] trait
match HashMLDSA65_with_SHA512::verify_ph(&pk, &ph, None, &sig) {
Ok(()) => println!("Signature is valid!"),
Err(SignatureError::SignatureVerificationFailed) => println!("Signature is invalid!"),
Err(e) => panic!("Something else went wrong: {:?}", e),
}Note that the HashMLDSA object is just a light wrapper around MLDSA, and, for example, they share key types, so if you need the fancy keygen functions, just use them from MLDSA. But a simple HashMLDSA::keygen is provided in order to have conformance to the Signature trait.
Structs§
- HashMLDSA
- An instance of the HashML-DSA algorithm.
Constants§
- Hash_
ML_ DSA_ 44_ with_ SHA256_ NAME - Hash_
ML_ DSA_ 44_ with_ SHA512_ NAME - Hash_
ML_ DSA_ 65_ with_ SHA256_ NAME - Hash_
ML_ DSA_ 65_ with_ SHA512_ NAME - Hash_
ML_ DSA_ 87_ with_ SHA256_ NAME - Hash_
ML_ DSA_ 87_ with_ SHA512_ NAME
Type Aliases§
- HashMLDS
A44_ with_ SHA256 - The HashML-DSA-44_with_SHA512 signature algorithm.
- HashMLDS
A44_ with_ SHA512 - The HashML-DSA-44_with_SHA512 signature algorithm.
- HashMLDS
A65_ with_ SHA256 - The HashML-DSA-65_with_SHA256 signature algorithm.
- HashMLDS
A65_ with_ SHA512 - The HashML-DSA-65_with_SHA512 signature algorithm.
- HashMLDS
A87_ with_ SHA256 - The HashML-DSA-87_with_SHA256 signature algorithm.
- HashMLDS
A87_ with_ SHA512 - The HashML-DSA-87_with_SHA512 signature algorithm.