Skip to content

Commit 64ee44c

Browse files
mkannwischermkannwischer
committed
Update README
Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
1 parent 24456a3 commit 64ee44c

File tree

1 file changed

+22
-14
lines changed

1 file changed

+22
-14
lines changed

README.md

Lines changed: 22 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,10 @@
11
[//]: # (SPDX-License-Identifier: CC-BY-4.0)
22
# slhdsa-c
3+
[![License: Apache](https://img.shields.io/badge/license-Apache--2.0-green.svg)](https://www.apache.org/licenses/LICENSE-2.0)
4+
[![License: ISC](https://img.shields.io/badge/License-ISC-blue.svg)](https://opensource.org/licenses/ISC)
5+
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
36

4-
A portable C implementation of SLH-DSA ("Stateless Hash-Based Digital Signature Standard") as described in [FIPS 205](https://doi.org/10.6028/NIST.FIPS.205).
7+
A portable C90 implementation of SLH-DSA ("Stateless Hash-Based Digital Signature Standard") as described in [FIPS 205](https://doi.org/10.6028/NIST.FIPS.205).
58

69
* Supports all 12 parameter sets in FIPS 205, both "pure" and "internal" functions (without recompiling for various parameter sets), as well as prehash modes.
710
* Self-contained implementation without external dependencies. Can be easily included into applications.
@@ -25,6 +28,13 @@ This code was derived from [SLotH](https://github.com/slh-dsa/sloth) driver code
2528
| SLH-DSA-SHA2-256f | 5 | 64 | 128 | 49856 |
2629
| SLH-DSA-SHAKE-256f | 5 | 64 | 128 | 49856 |
2730

31+
## Status
32+
33+
slhdsa-c is work in progress. **WE DO NOT CURRENTLY RECOMMEND RELYING ON THIS LIBRARY IN A
34+
PRODUCTION ENVIRONMENT OR TO PROTECT ANY SENSITIVE DATA.** Once we have the first stable version,
35+
this notice will be removed.
36+
37+
2838
## Building and Running Known Answer Tests
2939

3040
The implementation in this directory includes the necessary hash functions and, hence, has no external library dependencies. On a Linux system, you can typically use `make` to build the test wrapper executable `xfips205`.
@@ -38,23 +48,23 @@ gcc -Wall -Wextra -Werror=unused-result -Wpedantic -Werror -Wmissing-prototypes
3848

3949
### Running the ACVP tests
4050

41-
The static test cases need to be initially fetched from NIST's [ACVP-Server](https://github.com/usnistgov/ACVP-Server) repository, which is instantiated as submodule `test/ACVP-Server`. The Makefile should be able to do this automatically in case the submodule has not been initialized, but this may take some time.
42-
43-
As a prerequisite you will require python3 and [gnu parallel](https://www.gnu.org/software/parallel) (a standard Linux package in most cases), which makes the full test run in less than 1 minute.
44-
45-
During the process, the script [`test/test_slhdsa.py`](test/test_slhdsa.py) will translate the test cases into a shell file `test/acvp_cases.sh`, which then contains test case feed for `xfips205`.
51+
[`test/acvp_client.py`](test/acvp_client.py) implement ACVP tests and can also be executed through `make test`.
52+
The ACVP version can be specified by passing the `--version` argument to the [`test/acvp_client.py`](test/acvp_client.py).
53+
The static test vectors are automatically fetched from NIST's [ACVP-Server](https://github.com/usnistgov/ACVP-Server) repository on first execution.s
4654

4755
```console
4856
$ make test
57+
python3 test/acvp_client.py
58+
Using ACVP test vectors version v1.1.0.40
59+
Running 1248 tests with 16 parallel jobs
60+
[PASS] keyGen SLH-DSA-SHA2-128s [1] slh_keygen_internal()
4961
...
50-
cat test/acvp_cases.sh | parallel --pipe bash | tee test.log
51-
[PASS] sigGen SLH-DSA-SHA2-192f [22] slh_sign()
52-
...
53-
[PASS] sigGen SLH-DSA-SHAKE-192s [553] hash_slh_sign(SHAKE-128)
62+
[PASS] sigVer SLH-DSA-SHAKE-256s [497] slh_verify_internal()
63+
5464
=== test summary ===
5565
PASS: 1248
56-
SKIP: 0
5766
FAIL: 0
67+
ALL GOOD!
5868
```
5969

6070
## Structure of the implementation
@@ -83,10 +93,8 @@ slhdsa-c
8393
├── slh_shake.c # SLH-DSA instantiation for SHA3/SHAKE hash family
8494
├── slh_var.h # internal SLH-DSA context structure
8595
└── test # testing stuff (not for application)
86-
├── acvp_cases.sh # precompiled ACVP test cases
87-
├── ACVP-Server # optional submodule (contains original test cases)
8896
├── Makefile # makefile for local test tasks
89-
├── test_slhdsa.py # parses JSON files into acvp_cases.sh
97+
├── acvp_client.py # ACVP client
9098
└── xfips205.c # command-line test harness
9199
```
92100

0 commit comments

Comments
 (0)