{"id":17717312,"url":"https://github.com/bwesterb/go-xmssmt","last_synced_at":"2025-05-12T13:26:09.897Z","repository":{"id":57492392,"uuid":"121175624","full_name":"bwesterb/go-xmssmt","owner":"bwesterb","description":"Go implementation of XMSS[MT] post-quantum hash-based signature scheme (rfc8391)","archived":false,"fork":false,"pushed_at":"2022-07-05T10:10:23.000Z","size":161,"stargazers_count":20,"open_issues_count":2,"forks_count":5,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-06-18T18:46:19.316Z","etag":null,"topics":["golang","hash-based-signatures","nist800-208","postquantum","rfc8391","xmss","xmssmt"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bwesterb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-11T22:54:38.000Z","updated_at":"2024-02-20T10:02:58.000Z","dependencies_parsed_at":"2022-09-01T21:03:17.476Z","dependency_job_id":null,"html_url":"https://github.com/bwesterb/go-xmssmt","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bwesterb%2Fgo-xmssmt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bwesterb%2Fgo-xmssmt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bwesterb%2Fgo-xmssmt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bwesterb%2Fgo-xmssmt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bwesterb","download_url":"https://codeload.github.com/bwesterb/go-xmssmt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253746599,"owners_count":21957594,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","hash-based-signatures","nist800-208","postquantum","rfc8391","xmss","xmssmt"],"created_at":"2024-10-25T14:19:47.683Z","updated_at":"2025-05-12T13:26:09.811Z","avatar_url":"https://github.com/bwesterb.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"XMSSMT for Go\n-------------\n\nThis is a Go implementation of the stateful hash-based signature-scheme\nXMSS(MT) described in [rfc8391 (XMSS: Extended Hash-Based Signatures)](\nhttps://tools.ietf.org/html/rfc8391) and [NIST SP 800-208](https://csrc.nist.gov/publications/detail/sp/800-208/draft).\n\nThere is also a [convenient commandline tool](https://github.com/bwesterb/xmssmt).\n**Warning**, XMSS(MT) is **stateful**, that means you should never backup your\nprivate key or make a copy of it.   See the [README of cli tool](https://github.com/bwesterb/xmssmt#state).\n\n```go\npackage main\n\nimport (\n    \"github.com/bwesterb/go-xmssmt\" // imported as xmssmt\n    \"fmt\"\n)\n\nfunc main() {\n    // Create a new keypair.  See ListNames().\n    sk, pk, err := xmssmt.GenerateKeyPair(\"XMSSMT-SHAKE_20/4_256\", \"key\")\n    if err != nil {\n        panic(err)\n    }\n\n    // Sign a message\n    sig, err := sk.Sign([]byte(\"Example message!\"))\n    if err != nil {\n        panic(err)\n    }\n\n    sigBytes, _ := sig.MarshalBinary() // serialize signature\n    pkBytes, _ := pk.MarshalBinary()   // serialize public key\n    fmt.Printf(\"len(sigBytes)=%d  len(pkBytes)=%d\\n\",\n        len(sigBytes), len(pkBytes))\n    sk.Close() // close the private key container\n\n    // To verify we can simply use the Verify() method on PublicKey\n    valid, _ := pk.Verify(sig, []byte(\"Example message!\"))\n    fmt.Printf(\"Valid=%v\\n\", valid)\n\n    // Or we can use the helper xmssmt.Verify() on serialized signature and pk\n    valid, _ = xmssmt.Verify(pkBytes, sigBytes, []byte(\"Example message!\"))\n    fmt.Printf(\"Valid=%v\\n\", valid)\n\n    // To sign a new message, we open the private key container again\n    sk, pk, _, _ = xmssmt.LoadPrivateKey(\"key\")\n    sig2, _ := sk.Sign([]byte(\"Other message\"))\n    valid, _ = pk.Verify(sig2, []byte(\"Other message\"))\n    fmt.Printf(\"Valid=%v\\n\", valid)\n    sk.Close()\n\n    // Or we can simply use the xmssmt.Sign() helper.\n    pkBytes, _ = pk.MarshalBinary()\n    sig3Bytes, _ := xmssmt.Sign(\"key\", []byte(\"Third message\"))\n    valid, _ = xmssmt.Verify(pkBytes, sig3Bytes, []byte(\"Third message\"))\n    fmt.Printf(\"Valid=%v\\n\", valid)\n}\n```\n\nSee [godoc](https://godoc.org/github.com/bwesterb/go-xmssmt) for\nfurther documentation of the API.\n\nNote on compatibility\n---------------------\n\n`go-xmssmt` supports instances of XMSS[MT] that are (currently) not listed\nin the RFC or NIST SP and so might not be supported by other implementations, such\nas `XMSSMT-SHAKE_20/4_128_w256`.  `go-xmssmt` encodes the parameters of these\nnon-standard instances in the reserved space of Oid numbers,\nsee [`Params.MarshalBinary()`](https://godoc.org/github.com/bwesterb/go-xmssmt#Params.MarshalBinary).\nFor maximum compatibility, one can check whether the instance is supported\nby the RFC by checking `Context.FromRFC()` and `Context.FromNIST()`.\n\nChanges\n-------\n\n### 1.5.2 (5-7-2022)\n- Fix build problems on 32-bit platforms. Thanks @sietseringers.\n- Update dependencies\n\n### 1.5.0 (22-06-2021)\n- Fixed a big issue with non-standard instances with w≠16:\n  for w=256 too many checksum chains were included and with w=4\n  too few.  In both cases this means signatures would not be\n  compatible with proper implementations.\n  In the case of w=4, signatures could be forged.\n  This breaks compatibility for non-standard instances with w≠16.\n\n### 1.4.3 (21-12-2020)\n- Support systems with pagesizes different from 4096.\n\n### 1.4.0 (25-05-2020)\n\n- The way the private key is generated has been changed in the same\n  way as [was done](https://github.com/XMSS/xmss-reference/commit/3e28db2362f25600699972766e7782635b1826f5)\n  for the reference implementation to prevent a multi-target attack\n  identified by ETSI TC CYBER WG QSC.  As XMSS hasn't been in wide use yet,\n  old keys do not need to be regenerated.  Note that this will\n  change the output of `Derive()`.\n- Add support for the instances listed in\n  [NIST SP 800-208](https://csrc.nist.gov/publications/detail/sp/800-208/draft).\n  Note that the 192 bit instances listed in the NIST publication use a\n  different PRF construction and so `XMSSMT-SHAKE_20/4_192` changes meaning\n  in this version.  The previously unlisted instance using the RFC construction\n  can be accessed via `XMSSMT-SHAKE_20/4_192_RFC`.  To use the NIST PRF\n  construction on other modes, one can add `_NIST` at the end, eg.\n  `XMSSMT-SHA2_20/4_128_NIST`.\n- Fixed a memory corruption bug in the unlisted 128 bit SHA2 instances.\n  Before this version, keys and signatures for 128 bit SHA2 instances\n  were incorrectly generated and verified.\n\n### 1.3.0 (17-05-2020)\n\n- When available, use AVX2 to compute SHAKE fourway.  This makes SHAKE\n  faster than SHA2.\n\n### 1.2.0 (27-12-2019)\n\n- Add support for instance names not listed in RFC.\n\n### 1.1.0 (20-12-2019)\n\n- Add support for security parameter N=16.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbwesterb%2Fgo-xmssmt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbwesterb%2Fgo-xmssmt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbwesterb%2Fgo-xmssmt/lists"}