Gitly


1 // Copyright 2025 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
4 //
5 // Ported to V from Go's crypto/internal/fips140/mldsa.
6 module mldsa
7 
8 // s. 4, table 1
9 pub enum Kind {
10     ml_dsa_44
11     ml_dsa_65
12     ml_dsa_87
13 }
14 
15 fn (k Kind) params() Params {
16     return match k {
17         .ml_dsa_44 { params_44 }
18         .ml_dsa_65 { params_65 }
19         .ml_dsa_87 { params_87 }
20     }
21 }
22 
23 pub fn (k Kind) public_key_size() int {
24     return pub_key_size(k.params())
25 }
26 
27 pub fn (k Kind) private_key_size() int {
28     return priv_key_size(k.params())
29 }
30 
31 pub fn (k Kind) signature_size() int {
32     return sig_size(k.params())
33 }
34 
35 // FIPS 204 s. 5.4: approved pre-hash functions for HashML-DSA.
36 pub enum PreHash {
37     none // pure ML-DSA (default)
38     sha2_224
39     sha2_256
40     sha2_384
41     sha2_512
42     sha2_512_224
43     sha2_512_256
44     sha3_224
45     sha3_256
46     sha3_384
47     sha3_512
48     shake_128
49     shake_256
50 }
51 
52 @[params]
53 pub struct SignerOpts {
54 pub:
55     context       string
56     deterministic bool
57     prehash       PreHash
58 }
59 
60 struct Params {
61     k      int
62     l      int
63     eta    int
64     gamma1 int
65     gamma2 int
66     lambda int
67     tau    int
68     omega  int
69 }
70 
71 // s. 4, table 1
72 const params_44 = Params{
73     k:      4
74     l:      4
75     eta:    2
76     gamma1: 17
77     gamma2: 88
78     lambda: 128
79     tau:    39
80     omega:  80
81 }
82 
83 const params_65 = Params{
84     k:      6
85     l:      5
86     eta:    4
87     gamma1: 19
88     gamma2: 32
89     lambda: 192
90     tau:    49
91     omega:  55
92 }
93 
94 const params_87 = Params{
95     k:      8
96     l:      7
97     eta:    2
98     gamma1: 19
99     gamma2: 32
100     lambda: 256
101     tau:    60
102     omega:  75
103 }
104 
105 pub const seed_size = 32
106 
107 // s. 4, table 2
108 pub const public_key_size_44 = 32 + 4 * n * 10 / 8
109 pub const public_key_size_65 = 32 + 6 * n * 10 / 8
110 pub const public_key_size_87 = 32 + 8 * n * 10 / 8
111 
112 // s. 4, table 2
113 pub const signature_size_44 = 128 / 4 + 4 * n * (17 + 1) / 8 + 80 + 4
114 pub const signature_size_65 = 192 / 4 + 5 * n * (19 + 1) / 8 + 55 + 6
115 pub const signature_size_87 = 256 / 4 + 7 * n * (19 + 1) / 8 + 75 + 8
116 
117 fn pub_key_size(p Params) int {
118     return 32 + p.k * n * 10 / 8
119 }
120 
121 fn priv_key_size(p Params) int {
122     eta_bitlen := bits_len(u32(p.eta * 2))
123     // rho + K + tr + l*n*eta-bit s1 + k*n*eta-bit s2 + k*n*13-bit t0
124     return 32 + 32 + 64 + p.l * n * eta_bitlen / 8 + p.k * n * eta_bitlen / 8 + p.k * n * 13 / 8
125 }
126 
127 fn sig_size(p Params) int {
128     return (p.lambda / 4) + p.l * n * (p.gamma1 + 1) / 8 + p.omega + p.k
129 }
130

1	// Copyright 2025 The Go Authors. All rights reserved.
2	// Use of this source code is governed by a BSD-style
3	// license that can be found in the LICENSE file.
4	//
5	// Ported to V from Go's crypto/internal/fips140/mldsa.
6	module mldsa
7
8	// s. 4, table 1
9	pub enum Kind {
10	ml_dsa_44
11	ml_dsa_65
12	ml_dsa_87
13	}
14
15	fn (k Kind) params() Params {
16	return match k {
17	.ml_dsa_44 { params_44 }
18	.ml_dsa_65 { params_65 }
19	.ml_dsa_87 { params_87 }
20	}
21	}
22
23	pub fn (k Kind) public_key_size() int {
24	return pub_key_size(k.params())
25	}
26
27	pub fn (k Kind) private_key_size() int {
28	return priv_key_size(k.params())
29	}
30
31	pub fn (k Kind) signature_size() int {
32	return sig_size(k.params())
33	}
34
35	// FIPS 204 s. 5.4: approved pre-hash functions for HashML-DSA.
36	pub enum PreHash {
37	none // pure ML-DSA (default)
38	sha2_224
39	sha2_256
40	sha2_384
41	sha2_512
42	sha2_512_224
43	sha2_512_256
44	sha3_224
45	sha3_256
46	sha3_384
47	sha3_512
48	shake_128
49	shake_256
50	}
51
52	@[params]
53	pub struct SignerOpts {
54	pub:
55	context string
56	deterministic bool
57	prehash PreHash
58	}
59
60	struct Params {
61	k int
62	l int
63	eta int
64	gamma1 int
65	gamma2 int
66	lambda int
67	tau int
68	omega int
69	}
70
71	// s. 4, table 1
72	const params_44 = Params{
73	k: 4
74	l: 4
75	eta: 2
76	gamma1: 17
77	gamma2: 88
78	lambda: 128
79	tau: 39
80	omega: 80
81	}
82
83	const params_65 = Params{
84	k: 6
85	l: 5
86	eta: 4
87	gamma1: 19
88	gamma2: 32
89	lambda: 192
90	tau: 49
91	omega: 55
92	}
93
94	const params_87 = Params{
95	k: 8
96	l: 7
97	eta: 2
98	gamma1: 19
99	gamma2: 32
100	lambda: 256
101	tau: 60
102	omega: 75
103	}
104
105	pub const seed_size = 32
106
107	// s. 4, table 2
108	pub const public_key_size_44 = 32 + 4 * n * 10 / 8
109	pub const public_key_size_65 = 32 + 6 * n * 10 / 8
110	pub const public_key_size_87 = 32 + 8 * n * 10 / 8
111
112	// s. 4, table 2
113	pub const signature_size_44 = 128 / 4 + 4 * n * (17 + 1) / 8 + 80 + 4
114	pub const signature_size_65 = 192 / 4 + 5 * n * (19 + 1) / 8 + 55 + 6
115	pub const signature_size_87 = 256 / 4 + 7 * n * (19 + 1) / 8 + 75 + 8
116
117	fn pub_key_size(p Params) int {
118	return 32 + p.k * n * 10 / 8
119	}
120
121	fn priv_key_size(p Params) int {
122	eta_bitlen := bits_len(u32(p.eta * 2))
123	// rho + K + tr + lneta-bit s1 + kneta-bit s2 + kn13-bit t0
124	return 32 + 32 + 64 + p.l * n * eta_bitlen / 8 + p.k * n * eta_bitlen / 8 + p.k * n * 13 / 8
125	}
126
127	fn sig_size(p Params) int {
128	return (p.lambda / 4) + p.l * n * (p.gamma1 + 1) / 8 + p.omega + p.k
129	}
130