{"id":23169,"library":"slh-dsa","title":"SLH-DSA","description":"Pure Python implementation of the SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) based on FIPS 205. Version 0.2.2 includes fixes for digest lengths and supports key import/export in PKCS format, signing, and verification. Actively maintained.","status":"active","version":"0.2.2","language":"python","source_language":"en","source_url":"https://github.com/colinxu2020/slhdsa","tags":["post-quantum","cryptography","digital-signature","fips-205","slh-dsa"],"install":[{"cmd":"pip install slh-dsa","lang":"bash","label":"PyPI"}],"dependencies":[],"imports":[{"note":"Standard import path.","wrong":"","symbol":"SLHDSA","correct":"from slh_dsa import SLHDSA"}],"quickstart":{"code":"from slh_dsa import SLHDSA\n\n# Generate a private key (SLH-DSA with SHAKE-128, security level 1)\nprivate_key = SLHDSA.new('shake_128')\nmessage = b\"Hello, world!\"\nsignature = private_key.sign(message)\n\n# Extract public key (serialized PKCS format)\npublic_key_pem = private_key.public_key().export_pkcs()\n\n# Verify signature\nfrom slh_dsa import verify\nverify(public_key_pem, message, signature)  # Returns True/False\n","lang":"python","description":"Generate SLH-DSA keys, sign, and verify."},"warnings":[{"fix":"Use one of: 'shake_128', 'shake_256', 'sha2_192', 'sha2_256'. Check FIPS 205 for parameter sets.","message":"The library uses 'shake_128', 'shake_256', 'sha2_192', 'sha2_256' as algorithm identifiers. Ensure you use the exact string matching the intended security level.","severity":"gotcha","affected_versions":">=0.1.0"},{"fix":"Use `private_key.export_pkcs()` to get a bytes representation, and `SLHDSA.import_pkcs(data)` to reload.","message":"Signing with a private key does not return a serializable format; you must export the key via `export_pkcs()` before sending or storage. The private key object is not directly serializable.","severity":"gotcha","affected_versions":">=0.2.1"},{"fix":"If import fails with 'ModuleNotFoundError' or 'ImportError: cannot import name', consider installing from source with `pip install slh-dsa --no-binary slh-dsa`.","message":"Version 0.2.0 introduced mypyc compilation, which may cause import failures on some platforms (e.g., Alpine Linux, ARM32). The package may not be precompiled for all architectures.","severity":"breaking","affected_versions":"0.2.0+"}],"env_vars":null,"last_verified":"2026-05-01T00:00:00.000Z","next_check":"2026-07-30T00:00:00.000Z","problems":[{"fix":"Install with `pip install slh-dsa` and import as `from slh_dsa import SLHDSA`.","cause":"Package not installed or import name mismatch (the package uses underscore in the module name, not hyphen).","error":"ModuleNotFoundError: No module named 'slh_dsa'"},{"fix":"Upgrade to latest version: `pip install --upgrade slh-dsa`. Use `SLHDSA.new('shake_128')` to create a private key object.","cause":"Old version (<0.2.1) may lack the sign method; using wrong object instance.","error":"AttributeError: 'SLHDSA' object has no attribute 'sign'"}],"ecosystem":"pypi","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}