SLH-DSA

raw JSON →
0.2.2 verified Fri May 01 auth: no python

Pure Python implementation of the SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) based on FIPS 205. Version 0.2.2 includes fixes for digest lengths and supports key import/export in PKCS format, signing, and verification. Actively maintained.

pip install slh-dsa

Common errors

error ModuleNotFoundError: No module named 'slh_dsa'
cause Package not installed or import name mismatch (the package uses underscore in the module name, not hyphen).
fix
Install with pip install slh-dsa and import as from slh_dsa import SLHDSA.
error AttributeError: 'SLHDSA' object has no attribute 'sign'
cause Old version (<0.2.1) may lack the sign method; using wrong object instance.
fix
Upgrade to latest version: pip install --upgrade slh-dsa. Use SLHDSA.new('shake_128') to create a private key object.

Warnings

gotcha The library uses 'shake_128', 'shake_256', 'sha2_192', 'sha2_256' as algorithm identifiers. Ensure you use the exact string matching the intended security level.
fix Use one of: 'shake_128', 'shake_256', 'sha2_192', 'sha2_256'. Check FIPS 205 for parameter sets.
gotcha Signing with a private key does not return a serializable format; you must export the key via `export_pkcs()` before sending or storage. The private key object is not directly serializable.
fix Use `private_key.export_pkcs()` to get a bytes representation, and `SLHDSA.import_pkcs(data)` to reload.
breaking Version 0.2.0 introduced mypyc compilation, which may cause import failures on some platforms (e.g., Alpine Linux, ARM32). The package may not be precompiled for all architectures.
fix If import fails with 'ModuleNotFoundError' or 'ImportError: cannot import name', consider installing from source with `pip install slh-dsa --no-binary slh-dsa`.

Imports

Quickstart

Generate SLH-DSA keys, sign, and verify.

from slh_dsa import SLHDSA

# Generate a private key (SLH-DSA with SHAKE-128, security level 1)
private_key = SLHDSA.new('shake_128')
message = b"Hello, world!"
signature = private_key.sign(message)

# Extract public key (serialized PKCS format)
public_key_pem = private_key.public_key().export_pkcs()

# Verify signature
from slh_dsa import verify
verify(public_key_pem, message, signature)  # Returns True/False
last verified Fri May 01
next check Thu Jul 30