DI Management Home > Cryptography > SLH-DSA > Python Code

SLH-DSA Python Code

This page has the Python code we used to reproduce the example values in the previous pages and a complete FIPS.205 SLH-DSA implementation that supports all 12 parameter sets.

The core SHA2 and SHAKE hash functions in hashlib_pure.py use the Python hashlib and hmac libraries. There is an alternative set of hash functions using our CryptoSys PKI toolkit library and its Python interface.

Note that all functions below pass arguments and return values encoded in hexadecimal. The internal functions convert to binary and then encode the result back to hexadecimal. This is obviously inefficient but is done for clarity and demonstration purposes and ease of debugging.

This code was tested using Python 3.12.9 on 64-bit Windows 11.

A complete SLH-DSA signature program

This is meant as a demonstration of how SLH-DSA works, not an efficient or secure implementation. It uses hex-encoded representations of all variables throughout, so it is obviously slower.

Do it all
slhdsa_makesig.pyMake a SLH-DSA signature using all 12 defined FIPS.205 parameter sets .
slhdsa_makesig_test.pyTests for SLH-DSA.
slh_params.pyParameters for SLH-DSA.
slh_adrs.pySLH-DSA ADRS Class.
slh_tree.pyUtilities for tree calculations.
slh_hashfuncs.pySLH-DSA hash functions tailored for parameter sets.
hashlib_pure.pySHA2 and SHAKE functions using hashlib and hmac libraries.
hashlib_pki.pyAlternative SHA2 and SHAKE functions using cryptosyspki.

All the above Python code in a zip file (27 kB).

To make this more efficient you would work directly with byte arrays throughout, and use the incremental forms of SHA-256 and SHA-512 to take advantage of pre-computing the first block of input to the SHA-2 hash functions.

Short Python Programs

Short Python programs to carry out calculations for examples in previous pages

Merkle trees
merkle-authpath-simple.pyShow authpath indices for idx=6 and a=3.
merkle_authpath_calc_basic.pyWeak hash function that returns a 4-byte hash.
merkle_authpath_verify.pyVerify authentication path for a simple Merkle tree.
merkle_tree_4byte.pyGenerate a Merkle tree using weak 4-byte hash function.
merkle_tree_4byte_pairwise.pyGenerate a Merkle tree using weak 4-byte hash function and compute AUTH using hash_pairwise algorithm.
merkle_tree_4byte_treehash.pyGenerate a Merkle tree using weak 4-byte hash function and compute AUTH using TreeHash algorithm.
FORS signature
sig_1_PRF_msg.pyGenerate the 16-byte randomizer R using PRF_msg.
sig_2_H_msg.pyCompute H_msg from the message, public key and randomizer.
sig_3_message_to_indices.pyInterpret 25-byte mhash as 33 * 6-bit unsigned integers using base_2^b function Algorithm 4 FIPS.205
fors_sk_basic.pyCompute the FORS secret keys for i=[0,1,32] with hardcoded ADRS.
fors_authpath_00.pyCompute the authpaths for the FORS trees with i=0.
fors_authpath_01_32.pyCompute the authpaths from scratch for the FORS trees with i=0..32 and the fors_pk_root value.
fors_authpath_basic.pyCompute the first authpath values for index 50 in first tree
fors_pkFromSig.pyCompute the public key from the signature.
Hypertree signature (SIG_HT)
wots_checksum.pySplit 16-byte message into 4-bit blocks then append 3 x 4-bit checksum.
wots_gen_pk.pyCompute root node of the top-most HT subtree = PK.root.
wots_ht_0.pyGenerate the first and last HT signature values ht_sig[0][0] and ht_sig[0][34].
wots_ht_0_authpath.pyCompute root node and authpath for bottom HT subtree at layer 0.
wots_layers.pyCompute the WOTS tree address for each layer.
wots_sk_0.pyCompute the first and last WOTS sk wots_sk_0 and wots_sk_34.
Libraries
slh_adrs.pySLH-DSA ADRS Class.
slh_sha256.pySHL-DSA-SHA-256 crypto functions.
slh_util.pySLH-DSA utilities for tree calculations.
hashlib_pure.pySHA-2/SHAKE functions using hashlib and hmac libraries.
hashlib_pki.pySHA-2/SHAKE functions using cryptosyspki. An alternative to hashlib_pure.py.
<< previous: Generating and Verifying the Public Key Root Contents next: SLH-DSA References >>

Contact us

To comment on this page or to contact us, please send us a message.

This page first published 17 March 2023. Last updated 16 February 2026.