Conversation
Adds an internal type for opportunistic heap offload which uses `Box` when the `alloc` feature is available and falls back to stack allocation when it is not. So far it's only used for the `z` component of `Signature` but is useful elsewhere, e.g. for `VerifyingKey`. It's so generally useful it should probably get extracted somewhere, to `module-lattice` at the very least, but this is enough to get started.
tarcieri
added a commit
to RustCrypto/traits
that referenced
this pull request
May 9, 2026
Adds a type which is always available, but when the newly added `alloc` feature is enabled, provides opportunistic heap allocation with `Box`, falling back on stack allocation if it is not. Originally added to the `ml-dsa` crate in RustCrypto/signatures#1320 to address the large size of post-quantum keys and signatures while still retaining `no_alloc` support. However, it is generally useful anywhere we work with secret values to e.g. prevent moves from making copies of them on the stack, even if they aren't excessively large.
tarcieri
added a commit
to RustCrypto/KEMs
that referenced
this pull request
May 10, 2026
Adds a type which is always available, but when the newly added `alloc` feature is enabled, provides opportunistic heap allocation with `Box`, falling back on stack allocation if it is not. Originally added to the `ml-dsa` crate in RustCrypto/signatures#1320 to address the large size of post-quantum keys and signatures while still retaining `no_alloc` support. However, it is generally useful anywhere we work with secret values to e.g. prevent moves from making copies of them on the stack, even if they aren't excessively large.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds an internal type for opportunistic heap offload which uses
Boxwhen theallocfeature is available and falls back to stack allocation when it is not.So far it's only used for the
zcomponent ofSignaturebut is useful elsewhere, e.g. forVerifyingKey.It's so generally useful it should probably get extracted somewhere, to
module-latticeat the very least, but this is enough to get started.