├── src └── pyspx │ ├── __init__.py │ ├── bindings.py │ └── build.py ├── .coveragerc ├── .gitmodules ├── MANIFEST.in ├── .gitignore ├── pyproject.toml ├── .github └── workflows │ └── python-app.yml ├── README.md ├── setup.py ├── tests └── test_signing.py └── LICENSE /src/pyspx/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.coveragerc: -------------------------------------------------------------------------------- 1 | [run] 2 | omit = 3 | # used by CFFI at build-time 4 | **/build.py 5 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "src/sphincsplus"] 2 | path = src/sphincsplus 3 | url = https://github.com/sphincs/sphincsplus.git 4 | branch = master 5 | -------------------------------------------------------------------------------- /MANIFEST.in: -------------------------------------------------------------------------------- 1 | include LICENSE 2 | include README.md 3 | 4 | # sphincsplus files 5 | recursive-include src/sphincsplus *.h 6 | recursive-include src/sphincsplus *.c 7 | recursive-include src/sphincsplus LICENSE 8 | recursive-include src/sphincsplus README.md 9 | 10 | # test files 11 | recursive-include tests *.py 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | env/ 12 | build/ 13 | develop-eggs/ 14 | dist/ 15 | downloads/ 16 | eggs/ 17 | .eggs/ 18 | lib/ 19 | lib64/ 20 | parts/ 21 | sdist/ 22 | var/ 23 | *.egg-info/ 24 | .installed.cfg 25 | *.egg 26 | 27 | # testing 28 | .coverage 29 | 30 | # temporary directory for CFFI builds 31 | src/sphincsplus-instances 32 | -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- 1 | [build-system] 2 | requires = ["setuptools>=59.6.0", "cffi>=1.0.0"] 3 | build-backend = "setuptools.build_meta" 4 | 5 | [project] 6 | name = "PySPX" 7 | version = "0.5.0" 8 | authors = [ 9 | { name="Joost Rijneveld", email="contact@sphincs.org" }, 10 | { name="Peter Schwabe", email="contact@sphincs.org" }, 11 | { name="Ruben Gonzalez", email="mail@ruben-gonzalez.de" }, 12 | ] 13 | description = "Python bindings for SPHINCS+" 14 | readme = "README.md" 15 | license = { file="LICENSE" } 16 | requires-python = ">=3.7" 17 | classifiers = [ 18 | 'Topic :: Security :: Cryptography', 19 | 'Development Status :: 3 - Alpha', 20 | 'Intended Audience :: Developers', 21 | 'License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication', 22 | 'Programming Language :: Python :: 3', 23 | ] 24 | dependencies = ["cffi>=1.0.0"] 25 | -------------------------------------------------------------------------------- /.github/workflows/python-app.yml: -------------------------------------------------------------------------------- 1 | name: SPHINCS Python Bindings 2 | 3 | on: 4 | push: 5 | branches: [ "master" ] 6 | pull_request: 7 | branches: [ "master" ] 8 | 9 | permissions: 10 | contents: read 11 | 12 | jobs: 13 | build: 14 | 15 | runs-on: ubuntu-latest 16 | strategy: 17 | matrix: 18 | python-version: ["3.7", "3.8", "3.9", "3.10"] 19 | 20 | steps: 21 | - uses: actions/checkout@v3 22 | - name: Set up Python ${{ matrix.python-version }} 23 | uses: actions/setup-python@v4 24 | with: 25 | python-version: ${{ matrix.python-version }} 26 | - name: Install dependencies 27 | run: | 28 | python -m pip install --upgrade pip 29 | pip install pytest 30 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi 31 | - name: Build Bindings 32 | run: | 33 | git submodule update --init --recursive 34 | python setup.py install 35 | - name: Test with pytest 36 | run: | 37 | pytest 38 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PySPX [![SPHINCS Python Bindings](https://github.com/sphincs/pyspx/actions/workflows/python-app.yml/badge.svg)](https://github.com/sphincs/pyspx/actions/workflows/python-app.yml) 2 | 3 | This repository contains a Python package that provides bindings for [SPHINCS+](https://github.com/sphincs/sphincsplus). It provides support for all parameter sets included as part of [the SPHINCS+ submission](http://sphincs.org/data/sphincs+-specification.pdf) to [NIST's Post-Quantum Cryptography Standardization project](https://csrc.nist.gov/projects/post-quantum-cryptography). 4 | 5 | While this package is functionally complete, it may still be subject to small API changes. 6 | Currently, the bindings only wrap the reference code. Code optimized for specific platforms (such as machines with AVX2 or AESNI support) is ignored. 7 | 8 | ### Installation 9 | 10 | The package is [available on PyPI](https://pypi.org/project/PySPX/) and can be installed by simply calling `pip install pyspx`. 11 | 12 | For Linux, binary wheels are available based on the `manylinux1` docker image. On other platforms it may take a few moments to compile the SPHINCS+ code. Currently the `sphincsplus` reference code requires `openssl` for its SHA256 function. When compiling from source, be sure to install openssl with development files. 13 | 14 | ### API 15 | 16 | After installing the package, import a specific instance of SPHINCS+ as follows (e.g. for `shake256-128f`): 17 | 18 | ``` 19 | import pyspx.shake_128f 20 | ``` 21 | 22 | This exposes the following straight-forward functions. All parameters are assumed to be `bytes` objects. Similarly, the returned keys and signatures are `bytes`. The `verify` function returns a boolean indicating success or failure. 23 | 24 | ``` 25 | >>> public_key, secret_key = pyspx.shake_128f.generate_keypair(seed) 26 | >>> signature = pyspx.shake_128f.sign(message, secret_key) 27 | >>> pyspx.shake_128f.verify(message, signature, public_key) 28 | True 29 | ``` 30 | 31 | Additionally, the following attributes expose the expected sizes, as a consequence of the selected parameter set: 32 | 33 | ``` 34 | >>> pyspx.shake_128f.crypto_sign_BYTES 35 | 29792 36 | >>> pyspx.shake_128f.crypto_sign_PUBLICKEYBYTES 37 | 64 38 | >>> pyspx.shake_128f.crypto_sign_SECRETKEYBYTES 39 | 128 40 | >>> pyspx.shake_128f.crypto_sign_SEEDBYTES 41 | 96 42 | ``` 43 | 44 | ### Custom SPHINCS+ parameters 45 | 46 | It is fairly easy to compile with additional SPHINCS+ parameters. 47 | To do this, clone the repository, initialize the `src/sphincsplus` submodule, 48 | and add a new parameter set to `src/sphincsplus/ref/params`. 49 | Make sure to follow the `params-sphincs-[parameters-shorthand].h` naming convention. 50 | Installing the Python package from this modified source will expose the parameter set using the API described above. 51 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | import os 2 | import shutil 3 | import re 4 | import sys 5 | 6 | from setuptools import setup 7 | from setuptools.command.build_py import build_py as _build_py 8 | from setuptools.command.develop import develop as _develop 9 | from distutils.command.clean import clean as _clean 10 | 11 | 12 | def paramsets(): 13 | pattern = "params-sphincs-([a-zA-Z-][a-zA-Z0-9-]*).h" 14 | pfiles = os.listdir(os.path.join("src", "sphincsplus", "ref", "params")) 15 | for paramset in pfiles: 16 | try: 17 | yield re.search(pattern, paramset).group(1).replace('-', '_') 18 | except AttributeError: 19 | raise Exception("Cannot parse name of parameter set {}" 20 | .format(paramset)) 21 | 22 | 23 | def create_param_wrappers(): 24 | for paramset in paramsets(): 25 | with open(os.path.join("src", "pyspx", paramset + ".py"), 'w') as f: 26 | f.write( 27 | "from pyspx.bindings import PySPXBindings as _PySPXBindings\n" 28 | "from _spx_{} import ffi as _ffi, lib as _lib\n" 29 | "\n" 30 | "import sys\n" 31 | "\n" 32 | "sys.modules[__name__] = _PySPXBindings(_ffi, _lib)\n" 33 | .format(paramset) 34 | ) 35 | 36 | 37 | class build_py(_build_py): 38 | 39 | def run(self): 40 | create_param_wrappers() 41 | _build_py.run(self) 42 | 43 | 44 | class develop(_develop): 45 | 46 | def run(self): 47 | create_param_wrappers() 48 | _develop.run(self) 49 | 50 | 51 | class clean(_clean): 52 | 53 | def run(self): 54 | for paramset in paramsets(): 55 | try: 56 | os.remove(os.path.join("src", "pyspx", paramset + ".py")) 57 | except: 58 | pass 59 | if sys.version_info[0] < 3: 60 | objname = "_spx_{}.so".format(paramset) 61 | else: 62 | objname = "_spx_{}.abi3.so".format(paramset) 63 | try: 64 | os.remove(os.path.join("src", objname)) 65 | except: 66 | pass 67 | shutil.rmtree(os.path.join("src", "sphincsplus-instances")) 68 | _clean.run(self) 69 | 70 | 71 | with open('README.md') as f: 72 | long_description = f.read() 73 | 74 | setup( 75 | name="PySPX", 76 | version="0.5.0", 77 | packages=['pyspx'], 78 | author="Joost Rijneveld, Peter Schwabe, Ruben Gonzalez", 79 | author_email='contact@sphincs.org', 80 | url="https://github.com/sphincs/pyspx", 81 | description='Python bindings for SPHINCS+', 82 | long_description=long_description, 83 | long_description_content_type="text/markdown", 84 | package_dir={'': 'src'}, 85 | classifiers=[ 86 | 'Topic :: Security :: Cryptography', 87 | 'Development Status :: 3 - Alpha', 88 | 'Intended Audience :: Developers', 89 | 'License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication', 90 | 'Programming Language :: Python :: 3', 91 | ], 92 | install_requires=["cffi>=1.0.0"], 93 | setup_requires=["cffi>=1.0.0"], 94 | tests_require=["pytest", "cffi>=1.0.0"], 95 | cffi_modules=["src/pyspx/build.py:{}".format(x) for x in paramsets()], 96 | cmdclass={ 97 | "build_py": build_py, 98 | "develop": develop, 99 | "clean": clean, 100 | }, 101 | zip_safe=False, 102 | ) 103 | -------------------------------------------------------------------------------- /src/pyspx/bindings.py: -------------------------------------------------------------------------------- 1 | 2 | class PySPXBindings(object): 3 | 4 | def __init__(self, ffi, lib): 5 | self.ffi = ffi 6 | self.lib = lib 7 | 8 | @property 9 | def crypto_sign_BYTES(self): 10 | return self.lib.crypto_sign_bytes() 11 | 12 | @property 13 | def crypto_sign_SECRETKEYBYTES(self): 14 | return self.lib.crypto_sign_secretkeybytes() 15 | 16 | @property 17 | def crypto_sign_PUBLICKEYBYTES(self): 18 | return self.lib.crypto_sign_publickeybytes() 19 | 20 | @property 21 | def crypto_sign_SEEDBYTES(self): 22 | return self.lib.crypto_sign_seedbytes() 23 | 24 | def sign(self, message, secretkey): 25 | if not isinstance(message, bytes): 26 | raise TypeError('Input message must be of type bytes') 27 | if not isinstance(secretkey, bytes): 28 | raise TypeError('Secret key must be of type bytes') 29 | 30 | if len(secretkey) != self.crypto_sign_SECRETKEYBYTES: 31 | raise MemoryError('Secret key is of length {}, expected {}' 32 | .format(len(secretkey), 33 | self.crypto_sign_SECRETKEYBYTES)) 34 | 35 | sm = self.ffi.new("unsigned char[]", 36 | len(message) + self.crypto_sign_BYTES) 37 | mlen = self.ffi.cast("unsigned long long", len(message)) 38 | smlen = self.ffi.new("unsigned long long *") 39 | self.lib.crypto_sign(sm, smlen, message, mlen, secretkey) 40 | return bytes(self.ffi.buffer(sm, self.crypto_sign_BYTES)) 41 | 42 | def verify(self, message, signature, publickey): 43 | if not isinstance(message, bytes): 44 | raise TypeError('Message must be of type bytes') 45 | if not isinstance(signature, bytes): 46 | raise TypeError('Signature must be of type bytes') 47 | if not isinstance(publickey, bytes): 48 | raise TypeError('Public key must be of type bytes') 49 | 50 | if len(publickey) != self.crypto_sign_PUBLICKEYBYTES: 51 | raise MemoryError('Public key is of length {}, expected {}' 52 | .format(len(publickey), 53 | self.crypto_sign_PUBLICKEYBYTES)) 54 | if len(signature) != self.crypto_sign_BYTES: 55 | raise MemoryError('Signature is of length {}, expected {}' 56 | .format(len(signature), self.crypto_sign_BYTES)) 57 | 58 | smlen = self.ffi.cast("unsigned long long", 59 | len(message) + self.crypto_sign_BYTES) 60 | mlen = self.ffi.new("unsigned long long *") 61 | m = self.ffi.new("unsigned char[]", int(smlen)) 62 | sm = self.ffi.new("unsigned char[]", signature + message) 63 | return self.lib.crypto_sign_open(m, mlen, sm, smlen, publickey) == 0 64 | 65 | def generate_keypair(self, seed): 66 | pk = self.ffi.new("unsigned char[]", self.crypto_sign_PUBLICKEYBYTES) 67 | sk = self.ffi.new("unsigned char[]", self.crypto_sign_SECRETKEYBYTES) 68 | if len(seed) != self.crypto_sign_SEEDBYTES: 69 | raise MemoryError('Seed is of length {}, expected {}' 70 | .format(len(seed), self.crypto_sign_SEEDBYTES)) 71 | self.lib.crypto_sign_seed_keypair(pk, sk, seed) 72 | 73 | return bytes(self.ffi.buffer(pk)), bytes(self.ffi.buffer(sk)) 74 | 75 | def __repr__(self): # pragma: no cover 76 | return repr(self.lib).replace("Lib", "PySPXBindings") 77 | -------------------------------------------------------------------------------- /src/pyspx/build.py: -------------------------------------------------------------------------------- 1 | from cffi import FFI 2 | import glob 3 | import re 4 | import os 5 | import shutil 6 | from pathlib import Path 7 | 8 | PARAM_DIR_NAME = "params" 9 | 10 | SOURCES = [ 11 | "address.c", 12 | "randombytes.c", 13 | "merkle.c", 14 | "wots.c", 15 | "wotsx1.c", 16 | "utils.c", 17 | "utilsx1.c", 18 | "fors.c", 19 | "sign.c" 20 | ] 21 | 22 | HEADERS = [ 23 | "address.h", 24 | "randombytes.h", 25 | "merkle.h", 26 | "wots.h", 27 | "wotsx1.h", 28 | "utils.h", 29 | "utilsx1.h", 30 | "fors.h", 31 | "api.h", 32 | "hash.h", 33 | "thash.h", 34 | "context.h" 35 | ] 36 | 37 | PARAM_SETS_SOURCES = { 38 | "sha2": { 39 | "sources": ["sha2.c", "hash_sha2.c", "thash_sha2_robust.c"], 40 | "headers": ["sha2.h", "sha2_offsets.h"], 41 | }, 42 | "shake": { 43 | "sources": ["fips202.c", "hash_shake.c", "thash_shake_robust.c"], 44 | "headers": ["fips202.h", "shake_offsets.h"], 45 | }, 46 | "haraka": { 47 | "sources": ["haraka.c", "hash_haraka.c", "thash_haraka_robust.c"], 48 | "headers": ["haraka.h", "haraka_offsets.h"], 49 | }, 50 | } 51 | 52 | spx_ref_dir = Path("src", "sphincsplus", "ref") 53 | spx_inst_dir = Path("src", "sphincsplus-instances") 54 | 55 | 56 | def paramsets(): 57 | pattern = "params-sphincs-([a-zA-Z-][a-zA-Z0-9-]*).h" 58 | paramfiles = os.listdir(spx_ref_dir / "params") 59 | 60 | for paramfile in paramfiles: 61 | try: 62 | yield (re.search(pattern, paramfile).group(1).replace('-', '_'), 63 | paramfile) 64 | except AttributeError: 65 | raise Exception("Cannot parse name of parameter set {}" 66 | .format(paramfile)) 67 | 68 | 69 | def make_ffi(paramset, paramfile): 70 | ffi = FFI() 71 | 72 | api_contents = [] 73 | with open(spx_ref_dir / "api.h", "r") as f: 74 | # This is specific to api.h in the sphincsplus reference code 75 | for line in f.readlines(): 76 | if line.startswith('#'): 77 | continue # we ignore all C preprocessor macros 78 | api_contents.append(line) 79 | api_contents = '\n'.join(api_contents) 80 | ffi.cdef(api_contents) 81 | 82 | sources = SOURCES.copy() 83 | headers = HEADERS.copy() 84 | libraries = [] 85 | 86 | for hash_algo, files in PARAM_SETS_SOURCES.items(): 87 | if hash_algo in paramset: 88 | sources += files["sources"] 89 | headers += files["headers"] 90 | 91 | # we need to move everything to an instance-specific directory, as the code 92 | # contains references to params.h, and the content of that file needs to 93 | # differ for each instance. We cannot hot-swap params.h in the ref/ 94 | # directory, as the source files are first all collected by cffi before 95 | # any compilation is started. 96 | inst_dir = spx_inst_dir / paramset 97 | inst_param_dir = inst_dir / PARAM_DIR_NAME 98 | 99 | try: 100 | os.makedirs(inst_dir, exist_ok=True) 101 | os.mkdir(inst_param_dir) 102 | except FileExistsError: 103 | pass 104 | 105 | for source_file in sources + headers: 106 | shutil.copy(spx_ref_dir / source_file, inst_dir) 107 | 108 | shutil.copy(spx_ref_dir / "params" / paramfile, inst_param_dir / "params.h") 109 | 110 | # We add a params header that includes the instance-specific 111 | # params header. This is a trick to keep the relative includes 112 | # in the SPHINCS headers working. 113 | with open(inst_dir / "params.h", "w") as f: 114 | f.write('#include "params/params.h"') 115 | 116 | inst_sources = glob.glob(os.path.join(inst_dir, "*.c")) 117 | 118 | ffi.set_source("_spx_{}".format(paramset), api_contents, 119 | sources=inst_sources, libraries=libraries) 120 | 121 | return ffi 122 | 123 | 124 | for paramset, paramfile in paramsets(): 125 | globals()[paramset] = make_ffi(paramset, paramfile) 126 | -------------------------------------------------------------------------------- /tests/test_signing.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | import os 3 | import random 4 | import importlib 5 | import struct 6 | 7 | paramsets = [ 8 | 'shake_128s', 9 | 'shake_128f', 10 | 'shake_192s', 11 | 'shake_192f', 12 | 'shake_256s', 13 | 'shake_256f', 14 | 'sha2_128s', 15 | 'sha2_128f', 16 | 'sha2_192s', 17 | 'sha2_192f', 18 | 'sha2_256s', 19 | 'sha2_256f', 20 | 'haraka_128s', 21 | 'haraka_128f', 22 | 'haraka_192s', 23 | 'haraka_192f', 24 | 'haraka_256s', 25 | 'haraka_256f', 26 | ] 27 | 28 | expected_sizes = [ 29 | [32, 64, 7856], 30 | [32, 64, 17088], 31 | [48, 96, 16224], 32 | [48, 96, 35664], 33 | [64, 128, 29792], 34 | [64, 128, 49856], 35 | [32, 64, 7856], 36 | [32, 64, 17088], 37 | [48, 96, 16224], 38 | [48, 96, 35664], 39 | [64, 128, 29792], 40 | [64, 128, 49856], 41 | [32, 64, 7856], 42 | [32, 64, 17088], 43 | [48, 96, 16224], 44 | [48, 96, 35664], 45 | [64, 128, 29792], 46 | [64, 128, 49856], 47 | ] 48 | 49 | instances = [] 50 | 51 | for paramset in paramsets: 52 | instances.append(importlib.import_module('pyspx.' + paramset)) 53 | 54 | 55 | @pytest.mark.parametrize("pyspx,sizes", zip(instances, expected_sizes)) 56 | def test_sizes(pyspx, sizes): 57 | print(pyspx, pyspx.crypto_sign_PUBLICKEYBYTES, pyspx.crypto_sign_SECRETKEYBYTES, pyspx.crypto_sign_BYTES) 58 | assert pyspx.crypto_sign_PUBLICKEYBYTES == sizes[0] 59 | assert pyspx.crypto_sign_SECRETKEYBYTES == sizes[1] 60 | assert pyspx.crypto_sign_BYTES == sizes[2] 61 | 62 | 63 | @pytest.mark.parametrize("pyspx", instances) 64 | def test_keygen(pyspx): 65 | seed = bytes() 66 | with pytest.raises(MemoryError): 67 | pyspx.generate_keypair(seed) 68 | seed = os.urandom(pyspx.crypto_sign_SEEDBYTES) 69 | publickey, secretkey = pyspx.generate_keypair(seed) 70 | 71 | 72 | @pytest.mark.parametrize("pyspx", instances) 73 | def test_sign_verify(pyspx): 74 | seed = os.urandom(pyspx.crypto_sign_SEEDBYTES) 75 | publickey, secretkey = pyspx.generate_keypair(seed) 76 | message = os.urandom(32) 77 | signature = pyspx.sign(message, secretkey) 78 | assert pyspx.verify(message, signature, publickey) 79 | 80 | 81 | @pytest.mark.parametrize("pyspx", instances) 82 | def test_invalid_signature(pyspx): 83 | seed = os.urandom(pyspx.crypto_sign_SEEDBYTES) 84 | publickey, secretkey = pyspx.generate_keypair(seed) 85 | message = os.urandom(32) 86 | 87 | # incorrect sk length 88 | with pytest.raises(MemoryError): 89 | pyspx.sign(message, bytes()) 90 | 91 | # incorrect type for message or key 92 | with pytest.raises(TypeError): 93 | pyspx.sign(42, secretkey) 94 | with pytest.raises(TypeError): 95 | pyspx.sign(message, 42) 96 | 97 | signature = pyspx.sign(message, secretkey) 98 | 99 | for _ in range(10): 100 | n = random.randint(0, len(signature)) 101 | 102 | # Flip a random bit 103 | ba_sig = bytearray(signature) 104 | ba_sig[n] ^= 1 105 | 106 | assert not pyspx.verify(message, bytes(ba_sig), publickey) 107 | 108 | # incorrect pk length 109 | with pytest.raises(MemoryError): 110 | pyspx.verify(message, signature, bytes()) 111 | # incorrect signature length 112 | with pytest.raises(MemoryError): 113 | pyspx.verify(message, bytes(), publickey) 114 | 115 | # incorrect type for message, signature or key 116 | with pytest.raises(TypeError): 117 | pyspx.verify(42, signature, publickey) 118 | with pytest.raises(TypeError): 119 | pyspx.verify(message, 42, publickey) 120 | with pytest.raises(TypeError): 121 | pyspx.verify(message, signature, 42) 122 | 123 | 124 | @pytest.mark.parametrize("pyspx", instances) 125 | def test_long_message(pyspx): 126 | seed = os.urandom(pyspx.crypto_sign_SEEDBYTES) 127 | publickey, secretkey = pyspx.generate_keypair(seed) 128 | message = bytes(2**20) 129 | signature = pyspx.sign(message, secretkey) 130 | assert pyspx.verify(message, signature, publickey) 131 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | CC0 1.0 Universal 2 | 3 | Statement of Purpose 4 | 5 | The laws of most jurisdictions throughout the world automatically confer 6 | exclusive Copyright and Related Rights (defined below) upon the creator and 7 | subsequent owner(s) (each and all, an "owner") of an original work of 8 | authorship and/or a database (each, a "Work"). 9 | 10 | Certain owners wish to permanently relinquish those rights to a Work for the 11 | purpose of contributing to a commons of creative, cultural and scientific 12 | works ("Commons") that the public can reliably and without fear of later 13 | claims of infringement build upon, modify, incorporate in other works, reuse 14 | and redistribute as freely as possible in any form whatsoever and for any 15 | purposes, including without limitation commercial purposes. These owners may 16 | contribute to the Commons to promote the ideal of a free culture and the 17 | further production of creative, cultural and scientific works, or to gain 18 | reputation or greater distribution for their Work in part through the use and 19 | efforts of others. 20 | 21 | For these and/or other purposes and motivations, and without any expectation 22 | of additional consideration or compensation, the person associating CC0 with a 23 | Work (the "Affirmer"), to the extent that he or she is an owner of Copyright 24 | and Related Rights in the Work, voluntarily elects to apply CC0 to the Work 25 | and publicly distribute the Work under its terms, with knowledge of his or her 26 | Copyright and Related Rights in the Work and the meaning and intended legal 27 | effect of CC0 on those rights. 28 | 29 | 1. Copyright and Related Rights. A Work made available under CC0 may be 30 | protected by copyright and related or neighboring rights ("Copyright and 31 | Related Rights"). Copyright and Related Rights include, but are not limited 32 | to, the following: 33 | 34 | i. the right to reproduce, adapt, distribute, perform, display, communicate, 35 | and translate a Work; 36 | 37 | ii. moral rights retained by the original author(s) and/or performer(s); 38 | 39 | iii. publicity and privacy rights pertaining to a person's image or likeness 40 | depicted in a Work; 41 | 42 | iv. rights protecting against unfair competition in regards to a Work, 43 | subject to the limitations in paragraph 4(a), below; 44 | 45 | v. rights protecting the extraction, dissemination, use and reuse of data in 46 | a Work; 47 | 48 | vi. database rights (such as those arising under Directive 96/9/EC of the 49 | European Parliament and of the Council of 11 March 1996 on the legal 50 | protection of databases, and under any national implementation thereof, 51 | including any amended or successor version of such directive); and 52 | 53 | vii. other similar, equivalent or corresponding rights throughout the world 54 | based on applicable law or treaty, and any national implementations thereof. 55 | 56 | 2. Waiver. To the greatest extent permitted by, but not in contravention of, 57 | applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and 58 | unconditionally waives, abandons, and surrenders all of Affirmer's Copyright 59 | and Related Rights and associated claims and causes of action, whether now 60 | known or unknown (including existing as well as future claims and causes of 61 | action), in the Work (i) in all territories worldwide, (ii) for the maximum 62 | duration provided by applicable law or treaty (including future time 63 | extensions), (iii) in any current or future medium and for any number of 64 | copies, and (iv) for any purpose whatsoever, including without limitation 65 | commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes 66 | the Waiver for the benefit of each member of the public at large and to the 67 | detriment of Affirmer's heirs and successors, fully intending that such Waiver 68 | shall not be subject to revocation, rescission, cancellation, termination, or 69 | any other legal or equitable action to disrupt the quiet enjoyment of the Work 70 | by the public as contemplated by Affirmer's express Statement of Purpose. 71 | 72 | 3. Public License Fallback. Should any part of the Waiver for any reason be 73 | judged legally invalid or ineffective under applicable law, then the Waiver 74 | shall be preserved to the maximum extent permitted taking into account 75 | Affirmer's express Statement of Purpose. In addition, to the extent the Waiver 76 | is so judged Affirmer hereby grants to each affected person a royalty-free, 77 | non transferable, non sublicensable, non exclusive, irrevocable and 78 | unconditional license to exercise Affirmer's Copyright and Related Rights in 79 | the Work (i) in all territories worldwide, (ii) for the maximum duration 80 | provided by applicable law or treaty (including future time extensions), (iii) 81 | in any current or future medium and for any number of copies, and (iv) for any 82 | purpose whatsoever, including without limitation commercial, advertising or 83 | promotional purposes (the "License"). The License shall be deemed effective as 84 | of the date CC0 was applied by Affirmer to the Work. Should any part of the 85 | License for any reason be judged legally invalid or ineffective under 86 | applicable law, such partial invalidity or ineffectiveness shall not 87 | invalidate the remainder of the License, and in such case Affirmer hereby 88 | affirms that he or she will not (i) exercise any of his or her remaining 89 | Copyright and Related Rights in the Work or (ii) assert any associated claims 90 | and causes of action with respect to the Work, in either case contrary to 91 | Affirmer's express Statement of Purpose. 92 | 93 | 4. Limitations and Disclaimers. 94 | 95 | a. No trademark or patent rights held by Affirmer are waived, abandoned, 96 | surrendered, licensed or otherwise affected by this document. 97 | 98 | b. Affirmer offers the Work as-is and makes no representations or warranties 99 | of any kind concerning the Work, express, implied, statutory or otherwise, 100 | including without limitation warranties of title, merchantability, fitness 101 | for a particular purpose, non infringement, or the absence of latent or 102 | other defects, accuracy, or the present or absence of errors, whether or not 103 | discoverable, all to the greatest extent permissible under applicable law. 104 | 105 | c. Affirmer disclaims responsibility for clearing rights of other persons 106 | that may apply to the Work or any use thereof, including without limitation 107 | any person's Copyright and Related Rights in the Work. Further, Affirmer 108 | disclaims responsibility for obtaining any necessary consents, permissions 109 | or other rights required for any use of the Work. 110 | 111 | d. Affirmer understands and acknowledges that Creative Commons is not a 112 | party to this document and has no duty or obligation with respect to this 113 | CC0 or use of the Work. 114 | 115 | For more information, please see 116 | 117 | --------------------------------------------------------------------------------