From 8d3d76859e117a538c7b9d0799ea2b7bcf200356 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Wed, 2 Sep 2020 10:34:57 -0700 Subject: [PATCH] ecdsa: rename {Signer, Verifier} => {SigningKey, VerifyKey} Should help prevent confusion with `signature::{Signer, Verifier}`. --- .github/workflows/ecdsa.yml | 4 +-- ecdsa/Cargo.toml | 4 +-- ecdsa/src/lib.rs | 24 ++++++++++-------- ecdsa/src/{signer => }/rfc6979.rs | 0 ecdsa/src/{signer.rs => sign.rs} | 38 +++++++++++++--------------- ecdsa/src/{verifier.rs => verify.rs} | 23 +++++++++++------ ed25519/src/lib.rs | 6 ++--- 7 files changed, 54 insertions(+), 45 deletions(-) rename ecdsa/src/{signer => }/rfc6979.rs (100%) rename ecdsa/src/{signer.rs => sign.rs} (84%) rename ecdsa/src/{verifier.rs => verify.rs} (73%) diff --git a/.github/workflows/ecdsa.yml b/.github/workflows/ecdsa.yml index b2aa4f59..186150eb 100644 --- a/.github/workflows/ecdsa.yml +++ b/.github/workflows/ecdsa.yml @@ -35,8 +35,8 @@ jobs: target: ${{ matrix.target }} override: true - run: cargo build --no-default-features --release --target ${{ matrix.target }} - - run: cargo build --no-default-features --features signer --release --target ${{ matrix.target }} - - run: cargo build --no-default-features --features verifier --release --target ${{ matrix.target }} + - run: cargo build --no-default-features --features sign --release --target ${{ matrix.target }} + - run: cargo build --no-default-features --features verify --release --target ${{ matrix.target }} test: runs-on: ubuntu-latest diff --git a/ecdsa/Cargo.toml b/ecdsa/Cargo.toml index 0d0545a9..d5293ac2 100644 --- a/ecdsa/Cargo.toml +++ b/ecdsa/Cargo.toml @@ -28,9 +28,9 @@ dev = ["digest", "zeroize"] digest = ["elliptic-curve/digest", "signature/digest-preview"] hazmat = [] rand = ["elliptic-curve/rand", "signature/rand-preview"] -signer = ["digest", "hazmat", "hmac", "zeroize"] +sign = ["digest", "hazmat", "hmac", "zeroize"] std = ["elliptic-curve/std", "signature/std"] -verifier = ["digest", "hazmat"] +verify = ["digest", "hazmat"] zeroize = ["elliptic-curve/zeroize"] [package.metadata.docs.rs] diff --git a/ecdsa/src/lib.rs b/ecdsa/src/lib.rs index 09e247fd..066b171a 100644 --- a/ecdsa/src/lib.rs +++ b/ecdsa/src/lib.rs @@ -37,13 +37,17 @@ pub mod dev; #[cfg_attr(docsrs, doc(cfg(feature = "hazmat")))] pub mod hazmat; -#[cfg(feature = "signer")] -#[cfg_attr(docsrs, doc(cfg(feature = "signer")))] -pub mod signer; +#[cfg(feature = "sign")] +#[cfg_attr(docsrs, doc(cfg(feature = "sign")))] +pub mod rfc6979; -#[cfg(feature = "verifier")] -#[cfg_attr(docsrs, doc(cfg(feature = "verifier")))] -pub mod verifier; +#[cfg(feature = "sign")] +#[cfg_attr(docsrs, doc(cfg(feature = "sign")))] +pub mod sign; + +#[cfg(feature = "verify")] +#[cfg_attr(docsrs, doc(cfg(feature = "verify")))] +pub mod verify; // Re-export the `elliptic-curve` crate (and select types) pub use elliptic_curve::{self, generic_array, sec1::EncodedPoint, weierstrass::Curve, SecretKey}; @@ -51,11 +55,11 @@ pub use elliptic_curve::{self, generic_array, sec1::EncodedPoint, weierstrass::C // Re-export the `signature` crate (and select types) pub use signature::{self, Error}; -#[cfg(feature = "signer")] -pub use signer::Signer; +#[cfg(feature = "sign")] +pub use sign::SigningKey; -#[cfg(feature = "verifier")] -pub use verifier::Verifier; +#[cfg(feature = "verify")] +pub use verify::VerifyKey; use core::{ convert::TryFrom, diff --git a/ecdsa/src/signer/rfc6979.rs b/ecdsa/src/rfc6979.rs similarity index 100% rename from ecdsa/src/signer/rfc6979.rs rename to ecdsa/src/rfc6979.rs diff --git a/ecdsa/src/signer.rs b/ecdsa/src/sign.rs similarity index 84% rename from ecdsa/src/signer.rs rename to ecdsa/src/sign.rs index dc786c7f..de75baaa 100644 --- a/ecdsa/src/signer.rs +++ b/ecdsa/src/sign.rs @@ -1,15 +1,13 @@ -//! ECDSA signer. Generic over elliptic curves. +//! ECDSA signing key. Generic over elliptic curves. //! //! Requires an [`elliptic_curve::Arithmetic`] impl on the curve, and a //! [`SignPrimitive`] impl on its associated `Scalar` type. // TODO(tarcieri): support for hardware crypto accelerators -pub mod rfc6979; - use crate::{ hazmat::{DigestPrimitive, SignPrimitive}, - Error, Signature, SignatureSize, + rfc6979, Error, Signature, SignatureSize, }; use core::convert::TryInto; use elliptic_curve::{ @@ -30,8 +28,8 @@ use { }, }; -/// ECDSA signer -pub struct Signer +/// ECDSA signing key +pub struct SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -40,15 +38,15 @@ where secret_scalar: NonZeroScalar, } -impl Signer +impl SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, SignatureSize: ArrayLength, { - /// Initialize signer from a raw scalar serialized as a byte slice + /// Initialize signing key from a raw scalar serialized as a byte slice. // TODO(tarcieri): PKCS#8 support - pub fn from_bytes(bytes: &[u8]) -> Result { + pub fn new(bytes: &[u8]) -> Result { let scalar = bytes .try_into() .map(NonZeroScalar::from_bytes) @@ -62,14 +60,14 @@ where } } - /// Create a new signer - // TODO(tarcieri): infallible conversion from a secret key - pub fn new(secret_key: &SecretKey) -> Result { - Self::from_bytes(secret_key.as_bytes()) + /// Create a new signing key from a [`SecretKey`]. + // TODO(tarcieri): infallible `From` conversion from a secret key + pub fn from_secret_key(secret_key: &SecretKey) -> Result { + Self::new(secret_key.as_bytes()) } } -impl DigestSigner> for Signer +impl DigestSigner> for SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -88,7 +86,7 @@ where } } -impl signature::Signer> for Signer +impl signature::Signer> for SigningKey where C: Curve + Arithmetic + DigestPrimitive, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -102,7 +100,7 @@ where #[cfg(feature = "rand")] #[cfg_attr(docsrs, doc(cfg(feature = "rand")))] -impl RandomizedDigestSigner> for Signer +impl RandomizedDigestSigner> for SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -132,7 +130,7 @@ where #[cfg(feature = "rand")] #[cfg_attr(docsrs, doc(cfg(feature = "rand")))] -impl RandomizedSigner> for Signer +impl RandomizedSigner> for SigningKey where C: Curve + Arithmetic + DigestPrimitive, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -148,7 +146,7 @@ where } } -impl From> for Signer +impl From> for SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -159,7 +157,7 @@ where } } -impl Zeroize for Signer +impl Zeroize for SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, @@ -170,7 +168,7 @@ where } } -impl Drop for Signer +impl Drop for SigningKey where C: Curve + Arithmetic, C::Scalar: FromDigest + Invert + SignPrimitive + Zeroize, diff --git a/ecdsa/src/verifier.rs b/ecdsa/src/verify.rs similarity index 73% rename from ecdsa/src/verifier.rs rename to ecdsa/src/verify.rs index 17a77e55..204da24d 100644 --- a/ecdsa/src/verifier.rs +++ b/ecdsa/src/verify.rs @@ -1,4 +1,4 @@ -//! ECDSA verifier. Generic over elliptic curves. +//! ECDSA verify key. Generic over elliptic curves. //! //! Requires an [`elliptic_curve::Arithmetic`] impl on the curve, and a //! [`VerifyPrimitive`] impl on its associated `AffinePoint` type. @@ -17,12 +17,12 @@ use elliptic_curve::{ }; use signature::{digest::Digest, DigestVerifier}; -/// ECDSA verifier -pub struct Verifier { +/// ECDSA verify key +pub struct VerifyKey { public_key: C::AffinePoint, } -impl Verifier +impl VerifyKey where C: Curve + Arithmetic, C::AffinePoint: VerifyPrimitive + FromEncodedPoint, @@ -31,8 +31,15 @@ where UncompressedPointSize: ArrayLength, SignatureSize: ArrayLength, { - /// Create a new verifier - pub fn new(public_key: &EncodedPoint) -> Result { + /// Initialize [`VerifyKey`] from a SEC1-encoded public key. + pub fn new(bytes: &[u8]) -> Result { + EncodedPoint::from_bytes(bytes) + .map_err(|_| Error::new()) + .and_then(|point| Self::from_encoded_point(&point)) + } + + /// Initialize [`VerifyKey`] from an [`EncodedPoint`]. + pub fn from_encoded_point(public_key: &EncodedPoint) -> Result { let affine_point = C::AffinePoint::from_encoded_point(public_key); if affine_point.is_some().into() { @@ -45,7 +52,7 @@ where } } -impl DigestVerifier> for Verifier +impl DigestVerifier> for VerifyKey where C: Curve + Arithmetic, D: Digest, @@ -59,7 +66,7 @@ where } } -impl signature::Verifier> for Verifier +impl signature::Verifier> for VerifyKey where C: Curve + Arithmetic + DigestPrimitive, C::AffinePoint: VerifyPrimitive, diff --git a/ed25519/src/lib.rs b/ed25519/src/lib.rs index 283d51a4..9533b7ed 100644 --- a/ed25519/src/lib.rs +++ b/ed25519/src/lib.rs @@ -9,7 +9,7 @@ //! [`signature::Verifier`] traits defined in the [`signature`] crate. //! //! These traits allow crates which produce and consume Ed25519 signatures -//! to be written abstractly in such a way that different signer/verifier +//! to be written abstractly in such a way that different signing_key/verifier //! providers can be plugged in, enabling support for using different //! Ed25519 implementations, including HSMs or Cloud KMS services. //! @@ -37,7 +37,7 @@ //! use ed25519::signature::{Signer, Verifier}; //! //! pub struct HelloSigner { -//! pub signer: S +//! pub signing_key: S //! } //! //! impl HelloSigner @@ -48,7 +48,7 @@ //! // NOTE: use `try_sign` if you'd like to be able to handle //! // errors from external signing services/devices (e.g. HSM/KMS) //! // -//! self.signer.sign(format_message(person).as_bytes()) +//! self.signing_key.sign(format_message(person).as_bytes()) //! } //! } //!