diff --git a/signature-crate/Cargo.toml b/signature-crate/Cargo.toml index 773be118..f52a60af 100644 --- a/signature-crate/Cargo.toml +++ b/signature-crate/Cargo.toml @@ -12,8 +12,9 @@ keywords = ["crypto", "ecdsa", "ed25519", "signature", "signing"] categories = ["cryptography", "no-std"] [dependencies] +digest = { version = "0.8", optional = true, default-features = false } [features] -default = ["std"] +default = ["digest", "std"] alloc = [] std = ["alloc"] diff --git a/signature-crate/src/lib.rs b/signature-crate/src/lib.rs index 85ccc2bd..14d15ddf 100644 --- a/signature-crate/src/lib.rs +++ b/signature-crate/src/lib.rs @@ -14,12 +14,17 @@ unused_qualifications )] +#[cfg(feature = "digest")] +pub extern crate digest; + #[cfg(any(feature = "std", test))] #[macro_use] extern crate std; mod error; mod prelude; +pub mod sign; mod signature; +pub mod verify; -pub use crate::{error::Error, signature::Signature}; +pub use crate::{error::Error, sign::Sign, signature::Signature, verify::Verify}; diff --git a/signature-crate/src/sign/digest.rs b/signature-crate/src/sign/digest.rs new file mode 100644 index 00000000..e4f21c2b --- /dev/null +++ b/signature-crate/src/sign/digest.rs @@ -0,0 +1,18 @@ +//! Support for signing messages which have been prehashed messages using +//! the `Digest` trait. +//! +//! For use signature algorithms that support an Initialize-Update-Finalize +//! (IUF) API, such as ECDSA or Ed25519ph. + +use crate::{error::Error, Signature}; +use digest::Digest; + +/// Sign the given prehashed message `Digest` using `Self`. +pub trait SignDigest: Send + Sync +where + D: Digest, + S: Signature, +{ + /// Sign the given prehashed message `Digest`, returning a signature. + fn sign(&self, digest: D) -> Result; +} diff --git a/signature-crate/src/sign/mod.rs b/signature-crate/src/sign/mod.rs new file mode 100644 index 00000000..1acc7c84 --- /dev/null +++ b/signature-crate/src/sign/mod.rs @@ -0,0 +1,15 @@ +//! Traits for generating digital signatures + +#[cfg(feature = "digest")] +pub(crate) mod digest; + +#[cfg(feature = "digest")] +pub use self::digest::SignDigest; +use crate::{error::Error, Signature}; + +/// Sign the provided message bytestring using `Self` (e.g. a cryptographic key +/// or connection to an HSM), returning a digital signature. +pub trait Sign: Send + Sync { + /// Sign the given message and return a digital signature + fn sign(&self, msg: &[u8]) -> Result; +} diff --git a/signature-crate/src/verify/digest.rs b/signature-crate/src/verify/digest.rs new file mode 100644 index 00000000..c577e700 --- /dev/null +++ b/signature-crate/src/verify/digest.rs @@ -0,0 +1,19 @@ +//! Support for verifying messages which have been prehashed messages using +//! the `Digest` trait. +//! +//! For use signature algorithms that support an Initialize-Update-Finalize +//! (IUF) API, such as ECDSA or Ed25519ph. + +use crate::{error::Error, Signature}; +use digest::Digest; + +/// Verify the provided signature for the given prehashed message `Digest` +/// is authentic. +pub trait VerifyDigest: Send + Sync +where + D: Digest, + S: Signature, +{ + /// Verify the signature against the given `Digest` + fn verify(&self, digest: D, signature: &S) -> Result<(), Error>; +} diff --git a/signature-crate/src/verify/mod.rs b/signature-crate/src/verify/mod.rs new file mode 100644 index 00000000..d8c4b0e2 --- /dev/null +++ b/signature-crate/src/verify/mod.rs @@ -0,0 +1,17 @@ +//! Trait for verifying digital signatures + +#[cfg(feature = "digest")] +pub(crate) mod digest; + +#[cfg(feature = "digest")] +pub use self::digest::VerifyDigest; +use crate::{error::Error, Signature}; + +/// Verify the provided message bytestring using `Self` (e.g. a public key) +pub trait Verify: Send + Sync { + /// Use `Self` to verify that the provided signature for a given message + /// bytestring is authentic. + /// + /// Returns `Error` if it is inauthentic, or otherwise returns `()`. + fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error>; +}