diff --git a/Cargo.lock b/Cargo.lock index f1f31390..975b7079 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -94,7 +94,7 @@ version = "0.11.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a229bfd78e4827c91b9b95784f69492c1b77c1ab75a45a8a037b139215086f94" dependencies = [ - "hybrid-array 0.3.0", + "hybrid-array", ] [[package]] @@ -267,10 +267,11 @@ checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" [[package]] name = "crypto-bigint" -version = "0.7.0-pre" -source = "git+https://github.com/RustCrypto/crypto-bigint.git#534c2940b1f0aa9ec8ada964ce654cc0e6e1e7bb" +version = "0.7.0-pre.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6957fb7344601c8271b03e9d4c7efb46f1dee86553eee20f99e54db0cf53f36e" dependencies = [ - "hybrid-array 0.2.3", + "hybrid-array", "num-traits", "rand_core 0.9.2", "subtle", @@ -283,7 +284,7 @@ version = "0.2.0-rc.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "170d71b5b14dec99db7739f6fc7d6ec2db80b78c3acb77db48392ccc3d8a9ea0" dependencies = [ - "hybrid-array 0.3.0", + "hybrid-array", ] [[package]] @@ -329,7 +330,7 @@ dependencies = [ "rfc6979", "serdect", "sha2", - "signature", + "signature 3.0.0-pre", "spki", ] @@ -343,7 +344,7 @@ dependencies = [ "rand_core 0.9.2", "serde", "serde_bytes", - "signature", + "signature 3.0.0-pre", "zeroize", ] @@ -356,7 +357,7 @@ dependencies = [ "pkcs8", "serde", "serde_bytes", - "signature", + "signature 3.0.0-pre", "zeroize", ] @@ -369,7 +370,7 @@ checksum = "11157ac094ffbdde99aa67b23417ebdd801842852b500e395a45a9c0aac03e4a" [[package]] name = "elliptic-curve" version = "0.14.0-rc.1" -source = "git+https://github.com/RustCrypto/traits.git#829328e9405143cc86b81c297b39f1a6161700c8" +source = "git+https://github.com/RustCrypto/traits.git#ba9dbacd95e51200b697ca6f7dfdfc200129b3d6" dependencies = [ "base16ct", "crypto-bigint", @@ -377,7 +378,7 @@ dependencies = [ "ff", "group", "hex-literal 1.0.0", - "hybrid-array 0.3.0", + "hybrid-array", "pem-rfc7468", "pkcs8", "rand_core 0.9.2", @@ -509,15 +510,6 @@ dependencies = [ "digest", ] -[[package]] -name = "hybrid-array" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2d35805454dc9f8662a98d6d61886ffe26bd465f5960e0e55345c70d5c0d2a9" -dependencies = [ - "typenum", -] - [[package]] name = "hybrid-array" version = "0.3.0" @@ -534,7 +526,7 @@ version = "0.2.0-rc.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ac5e145e8ade9f74c0a5efc60ccb4e714b0144f7e2220b7ca64254feee71c57f" dependencies = [ - "hybrid-array 0.3.0", + "hybrid-array", ] [[package]] @@ -612,11 +604,11 @@ dependencies = [ "digest", "hex", "hex-literal 0.4.1", - "hybrid-array 0.3.0", + "hybrid-array", "rand 0.9.0", "rand_core 0.9.2", "sha2", - "signature", + "signature 3.0.0-pre", "static_assertions", "typenum", "zeroize", @@ -642,7 +634,7 @@ dependencies = [ "criterion", "hex", "hex-literal 1.0.0", - "hybrid-array 0.3.0", + "hybrid-array", "num-traits", "pkcs8", "proptest", @@ -651,7 +643,7 @@ dependencies = [ "serde", "serde_json", "sha3", - "signature", + "signature 2.3.0-pre.7", "zeroize", ] @@ -1007,7 +999,7 @@ checksum = "a017a4aa8f0bd51e9d0184d98042dfe9285218fec098493f47d9a8aa0f1a3f27" dependencies = [ "base16ct", "der", - "hybrid-array 0.3.0", + "hybrid-array", "pkcs8", "serdect", "subtle", @@ -1091,6 +1083,14 @@ name = "signature" version = "2.3.0-pre.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a6e22be6d22b655ff65ed5635383d63ac17a99c5c0a05a83a414d399056d4e1d" +dependencies = [ + "rand_core 0.9.2", +] + +[[package]] +name = "signature" +version = "3.0.0-pre" +source = "git+https://github.com/RustCrypto/traits.git#bf4774878c7c2e36451119a0ad24f1db6dc93cd8" dependencies = [ "digest", "rand_core 0.9.2", @@ -1109,7 +1109,7 @@ dependencies = [ "hex", "hex-literal 1.0.0", "hmac", - "hybrid-array 0.3.0", + "hybrid-array", "num-bigint", "paste", "pkcs8", @@ -1122,7 +1122,7 @@ dependencies = [ "serde_json", "sha2", "sha3", - "signature", + "signature 3.0.0-pre", "typenum", "zerocopy 0.7.35", "zeroize", diff --git a/Cargo.toml b/Cargo.toml index 03167313..400348b4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,7 +34,4 @@ slh-dsa = { path = "./slh-dsa" } # https://github.com/RustCrypto/traits/pull/1774 # https://github.com/RustCrypto/traits/pull/1822 elliptic-curve = { git = "https://github.com/RustCrypto/traits.git" } - -# https://github.com/RustCrypto/crypto-bigint/pull/762 -# https://github.com/RustCrypto/crypto-bigint/pull/765 -crypto-bigint = { git = "https://github.com/RustCrypto/crypto-bigint.git" } +signature = { git = "https://github.com/RustCrypto/traits.git" } diff --git a/ecdsa/CHANGELOG.md b/ecdsa/CHANGELOG.md index 77609d8f..1125fd1a 100644 --- a/ecdsa/CHANGELOG.md +++ b/ecdsa/CHANGELOG.md @@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## 0.17.0 (UNRELEASED) + +### Changed +- `DigestPrimitive` was moved off of hazmat ([#945]) +- `DigestPrimitive` has been renamed `DigestAlgorithm` ([#945]) + +[#945]: https://github.com/RustCrypto/signatures/pull/945 + ## 0.16.9 (2023-11-16) ### Changed - Loosen `signature` bound to `2.0, <2.3` ([#756]) diff --git a/ecdsa/Cargo.toml b/ecdsa/Cargo.toml index 7e735910..2b28d907 100644 --- a/ecdsa/Cargo.toml +++ b/ecdsa/Cargo.toml @@ -18,7 +18,7 @@ rust-version = "1.85" [dependencies] elliptic-curve = { version = "0.14.0-rc.1", default-features = false, features = ["sec1"] } -signature = { version = "=2.3.0-pre.7", default-features = false, features = ["rand_core"] } +signature = { version = "=3.0.0-pre", default-features = false, features = ["rand_core"] } # optional dependencies der = { version = "0.8.0-rc.1", optional = true } @@ -44,6 +44,7 @@ digest = ["dep:digest", "elliptic-curve/digest", "signature/digest"] hazmat = [] pkcs8 = ["digest", "elliptic-curve/pkcs8", "der"] pem = ["elliptic-curve/pem", "pkcs8"] +rfc6979 = ["arithmetic", "digest", "dep:rfc6979"] serde = ["elliptic-curve/serde", "pkcs8", "serdect"] signing = ["arithmetic", "digest", "hazmat", "rfc6979"] verifying = ["arithmetic", "digest", "hazmat"] diff --git a/ecdsa/src/der.rs b/ecdsa/src/der.rs index d4eb66ed..9b2b7c2c 100644 --- a/ecdsa/src/der.rs +++ b/ecdsa/src/der.rs @@ -382,10 +382,10 @@ fn find_scalar_range(outer: &[u8], inner: &[u8]) -> Result> { Ok(Range { start, end }) } -#[cfg(all(feature = "digest", feature = "hazmat"))] +#[cfg(feature = "digest")] impl signature::PrehashSignature for Signature where - C: EcdsaCurve + crate::hazmat::DigestPrimitive, + C: EcdsaCurve + crate::DigestAlgorithm, MaxSize: ArraySize, as Add>::Output: Add + ArraySize, { diff --git a/ecdsa/src/hazmat.rs b/ecdsa/src/hazmat.rs index e70eaec6..245cb9d9 100644 --- a/ecdsa/src/hazmat.rs +++ b/ecdsa/src/hazmat.rs @@ -27,46 +27,21 @@ use { }, }; -#[cfg(feature = "digest")] +#[cfg(feature = "rfc6979")] use { - elliptic_curve::FieldBytesSize, - signature::{ - PrehashSignature, - digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser}, - }, + elliptic_curve::FieldBytesEncoding, + signature::digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser}, }; -#[cfg(feature = "rfc6979")] -use elliptic_curve::FieldBytesEncoding; - -#[cfg(any(feature = "arithmetic", feature = "digest"))] +#[cfg(any(feature = "arithmetic", feature = "rfc6979"))] use crate::{Signature, elliptic_curve::array::ArraySize}; -/// Bind a preferred [`Digest`] algorithm to an elliptic curve type. -/// -/// Generally there is a preferred variety of the SHA-2 family used with ECDSA -/// for a particular elliptic curve. -/// -/// This trait can be used to specify it, and with it receive a blanket impl of -/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`] -/// type for a particular elliptic curve. -/// -/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive -#[cfg(feature = "digest")] -pub trait DigestPrimitive: EcdsaCurve { - /// Preferred digest to use when computing ECDSA signatures for this - /// elliptic curve. This is typically a member of the SHA-2 family. - type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset; -} - #[cfg(feature = "digest")] -impl PrehashSignature for Signature -where - C: DigestPrimitive, - as core::ops::Add>::Output: ArraySize, -{ - type Digest = C::Digest; -} +#[deprecated( + since = "0.17.0", + note = "`DigestAlgorithm` is no longer in `hazmat`, please use `ecdsa::DigestAlgorithm` instead" +)] +pub use crate::DigestAlgorithm; /// Partial implementation of the `bits2int` function as defined in /// [RFC6979 § 2.3.2] as well as [SEC1] § 2.3.8. diff --git a/ecdsa/src/lib.rs b/ecdsa/src/lib.rs index cdb4aa2f..2db67bcd 100644 --- a/ecdsa/src/lib.rs +++ b/ecdsa/src/lib.rs @@ -101,9 +101,13 @@ use { }; #[cfg(feature = "digest")] -use digest::{ - Digest, - const_oid::{AssociatedOid, ObjectIdentifier}, +use { + digest::{ + Digest, FixedOutput, FixedOutputReset, + const_oid::{AssociatedOid, ObjectIdentifier}, + core_api::BlockSizeUser, + }, + signature::PrehashSignature, }; #[cfg(feature = "pkcs8")] @@ -463,15 +467,15 @@ where /// /// To support non-default digest algorithms, use the [`SignatureWithOid`] /// type instead. -#[cfg(all(feature = "digest", feature = "hazmat"))] +#[cfg(feature = "digest")] impl AssociatedOid for Signature where - C: hazmat::DigestPrimitive, + C: DigestAlgorithm, C::Digest: AssociatedOid, { const OID: ObjectIdentifier = match ecdsa_oid_for_digest(C::Digest::OID) { Some(oid) => oid, - None => panic!("no RFC5758 ECDSA OID defined for DigestPrimitive::Digest"), + None => panic!("no RFC5758 ECDSA OID defined for DigestAlgorithm::Digest"), }; } @@ -713,14 +717,14 @@ where } /// NOTE: this implementation assumes the default digest for the given elliptic -/// curve as defined by [`hazmat::DigestPrimitive`]. +/// curve as defined by [`DigestAlgorithm`]. /// /// When working with alternative digests, you will need to use e.g. /// [`SignatureWithOid::new_with_digest`]. -#[cfg(all(feature = "digest", feature = "hazmat"))] +#[cfg(feature = "digest")] impl SignatureEncoding for SignatureWithOid where - C: hazmat::DigestPrimitive, + C: DigestAlgorithm, C::Digest: AssociatedOid, SignatureSize: ArraySize, { @@ -728,14 +732,14 @@ where } /// NOTE: this implementation assumes the default digest for the given elliptic -/// curve as defined by [`hazmat::DigestPrimitive`]. +/// curve as defined by [`DigestAlgorithm`]. /// /// When working with alternative digests, you will need to use e.g. /// [`SignatureWithOid::new_with_digest`]. -#[cfg(all(feature = "digest", feature = "hazmat"))] +#[cfg(feature = "digest")] impl TryFrom<&[u8]> for SignatureWithOid where - C: hazmat::DigestPrimitive, + C: DigestAlgorithm, C::Digest: AssociatedOid, SignatureSize: ArraySize, { @@ -770,3 +774,29 @@ const fn ecdsa_oid_for_digest(digest_oid: ObjectIdentifier) -> Option None, } } + +/// Bind a preferred [`Digest`] algorithm to an elliptic curve type. +/// +/// Generally there is a preferred variety of the SHA-2 family used with ECDSA +/// for a particular elliptic curve. +/// +/// This trait can be used to specify it, and with it receive a blanket impl of +/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`] +/// type for a particular elliptic curve. +/// +/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive +#[cfg(feature = "digest")] +pub trait DigestAlgorithm: EcdsaCurve { + /// Preferred digest to use when computing ECDSA signatures for this + /// elliptic curve. This is typically a member of the SHA-2 family. + type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset; +} + +#[cfg(feature = "digest")] +impl PrehashSignature for Signature +where + C: DigestAlgorithm, + as Add>::Output: ArraySize, +{ + type Digest = C::Digest; +} diff --git a/ecdsa/src/recovery.rs b/ecdsa/src/recovery.rs index 1dbe84a2..f7d0049d 100644 --- a/ecdsa/src/recovery.rs +++ b/ecdsa/src/recovery.rs @@ -7,7 +7,7 @@ use { crate::{SigningKey, hazmat::sign_prehashed_rfc6979}, elliptic_curve::{FieldBytes, subtle::CtOption}, signature::{ - DigestSigner, RandomizedDigestSigner, Signer, + DigestSigner, RandomizedDigestSigner, digest::FixedOutput, hazmat::{PrehashSigner, RandomizedPrehashSigner}, rand_core::TryCryptoRng, @@ -28,10 +28,7 @@ use { #[cfg(any(feature = "signing", feature = "verifying"))] use { - crate::{ - EcdsaCurve, Signature, SignatureSize, - hazmat::{DigestPrimitive, bits2field}, - }, + crate::{DigestAlgorithm, EcdsaCurve, Signature, SignatureSize, hazmat::bits2field}, elliptic_curve::{CurveArithmetic, Scalar, array::ArraySize, ops::Invert}, signature::digest::Digest, }; @@ -100,7 +97,7 @@ impl RecoveryId { signature: &Signature, ) -> Result where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, AffinePoint: DecompressPoint + FromEncodedPoint + ToEncodedPoint, FieldBytesSize: sec1::ModulusSize, SignatureSize: ArraySize, @@ -179,7 +176,7 @@ impl From for u8 { #[cfg(feature = "signing")] impl SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, { @@ -220,7 +217,7 @@ where #[cfg(feature = "signing")] impl DigestSigner, RecoveryId)> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest, Scalar: Invert>>, SignatureSize: ArraySize, @@ -233,7 +230,7 @@ where #[cfg(feature = "signing")] impl RandomizedPrehashSigner<(Signature, RecoveryId)> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, { @@ -249,7 +246,7 @@ where #[cfg(feature = "signing")] impl RandomizedDigestSigner, RecoveryId)> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest + FixedOutput, Scalar: Invert>>, SignatureSize: ArraySize, @@ -266,7 +263,7 @@ where #[cfg(feature = "signing")] impl PrehashSigner<(Signature, RecoveryId)> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, { @@ -275,18 +272,6 @@ where } } -#[cfg(feature = "signing")] -impl Signer<(Signature, RecoveryId)> for SigningKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - Scalar: Invert>>, - SignatureSize: ArraySize, -{ - fn try_sign(&self, msg: &[u8]) -> Result<(Signature, RecoveryId)> { - self.sign_recoverable(msg) - } -} - #[cfg(feature = "verifying")] impl VerifyingKey where @@ -298,14 +283,14 @@ where /// Recover a [`VerifyingKey`] from the given message, signature, and /// [`RecoveryId`]. /// - /// The message is first hashed using this curve's [`DigestPrimitive`]. + /// The message is first hashed using this curve's [`DigestAlgorithm`]. pub fn recover_from_msg( msg: &[u8], signature: &Signature, recovery_id: RecoveryId, ) -> Result where - C: DigestPrimitive, + C: DigestAlgorithm, { Self::recover_from_digest(C::Digest::new_with_prefix(msg), signature, recovery_id) } diff --git a/ecdsa/src/signing.rs b/ecdsa/src/signing.rs index e6c1f3e5..40df7472 100644 --- a/ecdsa/src/signing.rs +++ b/ecdsa/src/signing.rs @@ -1,8 +1,9 @@ //! ECDSA signing: producing signatures using a [`SigningKey`]. use crate::{ - EcdsaCurve, Error, Result, Signature, SignatureSize, SignatureWithOid, ecdsa_oid_for_digest, - hazmat::{DigestPrimitive, bits2field, sign_prehashed_rfc6979}, + DigestAlgorithm, EcdsaCurve, Error, Result, Signature, SignatureSize, SignatureWithOid, + ecdsa_oid_for_digest, + hazmat::{bits2field, sign_prehashed_rfc6979}, }; use core::fmt::{self, Debug}; use digest::{Digest, FixedOutput, const_oid::AssociatedOid}; @@ -15,7 +16,7 @@ use elliptic_curve::{ zeroize::{Zeroize, ZeroizeOnDrop}, }; use signature::{ - DigestSigner, RandomizedDigestSigner, RandomizedSigner, Signer, + DigestSigner, RandomizedDigestSigner, Signer, hazmat::{PrehashSigner, RandomizedPrehashSigner}, rand_core::{CryptoRng, TryCryptoRng}, }; @@ -139,7 +140,7 @@ where /// [RFC6979 § 3.2]: https://tools.ietf.org/html/rfc6979#section-3 impl DigestSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest + FixedOutput, Scalar: Invert>>, SignatureSize: ArraySize, @@ -155,7 +156,7 @@ where /// [RFC6979 § 3.2]: https://tools.ietf.org/html/rfc6979#section-3 impl PrehashSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, { @@ -165,24 +166,9 @@ where } } -/// Sign message using a deterministic ephemeral scalar (`k`) -/// computed using the algorithm described in [RFC6979 § 3.2]. -/// -/// [RFC6979 § 3.2]: https://tools.ietf.org/html/rfc6979#section-3 -impl Signer> for SigningKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - Scalar: Invert>>, - SignatureSize: ArraySize, -{ - fn try_sign(&self, msg: &[u8]) -> Result> { - self.try_sign_digest(C::Digest::new_with_prefix(msg)) - } -} - impl RandomizedDigestSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest + FixedOutput, Scalar: Invert>>, SignatureSize: ArraySize, @@ -198,7 +184,7 @@ where impl RandomizedPrehashSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, { @@ -214,25 +200,9 @@ where } } -impl RandomizedSigner> for SigningKey -where - Self: RandomizedDigestSigner>, - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - Scalar: Invert>>, - SignatureSize: ArraySize, -{ - fn try_sign_with_rng( - &self, - rng: &mut R, - msg: &[u8], - ) -> Result> { - self.try_sign_digest_with_rng(rng, C::Digest::new_with_prefix(msg)) - } -} - impl DigestSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: AssociatedOid + Digest + FixedOutput, Scalar: Invert>>, SignatureSize: ArraySize, @@ -246,7 +216,7 @@ where impl Signer> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, C::Digest: AssociatedOid, Scalar: Invert>>, SignatureSize: ArraySize, @@ -259,7 +229,7 @@ where #[cfg(feature = "der")] impl PrehashSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, der::MaxSize: ArraySize, @@ -270,44 +240,10 @@ where } } -#[cfg(feature = "der")] -impl Signer> for SigningKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - Scalar: Invert>>, - SignatureSize: ArraySize, - der::MaxSize: ArraySize, - as Add>::Output: Add + ArraySize, -{ - fn try_sign(&self, msg: &[u8]) -> Result> { - Signer::>::try_sign(self, msg).map(Into::into) - } -} - -#[cfg(feature = "der")] -impl RandomizedDigestSigner> for SigningKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - D: Digest + FixedOutput, - Scalar: Invert>>, - SignatureSize: ArraySize, - der::MaxSize: ArraySize, - as Add>::Output: Add + ArraySize, -{ - fn try_sign_digest_with_rng( - &self, - rng: &mut R, - msg_digest: D, - ) -> Result> { - RandomizedDigestSigner::>::try_sign_digest_with_rng(self, rng, msg_digest) - .map(Into::into) - } -} - #[cfg(feature = "der")] impl RandomizedPrehashSigner> for SigningKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar: Invert>>, SignatureSize: ArraySize, der::MaxSize: ArraySize, @@ -323,24 +259,6 @@ where } } -#[cfg(feature = "der")] -impl RandomizedSigner> for SigningKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - Scalar: Invert>>, - SignatureSize: ArraySize, - der::MaxSize: ArraySize, - as Add>::Output: Add + ArraySize, -{ - fn try_sign_with_rng( - &self, - rng: &mut R, - msg: &[u8], - ) -> Result> { - RandomizedSigner::>::try_sign_with_rng(self, rng, msg).map(Into::into) - } -} - // // Other trait impls // diff --git a/ecdsa/src/verifying.rs b/ecdsa/src/verifying.rs index 8ea4485c..3f3fc0cc 100644 --- a/ecdsa/src/verifying.rs +++ b/ecdsa/src/verifying.rs @@ -2,7 +2,7 @@ use crate::{ EcdsaCurve, Error, Result, Signature, SignatureSize, - hazmat::{self, DigestPrimitive, bits2field}, + hazmat::{self, bits2field}, }; use core::{cmp::Ordering, fmt::Debug}; use elliptic_curve::{ @@ -13,7 +13,7 @@ use elliptic_curve::{ sec1::{self, CompressedPoint, EncodedPoint, FromEncodedPoint, ToEncodedPoint}, }; use signature::{ - DigestVerifier, Verifier, + DigestVerifier, digest::{Digest, FixedOutput}, hazmat::PrehashVerifier, }; @@ -42,9 +42,11 @@ use serdect::serde::{Deserialize, Serialize, de, ser}; #[cfg(feature = "sha2")] use { crate::{ - ECDSA_SHA224_OID, ECDSA_SHA256_OID, ECDSA_SHA384_OID, ECDSA_SHA512_OID, SignatureWithOid, + DigestAlgorithm, ECDSA_SHA224_OID, ECDSA_SHA256_OID, ECDSA_SHA384_OID, ECDSA_SHA512_OID, + SignatureWithOid, }, sha2::{Sha224, Sha256, Sha384, Sha512}, + signature::Verifier, }; #[cfg(all(feature = "alloc", feature = "pkcs8"))] @@ -172,20 +174,10 @@ where } } -impl Verifier> for VerifyingKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - SignatureSize: ArraySize, -{ - fn verify(&self, msg: &[u8], signature: &Signature) -> Result<()> { - self.verify_digest(C::Digest::new_with_prefix(msg), signature) - } -} - #[cfg(feature = "sha2")] impl Verifier> for VerifyingKey where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, + C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, SignatureSize: ArraySize, { fn verify(&self, msg: &[u8], sig: &SignatureWithOid) -> Result<()> { @@ -228,20 +220,6 @@ where } } -#[cfg(feature = "der")] -impl Verifier> for VerifyingKey -where - C: EcdsaCurve + CurveArithmetic + DigestPrimitive, - SignatureSize: ArraySize, - der::MaxSize: ArraySize, - as Add>::Output: Add + ArraySize, -{ - fn verify(&self, msg: &[u8], signature: &der::Signature) -> Result<()> { - let signature = Signature::::try_from(signature.clone())?; - Verifier::>::verify(self, msg, &signature) - } -} - // // Other trait impls // diff --git a/ed25519/Cargo.toml b/ed25519/Cargo.toml index 7ccacee7..22fbff5e 100644 --- a/ed25519/Cargo.toml +++ b/ed25519/Cargo.toml @@ -18,8 +18,8 @@ edition = "2024" rust-version = "1.85" [dependencies] -# TODO(tarcieri): relax requirement back to `2` before next release -signature = { version = "=2.3.0-pre.7", default-features = false } +# TODO(tarcieri): relax requirement back to `3` before next release +signature = { version = "=3.0.0-pre", default-features = false } # optional dependencies pkcs8 = { version = "0.11.0-rc.2", optional = true } diff --git a/ed448/Cargo.toml b/ed448/Cargo.toml index ea149311..eded8ffd 100644 --- a/ed448/Cargo.toml +++ b/ed448/Cargo.toml @@ -18,8 +18,8 @@ keywords = ["crypto", "curve448", "ecc", "signature", "signing"] rust-version = "1.85" [dependencies] -# TODO(tarcieri): relax requirement back to `2` before next release -signature = { version = "=2.3.0-pre.7", default-features = false } +# TODO(tarcieri): relax requirement back to `3` before next release +signature = { version = "=3.0.0-pre", default-features = false } # optional dependencies pkcs8 = { version = "0.11.0-rc.1", optional = true } diff --git a/lms/Cargo.toml b/lms/Cargo.toml index e031b9de..2ad373e2 100644 --- a/lms/Cargo.toml +++ b/lms/Cargo.toml @@ -18,7 +18,7 @@ rand = "0.9.0" sha2 = "=0.11.0-pre.5" static_assertions = "1.1.0" rand_core = "0.9.0" -signature = { version = "=2.3.0-pre.7", features = ["digest", "std", "rand_core"] } +signature = { version = "=3.0.0-pre", features = ["digest", "std", "rand_core"] } typenum = { version = "1.17.0", features = ["const-generics"] } zeroize = "1.8.1" diff --git a/slh-dsa/Cargo.toml b/slh-dsa/Cargo.toml index aea57a48..fb308eca 100644 --- a/slh-dsa/Cargo.toml +++ b/slh-dsa/Cargo.toml @@ -21,7 +21,7 @@ typenum = { version = "1.17.0", features = ["const-generics"] } sha3 = { version = "=0.11.0-pre.5", default-features = false } zerocopy = { version = "0.7.34", features = ["derive"] } rand_core = { version = "0.9.2" } -signature = { version = "=2.3.0-pre.7", features = ["rand_core"] } +signature = { version = "=3.0.0-pre", features = ["rand_core"] } hmac = "=0.13.0-pre.5" sha2 = { version = "=0.11.0-pre.5", default-features = false } digest = "=0.11.0-pre.10"