diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:47:55 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:47:55 +0000 |
| commit | 2aadc03ef15cb5ca5cc2af8a7c08e070742f0ac4 (patch) | |
| tree | 033cc839730fda84ff08db877037977be94e5e3a /vendor/signature/src/verifier.rs | |
| parent | Initial commit. (diff) | |
| download | cargo-2aadc03ef15cb5ca5cc2af8a7c08e070742f0ac4.tar.xz cargo-2aadc03ef15cb5ca5cc2af8a7c08e070742f0ac4.zip | |
Adding upstream version 0.70.1+ds1.upstream/0.70.1+ds1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'vendor/signature/src/verifier.rs')
| -rw-r--r-- | vendor/signature/src/verifier.rs | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/vendor/signature/src/verifier.rs b/vendor/signature/src/verifier.rs new file mode 100644 index 0000000..65409a9 --- /dev/null +++ b/vendor/signature/src/verifier.rs @@ -0,0 +1,41 @@ +//! Trait for verifying digital signatures + +use crate::error::Error; + +#[cfg(feature = "digest")] +use crate::digest::Digest; + +/// Verify the provided message bytestring using `Self` (e.g. a public key) +pub trait Verifier<S> { + /// Use `Self` to verify that the provided signature for a given message + /// bytestring is authentic. + /// + /// Returns `Error` if it is inauthentic, or otherwise returns `()`. + fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error>; +} + +/// Verify the provided signature for the given prehashed message [`Digest`] +/// is authentic. +/// +/// ## Notes +/// +/// This trait is primarily intended for signature algorithms based on the +/// [Fiat-Shamir heuristic], a method for converting an interactive +/// challenge/response-based proof-of-knowledge protocol into an offline +/// digital signature through the use of a random oracle, i.e. a digest +/// function. +/// +/// The security of such protocols critically rests upon the inability of +/// an attacker to solve for the output of the random oracle, as generally +/// otherwise such signature algorithms are a system of linear equations and +/// therefore doing so would allow the attacker to trivially forge signatures. +/// +/// To prevent misuse which would potentially allow this to be possible, this +/// API accepts a [`Digest`] instance, rather than a raw digest value. +/// +/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic +#[cfg(feature = "digest")] +pub trait DigestVerifier<D: Digest, S> { + /// Verify the signature against the given [`Digest`] output. + fn verify_digest(&self, digest: D, signature: &S) -> Result<(), Error>; +} |