Adding upstream version 0.70.1+ds1.upstream/0.70.1+ds1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

18 files changed, 1309 insertions, 0 deletions

diff --git a/vendor/signature/.cargo-checksum.json b/vendor/signature/.cargo-checksum.json
new file mode 100644
index 0000000..4f8591c
--- /dev/null
+++ b/vendor/signature/.cargo-checksum.json
@@ -0,0 +1 @@
+{"files":{},"package":"5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500"}
\ No newline at end of file
diff --git a/vendor/signature/CHANGELOG.md b/vendor/signature/CHANGELOG.md
new file mode 100644
index 0000000..4f999de
--- /dev/null
+++ b/vendor/signature/CHANGELOG.md
@@ -0,0 +1,237 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## 2.1.0 (2023-04-01)
+### Added
+- `SignatureEncoding::encoded_len` ([#1283])
+
+[#1283]: https://github.com/RustCrypto/traits/pull/1283
+
+## 2.0.0 (2023-01-15)
+### Added
+- `SignatureEncoding` trait as a replacement for `Signature` trait and the
+  now removed `AsRef<[u8]>` bound on signatures ([#1141])
+- New `Keypair` trait which returns owned keys instead of borrowed ([#1141])
+
+### Changed
+- `derive-preview` has been renamed to `derive` and stabilized ([#1141])
+- `digest-preview` renamed to `digest`, still unstable ([#1210])
+- `hazmat-preview` feature stabilized and removed, always on ([#1141])
+- `rand-preview` renamed to `rand_core`, still unstable ([#1210])
+- `std` feature is no longer enabled by default ([#1141])
+- Old `Keypair` trait renamed to `KeypairRef` ([#1141])
+- Signature generic parameter removed from `Keypair`/`KeypairRef` ([#1141])
+- Use `&mut impl CryptoRngCore` RNG arguments ([#1147])
+
+### Removed
+- `Signature` trait - replaced by `SignatureEncoding` ([#1141])
+- `hazmat-preview` feature, now always on ([#1141])
+
+[#1141]: https://github.com/RustCrypto/traits/pull/1141
+[#1147]: https://github.com/RustCrypto/traits/pull/1147
+[#1210]: https://github.com/RustCrypto/traits/pull/1141
+
+## 1.6.4 (2022-10-06)
+### Added
+- `RandomizedPrehashSigner` trait in `hazmat` module ([#1130])
+
+[#1130]: https://github.com/RustCrypto/traits/pull/1130
+
+## 1.6.3 (2022-09-16)
+### Changed
+- Bump `signature_derive` to v1.0.0-pre.7 ([#1119])
+
+[#1119]: https://github.com/RustCrypto/traits/pull/1119
+
+## 1.6.2 (2022-09-15)
+### Changed
+- Relax `Keypair` type bounds ([#1107])
+
+[#1107]: https://github.com/RustCrypto/traits/pull/1107
+
+## 1.6.1 (2022-09-12) [YANKED]
+### Added
+- `hazmat-preview` feature with `PrehashSigner`/`PrehashVerifier` traits ([#1099])
+
+### Changed
+- Bump `signature_derive` to v1.0.0-pre.6 ([#1104])
+
+[#1099]: https://github.com/RustCrypto/traits/pull/1099
+[#1104]: https://github.com/RustCrypto/traits/pull/1104
+
+## 1.6.0 (2022-08-14) [YANKED]
+### Added
+- `Keypair` trait ([#1080])
+
+### Changed
+- Rust 2021 edition upgrade; MSRV 1.56 ([#1081])
+- Bump `signature_derive` dependency to v1.0.0-pre.5 ([#1082])
+- Bump `hex-literal` dependency to v0.3 ([#1083])
+
+[#1080]: https://github.com/RustCrypto/traits/pull/1080
+[#1081]: https://github.com/RustCrypto/traits/pull/1081
+[#1082]: https://github.com/RustCrypto/traits/pull/1082
+[#1083]: https://github.com/RustCrypto/traits/pull/1083
+
+## 1.5.0 (2022-01-04)
+### Changed
+- Bump `digest` dependency to v0.10 ([#850])
+- Bump `signature-derive` dependency to v1.0.0-pre.4 ([#866])
+
+[#850]: https://github.com/RustCrypto/traits/pull/850
+[#866]: https://github.com/RustCrypto/traits/pull/866
+
+## 1.4.0 (2021-10-20)
+### Added
+- Re-export `rand_core` when the `rand-preview` feature is enabled ([#683])
+- `SignerMut` trait ([#734])
+
+### Fixed
+- Show error source in `Display` impl ([#791])
+
+[#683]: https://github.com/RustCrypto/traits/pull/683
+[#734]: https://github.com/RustCrypto/traits/pull/734
+[#791]: https://github.com/RustCrypto/traits/pull/791
+
+## 1.3.2 (2021-10-21)
+### Fixed
+- Backport changes from [#791] to the 1.3.x series.
+
+## 1.3.1 (2021-06-29)
+### Added
+- `Result` alias ([#676])
+
+[#676]: https://github.com/RustCrypto/traits/pull/676
+
+## 1.3.0 (2021-01-06)
+### Changed
+- Bump `rand_core` to v0.6 ([#457])
+- Bump `signature-derive` v1.0.0-pre.3 ([#459])
+
+[#457]: https://github.com/RustCrypto/traits/pull/457
+[#459]: https://github.com/RustCrypto/traits/pull/459
+
+## 1.2.2 (2020-07-29)
+### Added
+- `RandomizedDigestSigner` ([#235])
+
+[#235]: https://github.com/RustCrypto/traits/pull/235
+
+## 1.2.1 (2020-07-29)
+### Removed
+- RNG generic parameter `R` from `RandomizedSigner` ([#231])
+
+[#231]: https://github.com/RustCrypto/traits/pull/231
+
+## 1.2.0 (2020-07-29) [YANKED]
+- Note: this release was published without the intended changes
+
+## 1.1.0 (2020-06-09)
+### Changed
+- Upgrade `digest` to v0.9; MSRV 1.41+ ([#186])
+
+[#186]: https://github.com/RustCrypto/traits/pull/186
+
+## 1.0.1 (2020-04-19)
+### Changed
+- Upgrade `signature_derive` to v1.0.0-pre.2 ([#98])
+
+[#98]: https://github.com/RustCrypto/traits/pull/98
+
+## 1.0.0 (2020-04-18)
+
+Initial 1.0 release! 🎉
+
+### Changed
+- Rename `DigestSignature` => `PrehashSignature` ([#96])
+
+[#96]: https://github.com/RustCrypto/traits/pull/96
+
+## 1.0.0-pre.5 (2020-03-16)
+### Changed
+- Improve `Debug` impl on `Error` ([#89])
+- Rename `Signature::as_slice` -> `as_bytes` ([#87])
+
+[#89]: https://github.com/RustCrypto/traits/pull/89
+[#87]: https://github.com/RustCrypto/traits/pull/87
+
+## 1.0.0-pre.4 (2020-03-15)
+### Added
+- Mark preview features as unstable in `Cargo.toml` ([#82])
+
+### Changed
+- Have `Signature::from_bytes` take a byte slice ([#84])
+- Ensure `Error::new()` is mandatory ([#83])
+
+### Removed
+- `BoxError` type alias ([#81])
+
+[#84]: https://github.com/RustCrypto/traits/pull/84
+[#83]: https://github.com/RustCrypto/traits/pull/83
+[#82]: https://github.com/RustCrypto/traits/pull/82
+[#81]: https://github.com/RustCrypto/traits/pull/81
+
+## 1.0.0-pre.3 (2020-03-08)
+### Fixed
+- docs.rs rendering ([#76])
+
+[#76]: https://github.com/RustCrypto/traits/pull/76
+
+## 1.0.0-pre.2 (2020-03-08)
+### Added
+- `RandomizedSigner` trait ([#73])
+- Design documentation ([#72])
+
+### Changed
+- Error cleanups ([#74])
+- Crate moved to `RustCrypto/traits` ([#71])
+
+[#74]: https://github.com/RustCrypto/traits/pull/74
+[#73]: https://github.com/RustCrypto/traits/pull/73
+[#72]: https://github.com/RustCrypto/traits/pull/72
+[#71]: https://github.com/RustCrypto/traits/pull/71
+
+## 1.0.0-pre.1 (2019-10-27)
+### Changed
+- Use `Error::source` instead of `::cause` ([RustCrypto/signatures#37])
+
+### Removed
+- Remove `alloc` feature; MSRV 1.34+ ([RustCrypto/signatures#38])
+
+[RustCrypto/signatures#38]: https://github.com/RustCrypto/signatures/pull/38
+[RustCrypto/signatures#37]: https://github.com/RustCrypto/signatures/pull/37
+
+## 1.0.0-pre.0 (2019-10-11)
+### Changed
+- Revert removal of `DigestSignature` ([RustCrypto/signatures#33])
+- 1.0 stabilization proposal ([RustCrypto/signatures#32])
+
+[RustCrypto/signatures#33]: https://github.com/RustCrypto/signatures/pull/33
+[RustCrypto/signatures#32]: https://github.com/RustCrypto/signatures/pull/32
+
+## 0.3.0 (2019-10-10)
+### Changed
+- Simplify alloc gating; MSRV 1.36+ ([RustCrypto/signatures#28])
+- Replace `DigestSignature` trait with `#[digest(...)]` attribute ([RustCrypto/signatures#27])
+- signature_derive: Upgrade to 1.x proc macro crates ([RustCrypto/signatures#26])
+
+[RustCrypto/signatures#28]: https://github.com/RustCrypto/signatures/pull/28
+[RustCrypto/signatures#27]: https://github.com/RustCrypto/signatures/pull/27
+[RustCrypto/signatures#26]: https://github.com/RustCrypto/signatures/pull/27
+
+## 0.2.0 (2019-06-06)
+### Added
+- `signature_derive`: Custom derive support for `Signer`/`Verifier` ([RustCrypto/signatures#18])
+
+### Changed
+- Have `DigestSigner`/`DigestVerifier` take `Digest` instance ([RustCrypto/signatures#17])
+
+[RustCrypto/signatures#18]: https://github.com/RustCrypto/signatures/pull/18
+[RustCrypto/signatures#17]: https://github.com/RustCrypto/signatures/pull/17
+
+## 0.1.0 (2019-05-25)
+
+- Initial release
diff --git a/vendor/signature/Cargo.toml b/vendor/signature/Cargo.toml
new file mode 100644
index 0000000..056c2cf
--- /dev/null
+++ b/vendor/signature/Cargo.toml
@@ -0,0 +1,66 @@
+# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
+#
+# When uploading crates to the registry Cargo will automatically
+# "normalize" Cargo.toml files for maximal compatibility
+# with all versions of Cargo and also rewrite `path` dependencies
+# to registry (e.g., crates.io) dependencies.
+#
+# If you are reading this file be aware that the original Cargo.toml
+# will likely look very different (and much more reasonable).
+# See Cargo.toml.orig for the original contents.
+
+[package]
+edition = "2021"
+rust-version = "1.56"
+name = "signature"
+version = "2.1.0"
+authors = ["RustCrypto Developers"]
+description = "Traits for cryptographic signature algorithms (e.g. ECDSA, Ed25519)"
+documentation = "https://docs.rs/signature"
+readme = "README.md"
+keywords = [
+    "crypto",
+    "ecdsa",
+    "ed25519",
+    "signature",
+    "signing",
+]
+categories = [
+    "cryptography",
+    "no-std",
+]
+license = "Apache-2.0 OR MIT"
+repository = "https://github.com/RustCrypto/traits/tree/master/signature"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = [
+    "--cfg",
+    "docsrs",
+]
+
+[dependencies.derive]
+version = "2"
+optional = true
+package = "signature_derive"
+
+[dependencies.digest]
+version = "0.10.6"
+optional = true
+default-features = false
+
+[dependencies.rand_core]
+version = "0.6"
+optional = true
+default-features = false
+
+[dev-dependencies.hex-literal]
+version = "0.4"
+
+[dev-dependencies.sha2]
+version = "0.10"
+default-features = false
+
+[features]
+alloc = []
+std = ["alloc"]
diff --git a/vendor/signature/LICENSE-APACHE b/vendor/signature/LICENSE-APACHE
new file mode 100644
index 0000000..78173fa
--- /dev/null
+++ b/vendor/signature/LICENSE-APACHE
@@ -0,0 +1,201 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/vendor/signature/LICENSE-MIT b/vendor/signature/LICENSE-MIT
new file mode 100644
index 0000000..d8d87fe
--- /dev/null
+++ b/vendor/signature/LICENSE-MIT
@@ -0,0 +1,25 @@
+Copyright (c) 2018-2023 RustCrypto Developers
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
diff --git a/vendor/signature/README.md b/vendor/signature/README.md
new file mode 100644
index 0000000..6f205d6
--- /dev/null
+++ b/vendor/signature/README.md
@@ -0,0 +1,71 @@
+# [RustCrypto]: Digital Signature Algorithms
+
+[![crate][crate-image]][crate-link]
+[![Docs][docs-image]][docs-link]
+[![Build Status][build-image]][build-link]
+![Apache2/MIT licensed][license-image]
+![Rust Version][rustc-image]
+[![Project Chat][chat-image]][chat-link]
+
+This crate contains traits which provide generic, object-safe APIs for
+generating and verifying [digital signatures].
+
+Used by the [`dsa`], [`ecdsa`], [`ed25519`], and [`rsa`] crates maintained by
+the [RustCrypto] organization, as well as [`ed25519-dalek`].
+
+[Documentation][docs-link]
+
+## Minimum Supported Rust Version
+
+Rust **1.56** or higher.
+
+Minimum supported Rust version can be changed in the future, but it will be
+done with a minor version bump.
+
+## SemVer Policy
+
+- All on-by-default features of this library are covered by SemVer
+- MSRV is considered exempt from SemVer as noted above
+- The `derive` feature is stable and covered by SemVer
+- The off-by-default features `digest` and `rand_core` are unstable features 
+  which are also considered exempt from SemVer as they correspond to pre-1.0
+  crates which are still subject to changes. Breaking changes to these features
+  will, like MSRV, be done with a minor version bump.
+
+## License
+
+Licensed under either of
+
+ * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
+ * [MIT license](http://opensource.org/licenses/MIT)
+
+at your option.
+
+### Contribution
+
+Unless you explicitly state otherwise, any contribution intentionally submitted
+for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
+dual licensed as above, without any additional terms or conditions.
+
+[//]: # (badges)
+
+[crate-image]:  https://buildstats.info/crate/signature
+[crate-link]: https://crates.io/crates/signature
+[docs-image]: https://docs.rs/signature/badge.svg
+[docs-link]: https://docs.rs/signature/
+[build-image]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml/badge.svg
+[build-link]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml
+[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
+[rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
+[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
+[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260048-signatures
+
+[//]: # (links)
+
+[RustCrypto]: https://github.com/RustCrypto/
+[digital signatures]: https://en.wikipedia.org/wiki/Digital_signature
+[`dsa`]: https://github.com/RustCrypto/signatures/tree/master/dsa
+[`ecdsa`]: https://github.com/RustCrypto/signatures/tree/master/ecdsa
+[`ed25519`]: https://github.com/RustCrypto/signatures/tree/master/ed25519
+[`ed25519-dalek`]: https://github.com/dalek-cryptography/ed25519-dalek
+[`rsa`]: https://github.com/RustCrypto/RSA
diff --git a/vendor/signature/debian/patches/fix-unit-tests.patch b/vendor/signature/debian/patches/fix-unit-tests.patch
new file mode 100644
index 0000000..7b1a990
--- /dev/null
+++ b/vendor/signature/debian/patches/fix-unit-tests.patch
@@ -0,0 +1,12 @@
+diff --git a/tests/derive.rs b/tests/derive.rs
+index 70e2dc0..0abd982 100644
+--- a/tests/derive.rs
++++ b/tests/derive.rs
+@@ -1,6 +1,6 @@
+ //! Tests for code generated by `signature_derive`
+ 
+-#![cfg(feature = "derive")]
++#![cfg(all(feature = "derive", feature = "digest"))]
+ 
+ use digest::{generic_array::GenericArray, Digest, OutputSizeUser};
+ use hex_literal::hex;
diff --git a/vendor/signature/debian/patches/relax-deps.patch b/vendor/signature/debian/patches/relax-deps.patch
new file mode 100644
index 0000000..071c253
--- /dev/null
+++ b/vendor/signature/debian/patches/relax-deps.patch
@@ -0,0 +1,19 @@
+diff --git a/Cargo.toml b/Cargo.toml
+index 2d23915..056c2cf 100644
+--- a/Cargo.toml
++++ b/Cargo.toml
+@@ -50,12 +50,12 @@ optional = true
+ default-features = false
+ 
+ [dependencies.rand_core]
+-version = "0.6.4"
++version = "0.6"
+ optional = true
+ default-features = false
+ 
+ [dev-dependencies.hex-literal]
+-version = "0.3"
++version = "0.4"
+ 
+ [dev-dependencies.sha2]
+ version = "0.10"
diff --git a/vendor/signature/debian/patches/series b/vendor/signature/debian/patches/series
new file mode 100644
index 0000000..80e451b
--- /dev/null
+++ b/vendor/signature/debian/patches/series
@@ -0,0 +1,2 @@
+relax-deps.patch
+fix-unit-tests.patch
diff --git a/vendor/signature/src/encoding.rs b/vendor/signature/src/encoding.rs
new file mode 100644
index 0000000..8bc475b
--- /dev/null
+++ b/vendor/signature/src/encoding.rs
@@ -0,0 +1,31 @@
+//! Encoding support.
+
+#[cfg(feature = "alloc")]
+use alloc::vec::Vec;
+
+/// Support for decoding/encoding signatures as bytes.
+pub trait SignatureEncoding:
+    Clone + Sized + for<'a> TryFrom<&'a [u8]> + TryInto<Self::Repr>
+{
+    /// Byte representation of a signature.
+    type Repr: 'static + AsRef<[u8]> + Clone + Send + Sync;
+
+    /// Encode signature as its byte representation.
+    fn to_bytes(&self) -> Self::Repr {
+        self.clone()
+            .try_into()
+            .ok()
+            .expect("signature encoding error")
+    }
+
+    /// Encode signature as a byte vector.
+    #[cfg(feature = "alloc")]
+    fn to_vec(&self) -> Vec<u8> {
+        self.to_bytes().as_ref().to_vec()
+    }
+
+    /// Get the length of this signature when encoded.
+    fn encoded_len(&self) -> usize {
+        self.to_bytes().as_ref().len()
+    }
+}
diff --git a/vendor/signature/src/error.rs b/vendor/signature/src/error.rs
new file mode 100644
index 0000000..1bfaf33
--- /dev/null
+++ b/vendor/signature/src/error.rs
@@ -0,0 +1,103 @@
+//! Signature error types
+
+use core::fmt::{self, Debug, Display};
+
+#[cfg(feature = "std")]
+use std::boxed::Box;
+
+/// Result type.
+///
+/// A result with the `signature` crate's [`Error`] type.
+pub type Result<T> = core::result::Result<T, Error>;
+
+/// Signature errors.
+///
+/// This type is deliberately opaque as to avoid sidechannel leakage which
+/// could potentially be used recover signing private keys or forge signatures
+/// (e.g. [BB'06]).
+///
+/// When the `std` feature is enabled, it impls [`std::error::Error`] and
+/// supports an optional [`std::error::Error::source`], which can be used by
+/// things like remote signers (e.g. HSM, KMS) to report I/O or auth errors.
+///
+/// [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher
+#[derive(Default)]
+#[non_exhaustive]
+pub struct Error {
+    /// Source of the error (if applicable).
+    #[cfg(feature = "std")]
+    source: Option<Box<dyn std::error::Error + Send + Sync + 'static>>,
+}
+
+impl Error {
+    /// Create a new error with no associated source
+    pub fn new() -> Self {
+        Self::default()
+    }
+
+    /// Create a new error with an associated source.
+    ///
+    /// **NOTE:** The "source" should **NOT** be used to propagate cryptographic
+    /// errors e.g. signature parsing or verification errors. The intended use
+    /// cases are for propagating errors related to external signers, e.g.
+    /// communication/authentication errors with HSMs, KMS, etc.
+    #[cfg(feature = "std")]
+    pub fn from_source(
+        source: impl Into<Box<dyn std::error::Error + Send + Sync + 'static>>,
+    ) -> Self {
+        Self {
+            source: Some(source.into()),
+        }
+    }
+}
+
+impl Debug for Error {
+    #[cfg(not(feature = "std"))]
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature::Error {}")
+    }
+
+    #[cfg(feature = "std")]
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature::Error { source: ")?;
+
+        if let Some(source) = &self.source {
+            write!(f, "Some({})", source)?;
+        } else {
+            f.write_str("None")?;
+        }
+
+        f.write_str(" }")
+    }
+}
+
+impl Display for Error {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature error")?;
+
+        #[cfg(feature = "std")]
+        {
+            if let Some(source) = &self.source {
+                write!(f, ": {}", source)?;
+            }
+        }
+
+        Ok(())
+    }
+}
+
+#[cfg(feature = "std")]
+impl From<Box<dyn std::error::Error + Send + Sync + 'static>> for Error {
+    fn from(source: Box<dyn std::error::Error + Send + Sync + 'static>) -> Error {
+        Self::from_source(source)
+    }
+}
+
+#[cfg(feature = "std")]
+impl std::error::Error for Error {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        self.source
+            .as_ref()
+            .map(|source| source.as_ref() as &(dyn std::error::Error + 'static))
+    }
+}
diff --git a/vendor/signature/src/hazmat.rs b/vendor/signature/src/hazmat.rs
new file mode 100644
index 0000000..d2f3e95
--- /dev/null
+++ b/vendor/signature/src/hazmat.rs
@@ -0,0 +1,70 @@
+//! Hazardous Materials: low-level APIs which can be insecure if misused.
+//!
+//! The traits in this module are not generally recommended, and should only be
+//! used in special cases where they are specifically needed.
+//!
+//! Using them incorrectly can introduce security vulnerabilities. Please
+//! carefully read the documentation before attempting to use them.
+
+use crate::Error;
+
+#[cfg(feature = "rand_core")]
+use crate::rand_core::CryptoRngCore;
+
+/// Sign the provided message prehash, returning a digital signature.
+pub trait PrehashSigner<S> {
+    /// Attempt to sign the given message digest, returning a digital signature
+    /// on success, or an error if something went wrong.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// This API takes a `prehash` byte slice as there can potentially be many
+    /// compatible lengths for the message digest for a given concrete signature
+    /// algorithm.
+    ///
+    /// Allowed lengths are algorithm-dependent and up to a particular
+    /// implementation to decide.
+    fn sign_prehash(&self, prehash: &[u8]) -> Result<S, Error>;
+}
+
+/// Sign the provided message prehash using the provided external randomness source, returning a digital signature.
+#[cfg(feature = "rand_core")]
+pub trait RandomizedPrehashSigner<S> {
+    /// Attempt to sign the given message digest, returning a digital signature
+    /// on success, or an error if something went wrong.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// This API takes a `prehash` byte slice as there can potentially be many
+    /// compatible lengths for the message digest for a given concrete signature
+    /// algorithm.
+    ///
+    /// Allowed lengths are algorithm-dependent and up to a particular
+    /// implementation to decide.
+    fn sign_prehash_with_rng(
+        &self,
+        rng: &mut impl CryptoRngCore,
+        prehash: &[u8],
+    ) -> Result<S, Error>;
+}
+
+/// Verify the provided message prehash using `Self` (e.g. a public key)
+pub trait PrehashVerifier<S> {
+    /// Use `Self` to verify that the provided signature for a given message
+    /// `prehash` is authentic.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// Returns `Error` if it is inauthentic or some other error occurred, or
+    /// otherwise returns `Ok(())`.
+    ///
+    /// # ⚠️ Security Warning
+    ///
+    /// If `prehash` is something other than the output of a cryptographically
+    /// secure hash function, an attacker can potentially forge signatures by
+    /// solving a system of linear equations.
+    fn verify_prehash(&self, prehash: &[u8], signature: &S) -> Result<(), Error>;
+}
diff --git a/vendor/signature/src/keypair.rs b/vendor/signature/src/keypair.rs
new file mode 100644
index 0000000..d4795f2
--- /dev/null
+++ b/vendor/signature/src/keypair.rs
@@ -0,0 +1,29 @@
+//! Signing keypairs.
+
+/// Signing keypair with an associated verifying key.
+///
+/// This represents a type which holds both a signing key and a verifying key.
+pub trait Keypair {
+    /// Verifying key type for this keypair.
+    type VerifyingKey: Clone;
+
+    /// Get the verifying key which can verify signatures produced by the
+    /// signing key portion of this keypair.
+    fn verifying_key(&self) -> Self::VerifyingKey;
+}
+
+/// Signing keypair with an associated verifying key.
+///
+/// This represents a type which holds both a signing key and a verifying key.
+pub trait KeypairRef: AsRef<Self::VerifyingKey> {
+    /// Verifying key type for this keypair.
+    type VerifyingKey: Clone;
+}
+
+impl<K: KeypairRef> Keypair for K {
+    type VerifyingKey = <Self as KeypairRef>::VerifyingKey;
+
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        self.as_ref().clone()
+    }
+}
diff --git a/vendor/signature/src/lib.rs b/vendor/signature/src/lib.rs
new file mode 100644
index 0000000..ba1feb4
--- /dev/null
+++ b/vendor/signature/src/lib.rs
@@ -0,0 +1,168 @@
+#![no_std]
+#![doc = include_str!("../README.md")]
+#![doc(
+    html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg",
+    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg"
+)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+#![forbid(unsafe_code)]
+#![warn(
+    clippy::mod_module_files,
+    clippy::unwrap_used,
+    missing_docs,
+    rust_2018_idioms,
+    unused_lifetimes,
+    unused_qualifications
+)]
+
+//! # Design
+//!
+//! This crate provides a common set of traits for signing and verifying
+//! digital signatures intended to be implemented by libraries which produce
+//! or contain implementations of digital signature algorithms, and used by
+//! libraries which want to produce or verify digital signatures while
+//! generically supporting any compatible backend.
+//!
+//! ## Goals
+//!
+//! The traits provided by this crate were designed with the following goals
+//! in mind:
+//!
+//! - Provide an easy-to-use, misuse resistant API optimized for consumers
+//!   (as opposed to implementers) of its traits.
+//! - Support common type-safe wrappers around "bag-of-bytes" representations
+//!   which can be directly parsed from or written to the "wire".
+//! - Expose a trait/object-safe API where signers/verifiers spanning multiple
+//!   homogeneous provider implementations can be seamlessly leveraged together
+//!   in the same logical "keyring" so long as they operate on the same
+//!   underlying signature type.
+//! - Allow one provider type to potentially implement support (including
+//!   being generic over) several signature types.
+//! - Keep signature algorithm customizations / "knobs" out-of-band from the
+//!   signing/verification APIs, ideally pushing such concerns into the type
+//!   system so that algorithm mismatches are caught as type errors.
+//! - Opaque error type which minimizes information leaked from cryptographic
+//!   failures, as "rich" error types in these scenarios are often a source
+//!   of sidechannel information for attackers (e.g. [BB'06])
+//!
+//! [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher
+//!
+//! ## Implementation
+//!
+//! To accomplish the above goals, the [`Signer`] and [`Verifier`] traits
+//! provided by this are generic over a signature value, and use generic
+//! parameters rather than associated types. Notably, they use such a parameter
+//! for the return value, allowing it to be inferred by the type checker based
+//! on the desired signature type.
+//!
+//! ## Alternatives considered
+//!
+//! This crate is based on many years of exploration of how to encapsulate
+//! digital signature systems in the most flexible, developer-friendly way.
+//! During that time many design alternatives were explored, tradeoffs
+//! compared, and ultimately the provided API was selected.
+//!
+//! The tradeoffs made in this API have all been to improve simplicity,
+//! ergonomics, type safety, and flexibility for *consumers* of the traits.
+//! At times, this has come at a cost to implementers. Below are some concerns
+//! we are cognizant of which were considered in the design of the API:
+//!
+//! - "Bag-of-bytes" serialization precludes signature providers from using
+//!   their own internal representation of a signature, which can be helpful
+//!   for many reasons (e.g. advanced signature system features like batch
+//!   verification).
+//! - Associated types, rather than generic parameters of traits, could allow
+//!   more customization of the types used by a particular signature system,
+//!   e.g. using custom error types.
+//!
+//! It may still make sense to continue to explore the above tradeoffs, but
+//! with a *new* set of traits which are intended to be implementor-friendly,
+//! rather than consumer friendly. The existing [`Signer`] and [`Verifier`]
+//! traits could have blanket impls for the "provider-friendly" traits.
+//! However, as noted above this is a design space easily explored after
+//! stabilizing the consumer-oriented traits, and thus we consider these
+//! more important.
+//!
+//! That said, below are some caveats of trying to design such traits, and
+//! why we haven't actively pursued them:
+//!
+//! - Generics in the return position are already used to select which trait
+//!   impl to use, i.e. for a particular signature algorithm/system. Avoiding
+//!   a unified, concrete signature type adds another dimension to complexity
+//!   and compiler errors, and in our experience makes them unsuitable for this
+//!   sort of API. We believe such an API is the natural one for signature
+//!   systems, reflecting the natural way they are written absent a trait.
+//! - Associated types preclude multiple (or generic) implementations of the
+//!   same trait. These parameters are common in signature systems, notably
+//!   ones which support different digest algorithms.
+//! - Digital signatures are almost always larger than the present 32-entry
+//!   trait impl limitation on array types, which complicates trait signatures
+//!   for these types (particularly things like `From` or `Borrow` bounds).
+//!   This may be more interesting to explore after const generics.
+//!
+//! ## Unstable features
+//!
+//! Despite being post-1.0, this crate includes off-by-default unstable
+//! optional features, each of which depends on a pre-1.0
+//! crate.
+//!
+//! These features are considered exempt from SemVer. See the
+//! [SemVer policy](#semver-policy) above for more information.
+//!
+//! The following unstable features are presently supported:
+//!
+//! - `derive`: for implementers of signature systems using [`DigestSigner`]
+//!   and [`DigestVerifier`], the `derive` feature can be used to
+//!   derive [`Signer`] and [`Verifier`] traits which prehash the input
+//!   message using the [`PrehashSignature::Digest`] algorithm for
+//!   a given signature type. When the `derive` feature is enabled
+//!   import the proc macros with `use signature::{Signer, Verifier}` and then
+//!   add a `derive(Signer)` or `derive(Verifier)` attribute to the given
+//!   digest signer/verifier type. Enabling this feature also enables `digest`
+//!   support (see immediately below).
+//! - `digest`: enables the [`DigestSigner`] and [`DigestVerifier`]
+//!   traits which are based on the [`Digest`] trait from the [`digest`] crate.
+//!   These traits are used for representing signature systems based on the
+//!   [Fiat-Shamir heuristic] which compute a random challenge value to sign
+//!   by computing a cryptographically secure digest of the input message.
+//! - `rand_core`: enables the [`RandomizedSigner`] trait for signature
+//!   systems which rely on a cryptographically secure random number generator
+//!   for security.
+//!
+//! NOTE: the [`async-signature`] crate contains experimental `async` support
+//! for [`Signer`] and [`DigestSigner`].
+//!
+//! [`async-signature`]: https://docs.rs/async-signature
+//! [`digest`]: https://docs.rs/digest/
+//! [`Digest`]: https://docs.rs/digest/latest/digest/trait.Digest.html
+//! [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+
+#[cfg(feature = "alloc")]
+extern crate alloc;
+#[cfg(feature = "std")]
+extern crate std;
+
+pub mod hazmat;
+
+mod encoding;
+mod error;
+mod keypair;
+mod signer;
+mod verifier;
+
+#[cfg(feature = "digest")]
+mod prehash_signature;
+
+pub use crate::{encoding::*, error::*, keypair::*, signer::*, verifier::*};
+
+#[cfg(feature = "derive")]
+pub use derive::{Signer, Verifier};
+
+#[cfg(all(feature = "derive", feature = "digest"))]
+pub use derive::{DigestSigner, DigestVerifier};
+
+#[cfg(feature = "digest")]
+pub use {crate::prehash_signature::*, digest};
+
+#[cfg(feature = "rand_core")]
+pub use rand_core;
diff --git a/vendor/signature/src/prehash_signature.rs b/vendor/signature/src/prehash_signature.rs
new file mode 100644
index 0000000..d9a8645
--- /dev/null
+++ b/vendor/signature/src/prehash_signature.rs
@@ -0,0 +1,31 @@
+//! `PrehashSignature` trait.
+
+/// For intra-doc link resolution.
+#[allow(unused_imports)]
+use crate::{
+    signer::{DigestSigner, Signer},
+    verifier::{DigestVerifier, Verifier},
+};
+
+/// Marker trait for `Signature` types computable as `𝐒(𝐇(𝒎))`
+/// i.e. ones which prehash a message to be signed as `𝐇(𝒎)`
+///
+/// Where:
+///
+/// - `𝐒`: signature algorithm
+/// - `𝐇`: hash (a.k.a. digest) function
+/// - `𝒎`: message
+///
+/// This approach is relatively common in signature schemes based on the
+/// [Fiat-Shamir heuristic].
+///
+/// For signature types that implement this trait, when the `derive` crate
+/// feature is enabled a custom derive for [`Signer`] is available for any
+/// types that impl [`DigestSigner`], and likewise for deriving [`Verifier`] for
+/// types which impl [`DigestVerifier`].
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+pub trait PrehashSignature {
+    /// Preferred `Digest` algorithm to use when computing this signature type.
+    type Digest: digest::Digest;
+}
diff --git a/vendor/signature/src/signer.rs b/vendor/signature/src/signer.rs
new file mode 100644
index 0000000..b339ddf
--- /dev/null
+++ b/vendor/signature/src/signer.rs
@@ -0,0 +1,118 @@
+//! Traits for generating digital signatures
+
+use crate::error::Error;
+
+#[cfg(feature = "digest")]
+use crate::digest::Digest;
+
+#[cfg(feature = "rand_core")]
+use crate::rand_core::CryptoRngCore;
+
+/// Sign the provided message bytestring using `Self` (e.g. a cryptographic key
+/// or connection to an HSM), returning a digital signature.
+pub trait Signer<S> {
+    /// Sign the given message and return a digital signature
+    fn sign(&self, msg: &[u8]) -> S {
+        self.try_sign(msg).expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, returning a digital signature on
+    /// success, or an error if something went wrong.
+    ///
+    /// The main intended use case for signing errors is when communicating
+    /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens.
+    fn try_sign(&self, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Sign the provided message bytestring using `&mut Self` (e.g. an evolving
+/// cryptographic key such as a stateful hash-based signature), returning a
+/// digital signature.
+pub trait SignerMut<S> {
+    /// Sign the given message, update the state, and return a digital signature.
+    fn sign(&mut self, msg: &[u8]) -> S {
+        self.try_sign(msg).expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, updating the state, and returning a
+    /// digital signature on success, or an error if something went wrong.
+    ///
+    /// Signing can fail, e.g., if the number of time periods allowed by the
+    /// current key is exceeded.
+    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Blanket impl of [`SignerMut`] for all [`Signer`] types.
+impl<S, T: Signer<S>> SignerMut<S> for T {
+    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error> {
+        T::try_sign(self, msg)
+    }
+}
+
+/// Sign the given prehashed message [`Digest`] using `Self`.
+///
+/// ## Notes
+///
+/// This trait is primarily intended for signature algorithms based on the
+/// [Fiat-Shamir heuristic], a method for converting an interactive
+/// challenge/response-based proof-of-knowledge protocol into an offline
+/// digital signature through the use of a random oracle, i.e. a digest
+/// function.
+///
+/// The security of such protocols critically rests upon the inability of
+/// an attacker to solve for the output of the random oracle, as generally
+/// otherwise such signature algorithms are a system of linear equations and
+/// therefore doing so would allow the attacker to trivially forge signatures.
+///
+/// To prevent misuse which would potentially allow this to be possible, this
+/// API accepts a [`Digest`] instance, rather than a raw digest value.
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+#[cfg(feature = "digest")]
+pub trait DigestSigner<D: Digest, S> {
+    /// Sign the given prehashed message [`Digest`], returning a signature.
+    ///
+    /// Panics in the event of a signing error.
+    fn sign_digest(&self, digest: D) -> S {
+        self.try_sign_digest(digest)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given prehashed message [`Digest`], returning a
+    /// digital signature on success, or an error if something went wrong.
+    fn try_sign_digest(&self, digest: D) -> Result<S, Error>;
+}
+
+/// Sign the given message using the provided external randomness source.
+#[cfg(feature = "rand_core")]
+pub trait RandomizedSigner<S> {
+    /// Sign the given message and return a digital signature
+    fn sign_with_rng(&self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> S {
+        self.try_sign_with_rng(rng, msg)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, returning a digital signature on
+    /// success, or an error if something went wrong.
+    ///
+    /// The main intended use case for signing errors is when communicating
+    /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens.
+    fn try_sign_with_rng(&self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Combination of [`DigestSigner`] and [`RandomizedSigner`] with support for
+/// computing a signature over a digest which requires entropy from an RNG.
+#[cfg(all(feature = "digest", feature = "rand_core"))]
+pub trait RandomizedDigestSigner<D: Digest, S> {
+    /// Sign the given prehashed message `Digest`, returning a signature.
+    ///
+    /// Panics in the event of a signing error.
+    fn sign_digest_with_rng(&self, rng: &mut impl CryptoRngCore, digest: D) -> S {
+        self.try_sign_digest_with_rng(rng, digest)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given prehashed message `Digest`, returning a
+    /// digital signature on success, or an error if something went wrong.
+    fn try_sign_digest_with_rng(&self, rng: &mut impl CryptoRngCore, digest: D)
+        -> Result<S, Error>;
+}
diff --git a/vendor/signature/src/verifier.rs b/vendor/signature/src/verifier.rs
new file mode 100644
index 0000000..65409a9
--- /dev/null
+++ b/vendor/signature/src/verifier.rs
@@ -0,0 +1,41 @@
+//! Trait for verifying digital signatures
+
+use crate::error::Error;
+
+#[cfg(feature = "digest")]
+use crate::digest::Digest;
+
+/// Verify the provided message bytestring using `Self` (e.g. a public key)
+pub trait Verifier<S> {
+    /// Use `Self` to verify that the provided signature for a given message
+    /// bytestring is authentic.
+    ///
+    /// Returns `Error` if it is inauthentic, or otherwise returns `()`.
+    fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error>;
+}
+
+/// Verify the provided signature for the given prehashed message [`Digest`]
+/// is authentic.
+///
+/// ## Notes
+///
+/// This trait is primarily intended for signature algorithms based on the
+/// [Fiat-Shamir heuristic], a method for converting an interactive
+/// challenge/response-based proof-of-knowledge protocol into an offline
+/// digital signature through the use of a random oracle, i.e. a digest
+/// function.
+///
+/// The security of such protocols critically rests upon the inability of
+/// an attacker to solve for the output of the random oracle, as generally
+/// otherwise such signature algorithms are a system of linear equations and
+/// therefore doing so would allow the attacker to trivially forge signatures.
+///
+/// To prevent misuse which would potentially allow this to be possible, this
+/// API accepts a [`Digest`] instance, rather than a raw digest value.
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+#[cfg(feature = "digest")]
+pub trait DigestVerifier<D: Digest, S> {
+    /// Verify the signature against the given [`Digest`] output.
+    fn verify_digest(&self, digest: D, signature: &S) -> Result<(), Error>;
+}
diff --git a/vendor/signature/tests/derive.rs b/vendor/signature/tests/derive.rs
new file mode 100644
index 0000000..0abd982
--- /dev/null
+++ b/vendor/signature/tests/derive.rs
@@ -0,0 +1,84 @@
+//! Tests for code generated by `signature_derive`
+
+#![cfg(all(feature = "derive", feature = "digest"))]
+
+use digest::{generic_array::GenericArray, Digest, OutputSizeUser};
+use hex_literal::hex;
+use sha2::Sha256;
+use signature::{
+    hazmat::{PrehashSigner, PrehashVerifier},
+    DigestSigner, DigestVerifier, Error, PrehashSignature, SignatureEncoding, Signer, Verifier,
+};
+
+/// Test vector to compute SHA-256 digest of
+const INPUT_STRING: &[u8] = b"abc";
+
+/// Expected SHA-256 digest for the input string
+const INPUT_STRING_DIGEST: [u8; 32] =
+    hex!("ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad");
+
+type Repr = GenericArray<u8, <Sha256 as OutputSizeUser>::OutputSize>;
+
+/// Dummy signature which just contains a digest output
+#[derive(Clone, Debug)]
+struct DummySignature(Repr);
+
+impl PrehashSignature for DummySignature {
+    type Digest = Sha256;
+}
+
+impl SignatureEncoding for DummySignature {
+    type Repr = Repr;
+}
+
+impl TryFrom<&[u8]> for DummySignature {
+    type Error = Error;
+
+    fn try_from(bytes: &[u8]) -> Result<Self, Error> {
+        Ok(DummySignature(GenericArray::clone_from_slice(
+            bytes.as_ref(),
+        )))
+    }
+}
+
+impl From<DummySignature> for Repr {
+    fn from(sig: DummySignature) -> Repr {
+        sig.0
+    }
+}
+
+/// Dummy signer which just returns the message digest as a `DummySignature`
+#[derive(Signer, DigestSigner, Default)]
+struct DummySigner {}
+
+impl PrehashSigner<DummySignature> for DummySigner {
+    fn sign_prehash(&self, prehash: &[u8]) -> signature::Result<DummySignature> {
+        DummySignature::try_from(prehash)
+    }
+}
+
+/// Dummy verifier which ensures the `DummySignature` digest matches the
+/// expected value.
+///
+/// Panics (via `assert_eq!`) if the value is not what is expected.
+#[derive(Verifier, DigestVerifier, Default)]
+struct DummyVerifier {}
+
+impl PrehashVerifier<DummySignature> for DummyVerifier {
+    fn verify_prehash(&self, prehash: &[u8], signature: &DummySignature) -> signature::Result<()> {
+        assert_eq!(signature.to_bytes().as_slice(), prehash);
+        Ok(())
+    }
+}
+
+#[test]
+fn derived_signer_impl() {
+    let sig: DummySignature = DummySigner::default().sign(INPUT_STRING);
+    assert_eq!(sig.to_bytes().as_slice(), INPUT_STRING_DIGEST.as_ref())
+}
+
+#[test]
+fn derived_verifier_impl() {
+    let sig: DummySignature = DummySigner::default().sign(INPUT_STRING);
+    assert!(DummyVerifier::default().verify(INPUT_STRING, &sig).is_ok());
+}