Merging upstream version 1.70.0+dfsg2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

14 files changed, 1299 insertions, 0 deletions

diff --git a/vendor/signature/.cargo-checksum.json b/vendor/signature/.cargo-checksum.json
new file mode 100644
index 000000000..f3fca0f74
--- /dev/null
+++ b/vendor/signature/.cargo-checksum.json
@@ -0,0 +1 @@
+{"files":{"CHANGELOG.md":"ffea692939624650fdc658b1f4475983ed992dd0448bd0470afb10d3c59fd37a","Cargo.toml":"f8c47b3e2cdd8bf029f036e4725210ac8f5eae78045a59c3a8f07a3571a8221e","LICENSE-APACHE":"a9040321c3712d8fd0b09cf52b17445de04a23a10165049ae187cd39e5c86be5","LICENSE-MIT":"bdebaf9156a298f8fdab56dd26cb5144673de522d80f4c0d88e0039145f147f9","README.md":"61dd7de22512e5ee5a5479c7757be89dc9f136ac810eb25bdea598e4f6600352","src/error.rs":"8e17929b47998ea3b3704adf70e1d501754ffc5910e6b074144ac91cbd811e89","src/hazmat.rs":"dbaa6b9f30626d0e68869d315640ed18e1c3ac665c0227e1de1e401952767b36","src/keypair.rs":"ec3166f3983e5bd781b429603fcfa4fd15546398ba372a32be007bdee36a6020","src/lib.rs":"64c6788856aaba3e31c8b6d91e653590190e802c4ddf327e81c0c32701f19b57","src/signature.rs":"1364b4d70d531eab5e9954044ea7ff3cda5b5a635141f4b25d3f40a5c5d1303f","src/signer.rs":"02e147e922957e53a70d8ab02d504c91ab7f43617abfdb5781e18558ededf7a9","src/verifier.rs":"0c7dc6d48f8bf1960b5e06032548eaa441ecdfa4cdb7a3d38ad2c7486c992635","tests/derive.rs":"619bd7185f7f66376b8c2a61dd896c316af47363a66ab1e949f4146a4e988fa2"},"package":"74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c"}
\ No newline at end of file
diff --git a/vendor/signature/CHANGELOG.md b/vendor/signature/CHANGELOG.md
new file mode 100644
index 000000000..86198d54c
--- /dev/null
+++ b/vendor/signature/CHANGELOG.md
@@ -0,0 +1,207 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## 1.6.4 (2022-10-06)
+### Added
+- `RandomizedPrehashSigner` trait in `hazmat` module ([#1130])
+
+[#1130]: https://github.com/RustCrypto/traits/pull/1130
+
+## 1.6.3 (2022-09-16)
+### Changed
+- Bump `signature_derive` to v1.0.0-pre.7 ([#1119])
+
+[#1119]: https://github.com/RustCrypto/traits/pull/1119
+
+## 1.6.2 (2022-09-15)
+### Changed
+- Relax `Keypair` type bounds ([#1107])
+
+[#1107]: https://github.com/RustCrypto/traits/pull/1107
+
+## 1.6.1 (2022-09-12) [YANKED]
+### Added
+- `hazmat-preview` feature with `PrehashSigner`/`PrehashVerifier` traits ([#1099])
+
+### Changed
+- Bump `signature_derive` to v1.0.0-pre.6 ([#1104])
+
+[#1099]: https://github.com/RustCrypto/traits/pull/1099
+[#1104]: https://github.com/RustCrypto/traits/pull/1104
+
+## 1.6.0 (2022-08-14) [YANKED]
+### Added
+- `Keypair` trait ([#1080])
+
+### Changed
+- Rust 2021 edition upgrade; MSRV 1.56 ([#1081])
+- Bump `signature_derive` dependency to v1.0.0-pre.5 ([#1082])
+- Bump `hex-literal` dependency to v0.3 ([#1083])
+
+[#1080]: https://github.com/RustCrypto/traits/pull/1080
+[#1081]: https://github.com/RustCrypto/traits/pull/1081
+[#1082]: https://github.com/RustCrypto/traits/pull/1082
+[#1083]: https://github.com/RustCrypto/traits/pull/1083
+
+## 1.5.0 (2022-01-04)
+### Changed
+- Bump `digest` dependency to v0.10 ([#850])
+- Bump `signature-derive` dependency to v1.0.0-pre.4 ([#866])
+
+[#850]: https://github.com/RustCrypto/traits/pull/850
+[#866]: https://github.com/RustCrypto/traits/pull/866
+
+## 1.4.0 (2021-10-20)
+### Added
+- Re-export `rand_core` when the `rand-preview` feature is enabled ([#683])
+- `SignerMut` trait ([#734])
+
+### Fixed
+- Show error source in `Display` impl ([#791])
+
+[#683]: https://github.com/RustCrypto/traits/pull/683
+[#734]: https://github.com/RustCrypto/traits/pull/734
+[#791]: https://github.com/RustCrypto/traits/pull/791
+
+## 1.3.2 (2021-10-21)
+### Fixed
+- Backport changes from [#791] to the 1.3.x series.
+
+## 1.3.1 (2021-06-29)
+### Added
+- `Result` alias ([#676])
+
+[#676]: https://github.com/RustCrypto/traits/pull/676
+
+## 1.3.0 (2021-01-06)
+### Changed
+- Bump `rand_core` to v0.6 ([#457])
+- Bump `signature-derive` v1.0.0-pre.3 ([#459])
+
+[#457]: https://github.com/RustCrypto/traits/pull/457
+[#459]: https://github.com/RustCrypto/traits/pull/459
+
+## 1.2.2 (2020-07-29)
+### Added
+- `RandomizedDigestSigner` ([#235])
+
+[#235]: https://github.com/RustCrypto/traits/pull/235
+
+## 1.2.1 (2020-07-29)
+### Removed
+- RNG generic parameter `R` from `RandomizedSigner` ([#231])
+
+[#231]: https://github.com/RustCrypto/traits/pull/231
+
+## 1.2.0 (2020-07-29) [YANKED]
+- Note: this release was published without the intended changes
+
+## 1.1.0 (2020-06-09)
+### Changed
+- Upgrade `digest` to v0.9; MSRV 1.41+ ([#186])
+
+[#186]: https://github.com/RustCrypto/traits/pull/186
+
+## 1.0.1 (2020-04-19)
+### Changed
+- Upgrade `signature_derive` to v1.0.0-pre.2 ([#98])
+
+[#98]: https://github.com/RustCrypto/traits/pull/98
+
+## 1.0.0 (2020-04-18)
+
+Initial 1.0 release! 🎉
+
+### Changed
+- Rename `DigestSignature` => `PrehashSignature` ([#96])
+
+[#96]: https://github.com/RustCrypto/traits/pull/96
+
+## 1.0.0-pre.5 (2020-03-16)
+### Changed
+- Improve `Debug` impl on `Error` ([#89])
+- Rename `Signature::as_slice` -> `as_bytes` ([#87])
+
+[#89]: https://github.com/RustCrypto/traits/pull/89
+[#87]: https://github.com/RustCrypto/traits/pull/87
+
+## 1.0.0-pre.4 (2020-03-15)
+### Added
+- Mark preview features as unstable in `Cargo.toml` ([#82])
+
+### Changed
+- Have `Signature::from_bytes` take a byte slice ([#84])
+- Ensure `Error::new()` is mandatory ([#83])
+
+### Removed
+- `BoxError` type alias ([#81])
+
+[#84]: https://github.com/RustCrypto/traits/pull/84
+[#83]: https://github.com/RustCrypto/traits/pull/83
+[#82]: https://github.com/RustCrypto/traits/pull/82
+[#81]: https://github.com/RustCrypto/traits/pull/81
+
+## 1.0.0-pre.3 (2020-03-08)
+### Fixed
+- docs.rs rendering ([#76])
+
+[#76]: https://github.com/RustCrypto/traits/pull/76
+
+## 1.0.0-pre.2 (2020-03-08)
+### Added
+- `RandomizedSigner` trait ([#73])
+- Design documentation ([#72])
+
+### Changed
+- Error cleanups ([#74])
+- Crate moved to `RustCrypto/traits` ([#71])
+
+[#74]: https://github.com/RustCrypto/traits/pull/74
+[#73]: https://github.com/RustCrypto/traits/pull/73
+[#72]: https://github.com/RustCrypto/traits/pull/72
+[#71]: https://github.com/RustCrypto/traits/pull/71
+
+## 1.0.0-pre.1 (2019-10-27)
+### Changed
+- Use `Error::source` instead of `::cause` ([RustCrypto/signatures#37])
+
+### Removed
+- Remove `alloc` feature; MSRV 1.34+ ([RustCrypto/signatures#38])
+
+[RustCrypto/signatures#38]: https://github.com/RustCrypto/signatures/pull/38
+[RustCrypto/signatures#37]: https://github.com/RustCrypto/signatures/pull/37
+
+## 1.0.0-pre.0 (2019-10-11)
+### Changed
+- Revert removal of `DigestSignature` ([RustCrypto/signatures#33])
+- 1.0 stabilization proposal ([RustCrypto/signatures#32])
+
+[RustCrypto/signatures#33]: https://github.com/RustCrypto/signatures/pull/33
+[RustCrypto/signatures#32]: https://github.com/RustCrypto/signatures/pull/32
+
+## 0.3.0 (2019-10-10)
+### Changed
+- Simplify alloc gating; MSRV 1.36+ ([RustCrypto/signatures#28])
+- Replace `DigestSignature` trait with `#[digest(...)]` attribute ([RustCrypto/signatures#27])
+- signature_derive: Upgrade to 1.x proc macro crates ([RustCrypto/signatures#26])
+
+[RustCrypto/signatures#28]: https://github.com/RustCrypto/signatures/pull/28
+[RustCrypto/signatures#27]: https://github.com/RustCrypto/signatures/pull/27
+[RustCrypto/signatures#26]: https://github.com/RustCrypto/signatures/pull/27
+
+## 0.2.0 (2019-06-06)
+### Added
+- `signature_derive`: Custom derive support for `Signer`/`Verifier` ([RustCrypto/signatures#18])
+
+### Changed
+- Have `DigestSigner`/`DigestVerifier` take `Digest` instance ([RustCrypto/signatures#17])
+
+[RustCrypto/signatures#18]: https://github.com/RustCrypto/signatures/pull/18
+[RustCrypto/signatures#17]: https://github.com/RustCrypto/signatures/pull/17
+
+## 0.1.0 (2019-05-25)
+
+- Initial release
diff --git a/vendor/signature/Cargo.toml b/vendor/signature/Cargo.toml
new file mode 100644
index 000000000..fa83ff6a1
--- /dev/null
+++ b/vendor/signature/Cargo.toml
@@ -0,0 +1,72 @@
+# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
+#
+# When uploading crates to the registry Cargo will automatically
+# "normalize" Cargo.toml files for maximal compatibility
+# with all versions of Cargo and also rewrite `path` dependencies
+# to registry (e.g., crates.io) dependencies.
+#
+# If you are reading this file be aware that the original Cargo.toml
+# will likely look very different (and much more reasonable).
+# See Cargo.toml.orig for the original contents.
+
+[package]
+edition = "2021"
+rust-version = "1.56"
+name = "signature"
+version = "1.6.4"
+authors = ["RustCrypto Developers"]
+description = "Traits for cryptographic signature algorithms (e.g. ECDSA, Ed25519)"
+documentation = "https://docs.rs/signature"
+readme = "README.md"
+keywords = [
+    "crypto",
+    "ecdsa",
+    "ed25519",
+    "signature",
+    "signing",
+]
+categories = [
+    "cryptography",
+    "no-std",
+]
+license = "Apache-2.0 OR MIT"
+repository = "https://github.com/RustCrypto/traits/tree/master/signature"
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = [
+    "--cfg",
+    "docsrs",
+]
+
+[dependencies.digest]
+version = "0.10.3"
+optional = true
+default-features = false
+
+[dependencies.rand_core]
+version = "0.6"
+optional = true
+default-features = false
+
+[dependencies.signature_derive]
+version = "=1.0.0-pre.7"
+optional = true
+
+[dev-dependencies.hex-literal]
+version = "0.3"
+
+[dev-dependencies.sha2]
+version = "0.10"
+default-features = false
+
+[features]
+default = ["std"]
+derive-preview = [
+    "digest-preview",
+    "signature_derive",
+]
+digest-preview = ["digest"]
+hazmat-preview = []
+rand-preview = ["rand_core"]
+std = []
diff --git a/vendor/signature/LICENSE-APACHE b/vendor/signature/LICENSE-APACHE
new file mode 100644
index 000000000..78173fa2e
--- /dev/null
+++ b/vendor/signature/LICENSE-APACHE
@@ -0,0 +1,201 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/vendor/signature/LICENSE-MIT b/vendor/signature/LICENSE-MIT
new file mode 100644
index 000000000..81a3d57ac
--- /dev/null
+++ b/vendor/signature/LICENSE-MIT
@@ -0,0 +1,25 @@
+Copyright (c) 2018-2022 RustCrypto Developers
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
diff --git a/vendor/signature/README.md b/vendor/signature/README.md
new file mode 100644
index 000000000..a1a6fa4ae
--- /dev/null
+++ b/vendor/signature/README.md
@@ -0,0 +1,72 @@
+# RustCrypto: Digital Signature Algorithms
+
+[![crate][crate-image]][crate-link]
+[![Docs][docs-image]][docs-link]
+[![Build Status][build-image]][build-link]
+![Apache2/MIT licensed][license-image]
+![Rust Version][rustc-image]
+[![Project Chat][chat-image]][chat-link]
+
+This crate contains traits which provide generic, object-safe APIs for
+generating and verifying [digital signatures][1].
+
+Used by the [`ecdsa`][2] and [`ed25519`][3] crates, with forthcoming support
+in the [`rsa`][4] crate.
+
+See also the [Signatory][5] crate for trait wrappers for using these traits
+with many popular Rust cryptography crates, including `ed25519-dalek`, *ring*,
+`secp256k1-rs`, and `sodiumoxide`.
+
+[Documentation][docs-link]
+
+## Minimum Supported Rust Version
+
+Rust **1.56** or higher.
+
+Minimum supported Rust version can be changed in the future, but it will be
+done with a minor version bump.
+
+## SemVer Policy
+
+- All on-by-default features of this library are covered by SemVer
+- MSRV is considered exempt from SemVer as noted above
+- The off-by-default features `derive-preview` and `digest-preview` are
+  unstable "preview" features which are also considered exempt from SemVer.
+  Breaking changes to these features will, like MSRV, be done with a minor
+  version bump.
+
+## License
+
+Licensed under either of
+
+ * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0)
+ * [MIT license](http://opensource.org/licenses/MIT)
+
+at your option.
+
+### Contribution
+
+Unless you explicitly state otherwise, any contribution intentionally submitted
+for inclusion in the work by you, as defined in the Apache-2.0 license, shall be
+dual licensed as above, without any additional terms or conditions.
+
+[//]: # (badges)
+
+[crate-image]:  https://buildstats.info/crate/signature
+[crate-link]: https://crates.io/crates/signature
+[docs-image]: https://docs.rs/signature/badge.svg
+[docs-link]: https://docs.rs/signature/
+[build-image]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml/badge.svg
+[build-link]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml
+[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
+[rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg
+[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
+[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260048-signatures
+
+[//]: # (general links)
+
+[1]: https://en.wikipedia.org/wiki/Digital_signature
+[2]: https://github.com/RustCrypto/signatures/tree/master/ecdsa
+[3]: https://github.com/RustCrypto/signatures/tree/master/ed25519
+[4]: https://github.com/RustCrypto/RSA
+[5]: https://docs.rs/signatory
diff --git a/vendor/signature/src/error.rs b/vendor/signature/src/error.rs
new file mode 100644
index 000000000..06e22d527
--- /dev/null
+++ b/vendor/signature/src/error.rs
@@ -0,0 +1,108 @@
+//! Signature error types
+
+use core::fmt::{self, Debug, Display};
+
+#[cfg(feature = "std")]
+use std::boxed::Box;
+
+/// Result type.
+///
+/// A result with the `signature` crate's [`Error`] type.
+pub type Result<T> = core::result::Result<T, Error>;
+
+/// Signature errors.
+///
+/// This type is deliberately opaque as to avoid sidechannel leakage which
+/// could potentially be used recover signing private keys or forge signatures
+/// (e.g. [BB'06]).
+///
+/// When the `std` feature is enabled, it impls [`std::error::Error`] and
+/// supports an optional [`std::error::Error::source`], which can be used by
+/// things like remote signers (e.g. HSM, KMS) to report I/O or auth errors.
+///
+/// [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher
+#[derive(Default)]
+pub struct Error {
+    /// Prevent from being instantiated as `Error {}` when the `std` feature
+    /// is disabled
+    _private: (),
+
+    /// Source of the error (if applicable).
+    #[cfg(feature = "std")]
+    source: Option<Box<dyn std::error::Error + Send + Sync + 'static>>,
+}
+
+impl Error {
+    /// Create a new error with no associated source
+    pub fn new() -> Self {
+        Self::default()
+    }
+
+    /// Create a new error with an associated source.
+    ///
+    /// **NOTE:** The "source" should **NOT** be used to propagate cryptographic
+    /// errors e.g. signature parsing or verification errors. The intended use
+    /// cases are for propagating errors related to external signers, e.g.
+    /// communication/authentication errors with HSMs, KMS, etc.
+    #[cfg(feature = "std")]
+    #[cfg_attr(docsrs, doc(cfg(feature = "std")))]
+    pub fn from_source(
+        source: impl Into<Box<dyn std::error::Error + Send + Sync + 'static>>,
+    ) -> Self {
+        Self {
+            _private: (),
+            source: Some(source.into()),
+        }
+    }
+}
+
+impl Debug for Error {
+    #[cfg(not(feature = "std"))]
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature::Error {}")
+    }
+
+    #[cfg(feature = "std")]
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature::Error { source: ")?;
+
+        if let Some(source) = &self.source {
+            write!(f, "Some({})", source)?;
+        } else {
+            f.write_str("None")?;
+        }
+
+        f.write_str(" }")
+    }
+}
+
+impl Display for Error {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_str("signature error")?;
+
+        #[cfg(feature = "std")]
+        {
+            if let Some(source) = &self.source {
+                write!(f, ": {}", source)?;
+            }
+        }
+
+        Ok(())
+    }
+}
+
+#[cfg(feature = "std")]
+impl From<Box<dyn std::error::Error + Send + Sync + 'static>> for Error {
+    fn from(source: Box<dyn std::error::Error + Send + Sync + 'static>) -> Error {
+        Self::from_source(source)
+    }
+}
+
+#[cfg(feature = "std")]
+impl std::error::Error for Error {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        self.source
+            .as_ref()
+            .map(|source| source.as_ref() as &(dyn std::error::Error + 'static))
+    }
+}
diff --git a/vendor/signature/src/hazmat.rs b/vendor/signature/src/hazmat.rs
new file mode 100644
index 000000000..8119225c6
--- /dev/null
+++ b/vendor/signature/src/hazmat.rs
@@ -0,0 +1,75 @@
+//! Hazardous Materials: low-level APIs which can be insecure if misused.
+//!
+//! The traits in this module are not generally recommended, and should only be
+//! used in special cases where they are specifically needed.
+//!
+//! Using them incorrectly can introduce security vulnerabilities. Please
+//! carefully read the documentation before attempting to use them.
+//!
+//! To use them, enable the `hazmat-preview` crate feature. Note that this
+//! feature is semi-unstable and not subject to regular 1.x SemVer guarantees.
+//! However, any breaking changes will be accompanied with a minor version bump.
+
+use crate::{Error, Signature};
+
+#[cfg(feature = "rand-preview")]
+use crate::rand_core::{CryptoRng, RngCore};
+
+/// Sign the provided message prehash, returning a digital signature.
+pub trait PrehashSigner<S: Signature> {
+    /// Attempt to sign the given message digest, returning a digital signature
+    /// on success, or an error if something went wrong.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// This API takes a `prehash` byte slice as there can potentially be many
+    /// compatible lengths for the message digest for a given concrete signature
+    /// algorithm.
+    ///
+    /// Allowed lengths are algorithm-dependent and up to a particular
+    /// implementation to decide.
+    fn sign_prehash(&self, prehash: &[u8]) -> Result<S, Error>;
+}
+
+/// Sign the provided message prehash using the provided external randomness source, returning a digital signature.
+#[cfg(feature = "rand-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))]
+pub trait RandomizedPrehashSigner<S: Signature> {
+    /// Attempt to sign the given message digest, returning a digital signature
+    /// on success, or an error if something went wrong.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// This API takes a `prehash` byte slice as there can potentially be many
+    /// compatible lengths for the message digest for a given concrete signature
+    /// algorithm.
+    ///
+    /// Allowed lengths are algorithm-dependent and up to a particular
+    /// implementation to decide.
+    fn sign_prehash_with_rng(
+        &self,
+        rng: impl CryptoRng + RngCore,
+        prehash: &[u8],
+    ) -> Result<S, Error>;
+}
+
+/// Verify the provided message prehash using `Self` (e.g. a public key)
+pub trait PrehashVerifier<S: Signature> {
+    /// Use `Self` to verify that the provided signature for a given message
+    /// `prehash` is authentic.
+    ///
+    /// The `prehash` parameter should be the output of a secure cryptographic
+    /// hash function.
+    ///
+    /// Returns `Error` if it is inauthentic or some other error occurred, or
+    /// otherwise returns `Ok(())`.
+    ///
+    /// # ⚠️ Security Warning
+    ///
+    /// If `prehash` is something other than the output of a cryptographically
+    /// secure hash function, an attacker can potentially forge signatures by
+    /// solving a system of linear equations.
+    fn verify_prehash(&self, prehash: &[u8], signature: &S) -> Result<(), Error>;
+}
diff --git a/vendor/signature/src/keypair.rs b/vendor/signature/src/keypair.rs
new file mode 100644
index 000000000..6d9f947c6
--- /dev/null
+++ b/vendor/signature/src/keypair.rs
@@ -0,0 +1,17 @@
+//! Signing keypairs.
+
+use crate::Signature;
+
+/// Signing keypair with an associated verifying key.
+///
+/// This represents a type which holds both a signing key and a verifying key.
+pub trait Keypair<S: Signature>: AsRef<Self::VerifyingKey> {
+    /// Verifying key type for this keypair.
+    type VerifyingKey;
+
+    /// Get the verifying key which can verify signatures produced by the
+    /// signing key portion of this keypair.
+    fn verifying_key(&self) -> &Self::VerifyingKey {
+        self.as_ref()
+    }
+}
diff --git a/vendor/signature/src/lib.rs b/vendor/signature/src/lib.rs
new file mode 100644
index 000000000..ab504c2ac
--- /dev/null
+++ b/vendor/signature/src/lib.rs
@@ -0,0 +1,195 @@
+#![no_std]
+#![doc = include_str!("../README.md")]
+#![doc(
+    html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg",
+    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg"
+)]
+#![cfg_attr(docsrs, feature(doc_cfg))]
+#![forbid(unsafe_code)]
+#![warn(missing_docs, rust_2018_idioms, unused_qualifications)]
+
+//! # Design
+//!
+//! This crate provides a common set of traits for signing and verifying
+//! digital signatures intended to be implemented by libraries which produce
+//! or contain implementations of digital signature algorithms, and used by
+//! libraries which want to produce or verify digital signatures while
+//! generically supporting any compatible backend.
+//!
+//! ## Goals
+//!
+//! The traits provided by this crate were designed with the following goals
+//! in mind:
+//!
+//! - Provide an easy-to-use, misuse resistant API optimized for consumers
+//!   (as opposed to implementers) of its traits.
+//! - Support common type-safe wrappers around "bag-of-bytes" representations
+//!   which can be directly parsed from or written to the "wire".
+//! - Expose a trait/object-safe API where signers/verifiers spanning multiple
+//!   homogeneous provider implementations can be seamlessly leveraged together
+//!   in the same logical "keyring" so long as they operate on the same
+//!   underlying signature type.
+//! - Allow one provider type to potentially implement support (including
+//!   being generic over) several signature types.
+//! - Keep signature algorithm customizations / "knobs" out-of-band from the
+//!   signing/verification APIs, ideally pushing such concerns into the type
+//!   system so that algorithm mismatches are caught as type errors.
+//! - Opaque error type which minimizes information leaked from cryptographic
+//!   failures, as "rich" error types in these scenarios are often a source
+//!   of sidechannel information for attackers (e.g. [BB'06])
+//!
+//! [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher
+//!
+//! ## Implementation
+//!
+//! To accomplish the above goals, the [`Signer`] and [`Verifier`] traits
+//! provided by this are generic over a [`Signature`] return value, and use
+//! generic parameters rather than associated types. Notably, they use such
+//! a parameter for the return value, allowing it to be inferred by the type
+//! checker based on the desired signature type.
+//!
+//! The [`Signature`] trait is bounded on `AsRef<[u8]>`, enforcing that
+//! signature types are thin wrappers around a "bag-of-bytes"
+//! serialization. Inspiration for this approach comes from the Ed25519
+//! signature system, which was based on the observation that past
+//! systems were not prescriptive about how signatures should be represented
+//! on-the-wire, and that lead to a proliferation of different wire formats
+//! and confusion about which ones should be used. This crate aims to provide
+//! similar simplicity by minimizing the number of steps involved to obtain
+//! a serializable signature.
+//!
+//! ## Alternatives considered
+//!
+//! This crate is based on over two years of exploration of how to encapsulate
+//! digital signature systems in the most flexible, developer-friendly way.
+//! During that time many design alternatives were explored, tradeoffs
+//! compared, and ultimately the provided API was selected.
+//!
+//! The tradeoffs made in this API have all been to improve simplicity,
+//! ergonomics, type safety, and flexibility for *consumers* of the traits.
+//! At times, this has come at a cost to implementers. Below are some concerns
+//! we are cognizant of which were considered in the design of the API:
+//!
+//! - "Bag-of-bytes" serialization precludes signature providers from using
+//!   their own internal representation of a signature, which can be helpful
+//!   for many reasons (e.g. advanced signature system features like batch
+//!   verification). Alternatively each provider could define its own signature
+//!   type, using a marker trait to identify the particular signature algorithm,
+//!   have `From` impls for converting to/from `[u8; N]`, and a marker trait
+//!   for identifying a specific signature algorithm.
+//! - Associated types, rather than generic parameters of traits, could allow
+//!   more customization of the types used by a particular signature system,
+//!   e.g. using custom error types.
+//!
+//! It may still make sense to continue to explore the above tradeoffs, but
+//! with a *new* set of traits which are intended to be implementor-friendly,
+//! rather than consumer friendly. The existing [`Signer`] and [`Verifier`]
+//! traits could have blanket impls for the "provider-friendly" traits.
+//! However, as noted above this is a design space easily explored after
+//! stabilizing the consumer-oriented traits, and thus we consider these
+//! more important.
+//!
+//! That said, below are some caveats of trying to design such traits, and
+//! why we haven't actively pursued them:
+//!
+//! - Generics in the return position are already used to select which trait
+//!   impl to use, i.e. for a particular signature algorithm/system. Avoiding
+//!   a unified, concrete signature type adds another dimension to complexity
+//!   and compiler errors, and in our experience makes them unsuitable for this
+//!   sort of API. We believe such an API is the natural one for signature
+//!   systems, reflecting the natural way they are written absent a trait.
+//! - Associated types preclude multiple (or generic) implementations of the
+//!   same trait. These parameters are common in signature systems, notably
+//!   ones which support different digest algorithms.
+//! - Digital signatures are almost always larger than the present 32-entry
+//!   trait impl limitation on array types, which complicates trait signatures
+//!   for these types (particularly things like `From` or `Borrow` bounds).
+//!   This may be more interesting to explore after const generics.
+//!
+//! ## Unstable features
+//!
+//! Despite being post-1.0, this crate includes a number of off-by-default
+//! unstable features named `*-preview`, each of which depends on a pre-1.0
+//! crate.
+//!
+//! These features are considered exempt from SemVer. See the
+//! [SemVer policy](#semver-policy) above for more information.
+//!
+//! The following unstable features are presently supported:
+//!
+//! - `derive-preview`: for implementers of signature systems using
+//!   [`DigestSigner`] and [`DigestVerifier`], the `derive-preview` feature
+//!   can be used to derive [`Signer`] and [`Verifier`] traits which prehash
+//!   the input message using the [`PrehashSignature::Digest`] algorithm for
+//!   a given [`Signature`] type. When the `derive-preview` feature is enabled
+//!   import the proc macros with `use signature::{Signer, Verifier}` and then
+//!   add a `derive(Signer)` or `derive(Verifier)` attribute to the given
+//!   digest signer/verifier type. Enabling this feature also enables `digest`
+//!   support (see immediately below).
+//! - `digest-preview`: enables the [`DigestSigner`] and [`DigestVerifier`]
+//!   traits which are based on the [`Digest`] trait from the [`digest`] crate.
+//!   These traits are used for representing signature systems based on the
+//!   [Fiat-Shamir heuristic] which compute a random challenge value to sign
+//!   by computing a cryptographically secure digest of the input message.
+//! - `rand-preview`: enables the [`RandomizedSigner`] trait for signature
+//!   systems which rely on a cryptographically secure random number generator
+//!   for security.
+//!
+//! NOTE: the [`async-signature`] crate contains experimental `async` support
+//! for [`Signer`] and [`DigestSigner`].
+//!
+//! [`async-signature`]: https://docs.rs/async-signature
+//! [`digest`]: https://docs.rs/digest/
+//! [`Digest`]: https://docs.rs/digest/latest/digest/trait.Digest.html
+//! [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+
+#[cfg(feature = "std")]
+extern crate std;
+
+#[cfg(all(feature = "signature_derive", not(feature = "derive-preview")))]
+compile_error!(
+    "The `signature_derive` feature should not be enabled directly. \
+    Use the `derive-preview` feature instead."
+);
+
+#[cfg(all(feature = "digest", not(feature = "digest-preview")))]
+compile_error!(
+    "The `digest` feature should not be enabled directly. \
+    Use the `digest-preview` feature instead."
+);
+
+#[cfg(all(feature = "rand_core", not(feature = "rand-preview")))]
+compile_error!(
+    "The `rand_core` feature should not be enabled directly. \
+    Use the `rand-preview` feature instead."
+);
+
+#[cfg(feature = "hazmat-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "hazmat-preview")))]
+pub mod hazmat;
+
+mod error;
+mod keypair;
+mod signature;
+mod signer;
+mod verifier;
+
+#[cfg(feature = "derive-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "derive-preview")))]
+pub use signature_derive::{Signer, Verifier};
+
+#[cfg(all(feature = "derive-preview", feature = "digest-preview"))]
+#[cfg_attr(
+    docsrs,
+    doc(cfg(all(feature = "derive-preview", feature = "digest-preview")))
+)]
+pub use signature_derive::{DigestSigner, DigestVerifier};
+
+#[cfg(feature = "digest-preview")]
+pub use digest;
+
+#[cfg(feature = "rand-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))]
+pub use rand_core;
+
+pub use crate::{error::*, keypair::*, signature::*, signer::*, verifier::*};
diff --git a/vendor/signature/src/signature.rs b/vendor/signature/src/signature.rs
new file mode 100644
index 000000000..29aa0b845
--- /dev/null
+++ b/vendor/signature/src/signature.rs
@@ -0,0 +1,68 @@
+//! Signature traits
+
+use crate::error::Error;
+use core::fmt::Debug;
+
+/// For intra-doc link resolution
+#[cfg(feature = "digest-preview")]
+#[allow(unused_imports)]
+use crate::{
+    signer::{DigestSigner, Signer},
+    verifier::{DigestVerifier, Verifier},
+};
+
+/// Trait impl'd by concrete types that represent digital signatures.
+///
+/// Signature types *must* (as mandated by the `AsRef<[u8]>` bound) be a thin
+/// wrapper around the "bag-of-bytes" serialized form of a signature which can
+/// be directly parsed from or written to the "wire".
+///
+/// Inspiration for this approach comes from the Ed25519 signature system,
+/// which adopted it based on the observation that past signature systems
+/// were not prescriptive about how signatures should be represented
+/// on-the-wire, and that lead to a proliferation of different wire formats and
+/// confusion about which ones should be used.
+///
+/// The [`Signature`] trait aims to provide similar simplicity by minimizing
+/// the number of steps involved to obtain a serializable signature and
+/// ideally ensuring there is one signature type for any given signature system
+/// shared by all "provider" crates.
+///
+/// For signature systems which require a more advanced internal representation
+/// (e.g. involving decoded scalars or decompressed elliptic curve points) it's
+/// recommended that "provider" libraries maintain their own internal signature
+/// type and use `From` bounds to provide automatic conversions.
+pub trait Signature: AsRef<[u8]> + Debug + Sized {
+    /// Parse a signature from its byte representation
+    fn from_bytes(bytes: &[u8]) -> Result<Self, Error>;
+
+    /// Borrow a byte slice representing the serialized form of this signature
+    fn as_bytes(&self) -> &[u8] {
+        self.as_ref()
+    }
+}
+
+/// Marker trait for `Signature` types computable as `𝐒(𝐇(𝒎))`
+/// i.e. ones which prehash a message to be signed as `𝐇(𝒎)`
+///
+/// Where:
+///
+/// - `𝐒`: signature algorithm
+/// - `𝐇`: hash (a.k.a. digest) function
+/// - `𝒎`: message
+///
+/// This approach is relatively common in signature schemes based on the
+/// [Fiat-Shamir heuristic].
+///
+/// For signature types that implement this trait, when the `derive-preview`
+/// Cargo feature is enabled a custom derive for [`Signer`] is available for any
+/// types that impl [`DigestSigner`], and likewise for deriving [`Verifier`] for
+/// types which impl [`DigestVerifier`].
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+#[cfg(feature = "digest-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))]
+pub trait PrehashSignature: Signature {
+    /// Preferred `Digest` algorithm to use when computing this signature type.
+    type Digest: digest::Digest;
+}
diff --git a/vendor/signature/src/signer.rs b/vendor/signature/src/signer.rs
new file mode 100644
index 000000000..c025711fe
--- /dev/null
+++ b/vendor/signature/src/signer.rs
@@ -0,0 +1,136 @@
+//! Traits for generating digital signatures
+
+use crate::{error::Error, Signature};
+
+#[cfg(feature = "digest-preview")]
+use crate::digest::Digest;
+
+#[cfg(feature = "rand-preview")]
+use crate::rand_core::{CryptoRng, RngCore};
+
+/// Sign the provided message bytestring using `Self` (e.g. a cryptographic key
+/// or connection to an HSM), returning a digital signature.
+pub trait Signer<S: Signature> {
+    /// Sign the given message and return a digital signature
+    fn sign(&self, msg: &[u8]) -> S {
+        self.try_sign(msg).expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, returning a digital signature on
+    /// success, or an error if something went wrong.
+    ///
+    /// The main intended use case for signing errors is when communicating
+    /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens.
+    fn try_sign(&self, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Sign the provided message bytestring using `&mut Self` (e.g., an evolving
+/// cryptographic key), returning a digital signature.
+pub trait SignerMut<S: Signature> {
+    /// Sign the given message, update the state, and return a digital signature
+    fn sign(&mut self, msg: &[u8]) -> S {
+        self.try_sign(msg).expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, updating the state, and returning a
+    /// digital signature on success, or an error if something went wrong.
+    ///
+    /// Signing can fail, e.g., if the number of time periods allowed by the
+    /// current key is exceeded.
+    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error>;
+}
+
+// Blanket impl of SignerMut for all Signer types
+impl<T, S> SignerMut<S> for T
+where
+    T: Signer<S>,
+    S: Signature,
+{
+    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error> {
+        T::try_sign(self, msg)
+    }
+}
+
+/// Sign the given prehashed message [`Digest`] using `Self`.
+///
+/// ## Notes
+///
+/// This trait is primarily intended for signature algorithms based on the
+/// [Fiat-Shamir heuristic], a method for converting an interactive
+/// challenge/response-based proof-of-knowledge protocol into an offline
+/// digital signature through the use of a random oracle, i.e. a digest
+/// function.
+///
+/// The security of such protocols critically rests upon the inability of
+/// an attacker to solve for the output of the random oracle, as generally
+/// otherwise such signature algorithms are a system of linear equations and
+/// therefore doing so would allow the attacker to trivially forge signatures.
+///
+/// To prevent misuse which would potentially allow this to be possible, this
+/// API accepts a [`Digest`] instance, rather than a raw digest value.
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+#[cfg(feature = "digest-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))]
+pub trait DigestSigner<D, S>
+where
+    D: Digest,
+    S: Signature,
+{
+    /// Sign the given prehashed message [`Digest`], returning a signature.
+    ///
+    /// Panics in the event of a signing error.
+    fn sign_digest(&self, digest: D) -> S {
+        self.try_sign_digest(digest)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given prehashed message [`Digest`], returning a
+    /// digital signature on success, or an error if something went wrong.
+    fn try_sign_digest(&self, digest: D) -> Result<S, Error>;
+}
+
+/// Sign the given message using the provided external randomness source.
+#[cfg(feature = "rand-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))]
+pub trait RandomizedSigner<S: Signature> {
+    /// Sign the given message and return a digital signature
+    fn sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> S {
+        self.try_sign_with_rng(rng, msg)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, returning a digital signature on
+    /// success, or an error if something went wrong.
+    ///
+    /// The main intended use case for signing errors is when communicating
+    /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens.
+    fn try_sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Combination of [`DigestSigner`] and [`RandomizedSigner`] with support for
+/// computing a signature over a digest which requires entropy from an RNG.
+#[cfg(all(feature = "digest-preview", feature = "rand-preview"))]
+#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))]
+#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))]
+pub trait RandomizedDigestSigner<D, S>
+where
+    D: Digest,
+    S: Signature,
+{
+    /// Sign the given prehashed message `Digest`, returning a signature.
+    ///
+    /// Panics in the event of a signing error.
+    fn sign_digest_with_rng(&self, rng: impl CryptoRng + RngCore, digest: D) -> S {
+        self.try_sign_digest_with_rng(rng, digest)
+            .expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given prehashed message `Digest`, returning a
+    /// digital signature on success, or an error if something went wrong.
+    fn try_sign_digest_with_rng(
+        &self,
+        rng: impl CryptoRng + RngCore,
+        digest: D,
+    ) -> Result<S, Error>;
+}
diff --git a/vendor/signature/src/verifier.rs b/vendor/signature/src/verifier.rs
new file mode 100644
index 000000000..4d6efbc2b
--- /dev/null
+++ b/vendor/signature/src/verifier.rs
@@ -0,0 +1,46 @@
+//! Trait for verifying digital signatures
+
+use crate::{error::Error, Signature};
+
+#[cfg(feature = "digest-preview")]
+use crate::digest::Digest;
+
+/// Verify the provided message bytestring using `Self` (e.g. a public key)
+pub trait Verifier<S: Signature> {
+    /// Use `Self` to verify that the provided signature for a given message
+    /// bytestring is authentic.
+    ///
+    /// Returns `Error` if it is inauthentic, or otherwise returns `()`.
+    fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error>;
+}
+
+/// Verify the provided signature for the given prehashed message [`Digest`]
+/// is authentic.
+///
+/// ## Notes
+///
+/// This trait is primarily intended for signature algorithms based on the
+/// [Fiat-Shamir heuristic], a method for converting an interactive
+/// challenge/response-based proof-of-knowledge protocol into an offline
+/// digital signature through the use of a random oracle, i.e. a digest
+/// function.
+///
+/// The security of such protocols critically rests upon the inability of
+/// an attacker to solve for the output of the random oracle, as generally
+/// otherwise such signature algorithms are a system of linear equations and
+/// therefore doing so would allow the attacker to trivially forge signatures.
+///
+/// To prevent misuse which would potentially allow this to be possible, this
+/// API accepts a [`Digest`] instance, rather than a raw digest value.
+///
+/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic
+#[cfg(feature = "digest-preview")]
+#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))]
+pub trait DigestVerifier<D, S>
+where
+    D: Digest,
+    S: Signature,
+{
+    /// Verify the signature against the given [`Digest`] output.
+    fn verify_digest(&self, digest: D, signature: &S) -> Result<(), Error>;
+}
diff --git a/vendor/signature/tests/derive.rs b/vendor/signature/tests/derive.rs
new file mode 100644
index 000000000..5048dc682
--- /dev/null
+++ b/vendor/signature/tests/derive.rs
@@ -0,0 +1,76 @@
+//! Tests for code generated by `signature_derive`
+
+#![cfg(all(feature = "derive-preview", feature = "hazmat-preview"))]
+
+use digest::{generic_array::GenericArray, Digest, OutputSizeUser};
+use hex_literal::hex;
+use sha2::Sha256;
+use signature::{
+    hazmat::{PrehashSigner, PrehashVerifier},
+    DigestSigner, DigestVerifier, Error, PrehashSignature, Signature, Signer, Verifier,
+};
+
+/// Test vector to compute SHA-256 digest of
+const INPUT_STRING: &[u8] = b"abc";
+
+/// Expected SHA-256 digest for the input string
+const INPUT_STRING_DIGEST: [u8; 32] =
+    hex!("ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad");
+
+/// Dummy signature which just contains a digest output
+#[derive(Debug)]
+struct DummySignature(GenericArray<u8, <Sha256 as OutputSizeUser>::OutputSize>);
+
+impl Signature for DummySignature {
+    fn from_bytes(bytes: &[u8]) -> Result<Self, Error> {
+        Ok(DummySignature(GenericArray::clone_from_slice(
+            bytes.as_ref(),
+        )))
+    }
+}
+
+impl AsRef<[u8]> for DummySignature {
+    fn as_ref(&self) -> &[u8] {
+        self.0.as_ref()
+    }
+}
+
+impl PrehashSignature for DummySignature {
+    type Digest = Sha256;
+}
+
+/// Dummy signer which just returns the message digest as a `DummySignature`
+#[derive(Signer, DigestSigner, Default)]
+struct DummySigner {}
+
+impl PrehashSigner<DummySignature> for DummySigner {
+    fn sign_prehash(&self, prehash: &[u8]) -> signature::Result<DummySignature> {
+        DummySignature::from_bytes(prehash)
+    }
+}
+
+/// Dummy verifier which ensures the `DummySignature` digest matches the
+/// expected value.
+///
+/// Panics (via `assert_eq!`) if the value is not what is expected.
+#[derive(Verifier, DigestVerifier, Default)]
+struct DummyVerifier {}
+
+impl PrehashVerifier<DummySignature> for DummyVerifier {
+    fn verify_prehash(&self, prehash: &[u8], signature: &DummySignature) -> signature::Result<()> {
+        assert_eq!(signature.as_ref(), prehash);
+        Ok(())
+    }
+}
+
+#[test]
+fn derived_signer_impl() {
+    let sig: DummySignature = DummySigner::default().sign(INPUT_STRING);
+    assert_eq!(sig.as_ref(), INPUT_STRING_DIGEST.as_ref())
+}
+
+#[test]
+fn derived_verifier_impl() {
+    let sig: DummySignature = DummySigner::default().sign(INPUT_STRING);
+    assert!(DummyVerifier::default().verify(INPUT_STRING, &sig).is_ok());
+}