diff options
Diffstat (limited to 'vendor/signature')
-rw-r--r-- | vendor/signature/.cargo-checksum.json | 1 | ||||
-rw-r--r-- | vendor/signature/CHANGELOG.md | 207 | ||||
-rw-r--r-- | vendor/signature/Cargo.toml | 72 | ||||
-rw-r--r-- | vendor/signature/LICENSE-APACHE | 201 | ||||
-rw-r--r-- | vendor/signature/LICENSE-MIT | 25 | ||||
-rw-r--r-- | vendor/signature/README.md | 72 | ||||
-rw-r--r-- | vendor/signature/src/error.rs | 108 | ||||
-rw-r--r-- | vendor/signature/src/hazmat.rs | 75 | ||||
-rw-r--r-- | vendor/signature/src/keypair.rs | 17 | ||||
-rw-r--r-- | vendor/signature/src/lib.rs | 195 | ||||
-rw-r--r-- | vendor/signature/src/signature.rs | 68 | ||||
-rw-r--r-- | vendor/signature/src/signer.rs | 136 | ||||
-rw-r--r-- | vendor/signature/src/verifier.rs | 46 | ||||
-rw-r--r-- | vendor/signature/tests/derive.rs | 76 |
14 files changed, 1299 insertions, 0 deletions
diff --git a/vendor/signature/.cargo-checksum.json b/vendor/signature/.cargo-checksum.json new file mode 100644 index 000000000..f3fca0f74 --- /dev/null +++ b/vendor/signature/.cargo-checksum.json @@ -0,0 +1 @@ +{"files":{"CHANGELOG.md":"ffea692939624650fdc658b1f4475983ed992dd0448bd0470afb10d3c59fd37a","Cargo.toml":"f8c47b3e2cdd8bf029f036e4725210ac8f5eae78045a59c3a8f07a3571a8221e","LICENSE-APACHE":"a9040321c3712d8fd0b09cf52b17445de04a23a10165049ae187cd39e5c86be5","LICENSE-MIT":"bdebaf9156a298f8fdab56dd26cb5144673de522d80f4c0d88e0039145f147f9","README.md":"61dd7de22512e5ee5a5479c7757be89dc9f136ac810eb25bdea598e4f6600352","src/error.rs":"8e17929b47998ea3b3704adf70e1d501754ffc5910e6b074144ac91cbd811e89","src/hazmat.rs":"dbaa6b9f30626d0e68869d315640ed18e1c3ac665c0227e1de1e401952767b36","src/keypair.rs":"ec3166f3983e5bd781b429603fcfa4fd15546398ba372a32be007bdee36a6020","src/lib.rs":"64c6788856aaba3e31c8b6d91e653590190e802c4ddf327e81c0c32701f19b57","src/signature.rs":"1364b4d70d531eab5e9954044ea7ff3cda5b5a635141f4b25d3f40a5c5d1303f","src/signer.rs":"02e147e922957e53a70d8ab02d504c91ab7f43617abfdb5781e18558ededf7a9","src/verifier.rs":"0c7dc6d48f8bf1960b5e06032548eaa441ecdfa4cdb7a3d38ad2c7486c992635","tests/derive.rs":"619bd7185f7f66376b8c2a61dd896c316af47363a66ab1e949f4146a4e988fa2"},"package":"74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c"}
\ No newline at end of file diff --git a/vendor/signature/CHANGELOG.md b/vendor/signature/CHANGELOG.md new file mode 100644 index 000000000..86198d54c --- /dev/null +++ b/vendor/signature/CHANGELOG.md @@ -0,0 +1,207 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## 1.6.4 (2022-10-06) +### Added +- `RandomizedPrehashSigner` trait in `hazmat` module ([#1130]) + +[#1130]: https://github.com/RustCrypto/traits/pull/1130 + +## 1.6.3 (2022-09-16) +### Changed +- Bump `signature_derive` to v1.0.0-pre.7 ([#1119]) + +[#1119]: https://github.com/RustCrypto/traits/pull/1119 + +## 1.6.2 (2022-09-15) +### Changed +- Relax `Keypair` type bounds ([#1107]) + +[#1107]: https://github.com/RustCrypto/traits/pull/1107 + +## 1.6.1 (2022-09-12) [YANKED] +### Added +- `hazmat-preview` feature with `PrehashSigner`/`PrehashVerifier` traits ([#1099]) + +### Changed +- Bump `signature_derive` to v1.0.0-pre.6 ([#1104]) + +[#1099]: https://github.com/RustCrypto/traits/pull/1099 +[#1104]: https://github.com/RustCrypto/traits/pull/1104 + +## 1.6.0 (2022-08-14) [YANKED] +### Added +- `Keypair` trait ([#1080]) + +### Changed +- Rust 2021 edition upgrade; MSRV 1.56 ([#1081]) +- Bump `signature_derive` dependency to v1.0.0-pre.5 ([#1082]) +- Bump `hex-literal` dependency to v0.3 ([#1083]) + +[#1080]: https://github.com/RustCrypto/traits/pull/1080 +[#1081]: https://github.com/RustCrypto/traits/pull/1081 +[#1082]: https://github.com/RustCrypto/traits/pull/1082 +[#1083]: https://github.com/RustCrypto/traits/pull/1083 + +## 1.5.0 (2022-01-04) +### Changed +- Bump `digest` dependency to v0.10 ([#850]) +- Bump `signature-derive` dependency to v1.0.0-pre.4 ([#866]) + +[#850]: https://github.com/RustCrypto/traits/pull/850 +[#866]: https://github.com/RustCrypto/traits/pull/866 + +## 1.4.0 (2021-10-20) +### Added +- Re-export `rand_core` when the `rand-preview` feature is enabled ([#683]) +- `SignerMut` trait ([#734]) + +### Fixed +- Show error source in `Display` impl ([#791]) + +[#683]: https://github.com/RustCrypto/traits/pull/683 +[#734]: https://github.com/RustCrypto/traits/pull/734 +[#791]: https://github.com/RustCrypto/traits/pull/791 + +## 1.3.2 (2021-10-21) +### Fixed +- Backport changes from [#791] to the 1.3.x series. + +## 1.3.1 (2021-06-29) +### Added +- `Result` alias ([#676]) + +[#676]: https://github.com/RustCrypto/traits/pull/676 + +## 1.3.0 (2021-01-06) +### Changed +- Bump `rand_core` to v0.6 ([#457]) +- Bump `signature-derive` v1.0.0-pre.3 ([#459]) + +[#457]: https://github.com/RustCrypto/traits/pull/457 +[#459]: https://github.com/RustCrypto/traits/pull/459 + +## 1.2.2 (2020-07-29) +### Added +- `RandomizedDigestSigner` ([#235]) + +[#235]: https://github.com/RustCrypto/traits/pull/235 + +## 1.2.1 (2020-07-29) +### Removed +- RNG generic parameter `R` from `RandomizedSigner` ([#231]) + +[#231]: https://github.com/RustCrypto/traits/pull/231 + +## 1.2.0 (2020-07-29) [YANKED] +- Note: this release was published without the intended changes + +## 1.1.0 (2020-06-09) +### Changed +- Upgrade `digest` to v0.9; MSRV 1.41+ ([#186]) + +[#186]: https://github.com/RustCrypto/traits/pull/186 + +## 1.0.1 (2020-04-19) +### Changed +- Upgrade `signature_derive` to v1.0.0-pre.2 ([#98]) + +[#98]: https://github.com/RustCrypto/traits/pull/98 + +## 1.0.0 (2020-04-18) + +Initial 1.0 release! 🎉 + +### Changed +- Rename `DigestSignature` => `PrehashSignature` ([#96]) + +[#96]: https://github.com/RustCrypto/traits/pull/96 + +## 1.0.0-pre.5 (2020-03-16) +### Changed +- Improve `Debug` impl on `Error` ([#89]) +- Rename `Signature::as_slice` -> `as_bytes` ([#87]) + +[#89]: https://github.com/RustCrypto/traits/pull/89 +[#87]: https://github.com/RustCrypto/traits/pull/87 + +## 1.0.0-pre.4 (2020-03-15) +### Added +- Mark preview features as unstable in `Cargo.toml` ([#82]) + +### Changed +- Have `Signature::from_bytes` take a byte slice ([#84]) +- Ensure `Error::new()` is mandatory ([#83]) + +### Removed +- `BoxError` type alias ([#81]) + +[#84]: https://github.com/RustCrypto/traits/pull/84 +[#83]: https://github.com/RustCrypto/traits/pull/83 +[#82]: https://github.com/RustCrypto/traits/pull/82 +[#81]: https://github.com/RustCrypto/traits/pull/81 + +## 1.0.0-pre.3 (2020-03-08) +### Fixed +- docs.rs rendering ([#76]) + +[#76]: https://github.com/RustCrypto/traits/pull/76 + +## 1.0.0-pre.2 (2020-03-08) +### Added +- `RandomizedSigner` trait ([#73]) +- Design documentation ([#72]) + +### Changed +- Error cleanups ([#74]) +- Crate moved to `RustCrypto/traits` ([#71]) + +[#74]: https://github.com/RustCrypto/traits/pull/74 +[#73]: https://github.com/RustCrypto/traits/pull/73 +[#72]: https://github.com/RustCrypto/traits/pull/72 +[#71]: https://github.com/RustCrypto/traits/pull/71 + +## 1.0.0-pre.1 (2019-10-27) +### Changed +- Use `Error::source` instead of `::cause` ([RustCrypto/signatures#37]) + +### Removed +- Remove `alloc` feature; MSRV 1.34+ ([RustCrypto/signatures#38]) + +[RustCrypto/signatures#38]: https://github.com/RustCrypto/signatures/pull/38 +[RustCrypto/signatures#37]: https://github.com/RustCrypto/signatures/pull/37 + +## 1.0.0-pre.0 (2019-10-11) +### Changed +- Revert removal of `DigestSignature` ([RustCrypto/signatures#33]) +- 1.0 stabilization proposal ([RustCrypto/signatures#32]) + +[RustCrypto/signatures#33]: https://github.com/RustCrypto/signatures/pull/33 +[RustCrypto/signatures#32]: https://github.com/RustCrypto/signatures/pull/32 + +## 0.3.0 (2019-10-10) +### Changed +- Simplify alloc gating; MSRV 1.36+ ([RustCrypto/signatures#28]) +- Replace `DigestSignature` trait with `#[digest(...)]` attribute ([RustCrypto/signatures#27]) +- signature_derive: Upgrade to 1.x proc macro crates ([RustCrypto/signatures#26]) + +[RustCrypto/signatures#28]: https://github.com/RustCrypto/signatures/pull/28 +[RustCrypto/signatures#27]: https://github.com/RustCrypto/signatures/pull/27 +[RustCrypto/signatures#26]: https://github.com/RustCrypto/signatures/pull/27 + +## 0.2.0 (2019-06-06) +### Added +- `signature_derive`: Custom derive support for `Signer`/`Verifier` ([RustCrypto/signatures#18]) + +### Changed +- Have `DigestSigner`/`DigestVerifier` take `Digest` instance ([RustCrypto/signatures#17]) + +[RustCrypto/signatures#18]: https://github.com/RustCrypto/signatures/pull/18 +[RustCrypto/signatures#17]: https://github.com/RustCrypto/signatures/pull/17 + +## 0.1.0 (2019-05-25) + +- Initial release diff --git a/vendor/signature/Cargo.toml b/vendor/signature/Cargo.toml new file mode 100644 index 000000000..fa83ff6a1 --- /dev/null +++ b/vendor/signature/Cargo.toml @@ -0,0 +1,72 @@ +# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO +# +# When uploading crates to the registry Cargo will automatically +# "normalize" Cargo.toml files for maximal compatibility +# with all versions of Cargo and also rewrite `path` dependencies +# to registry (e.g., crates.io) dependencies. +# +# If you are reading this file be aware that the original Cargo.toml +# will likely look very different (and much more reasonable). +# See Cargo.toml.orig for the original contents. + +[package] +edition = "2021" +rust-version = "1.56" +name = "signature" +version = "1.6.4" +authors = ["RustCrypto Developers"] +description = "Traits for cryptographic signature algorithms (e.g. ECDSA, Ed25519)" +documentation = "https://docs.rs/signature" +readme = "README.md" +keywords = [ + "crypto", + "ecdsa", + "ed25519", + "signature", + "signing", +] +categories = [ + "cryptography", + "no-std", +] +license = "Apache-2.0 OR MIT" +repository = "https://github.com/RustCrypto/traits/tree/master/signature" + +[package.metadata.docs.rs] +all-features = true +rustdoc-args = [ + "--cfg", + "docsrs", +] + +[dependencies.digest] +version = "0.10.3" +optional = true +default-features = false + +[dependencies.rand_core] +version = "0.6" +optional = true +default-features = false + +[dependencies.signature_derive] +version = "=1.0.0-pre.7" +optional = true + +[dev-dependencies.hex-literal] +version = "0.3" + +[dev-dependencies.sha2] +version = "0.10" +default-features = false + +[features] +default = ["std"] +derive-preview = [ + "digest-preview", + "signature_derive", +] +digest-preview = ["digest"] +hazmat-preview = [] +rand-preview = ["rand_core"] +std = [] diff --git a/vendor/signature/LICENSE-APACHE b/vendor/signature/LICENSE-APACHE new file mode 100644 index 000000000..78173fa2e --- /dev/null +++ b/vendor/signature/LICENSE-APACHE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/vendor/signature/LICENSE-MIT b/vendor/signature/LICENSE-MIT new file mode 100644 index 000000000..81a3d57ac --- /dev/null +++ b/vendor/signature/LICENSE-MIT @@ -0,0 +1,25 @@ +Copyright (c) 2018-2022 RustCrypto Developers + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/vendor/signature/README.md b/vendor/signature/README.md new file mode 100644 index 000000000..a1a6fa4ae --- /dev/null +++ b/vendor/signature/README.md @@ -0,0 +1,72 @@ +# RustCrypto: Digital Signature Algorithms + +[![crate][crate-image]][crate-link] +[![Docs][docs-image]][docs-link] +[![Build Status][build-image]][build-link] +![Apache2/MIT licensed][license-image] +![Rust Version][rustc-image] +[![Project Chat][chat-image]][chat-link] + +This crate contains traits which provide generic, object-safe APIs for +generating and verifying [digital signatures][1]. + +Used by the [`ecdsa`][2] and [`ed25519`][3] crates, with forthcoming support +in the [`rsa`][4] crate. + +See also the [Signatory][5] crate for trait wrappers for using these traits +with many popular Rust cryptography crates, including `ed25519-dalek`, *ring*, +`secp256k1-rs`, and `sodiumoxide`. + +[Documentation][docs-link] + +## Minimum Supported Rust Version + +Rust **1.56** or higher. + +Minimum supported Rust version can be changed in the future, but it will be +done with a minor version bump. + +## SemVer Policy + +- All on-by-default features of this library are covered by SemVer +- MSRV is considered exempt from SemVer as noted above +- The off-by-default features `derive-preview` and `digest-preview` are + unstable "preview" features which are also considered exempt from SemVer. + Breaking changes to these features will, like MSRV, be done with a minor + version bump. + +## License + +Licensed under either of + + * [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0) + * [MIT license](http://opensource.org/licenses/MIT) + +at your option. + +### Contribution + +Unless you explicitly state otherwise, any contribution intentionally submitted +for inclusion in the work by you, as defined in the Apache-2.0 license, shall be +dual licensed as above, without any additional terms or conditions. + +[//]: # (badges) + +[crate-image]: https://buildstats.info/crate/signature +[crate-link]: https://crates.io/crates/signature +[docs-image]: https://docs.rs/signature/badge.svg +[docs-link]: https://docs.rs/signature/ +[build-image]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml/badge.svg +[build-link]: https://github.com/RustCrypto/traits/actions/workflows/signature.yml +[license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.56+-blue.svg +[chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg +[chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260048-signatures + +[//]: # (general links) + +[1]: https://en.wikipedia.org/wiki/Digital_signature +[2]: https://github.com/RustCrypto/signatures/tree/master/ecdsa +[3]: https://github.com/RustCrypto/signatures/tree/master/ed25519 +[4]: https://github.com/RustCrypto/RSA +[5]: https://docs.rs/signatory diff --git a/vendor/signature/src/error.rs b/vendor/signature/src/error.rs new file mode 100644 index 000000000..06e22d527 --- /dev/null +++ b/vendor/signature/src/error.rs @@ -0,0 +1,108 @@ +//! Signature error types + +use core::fmt::{self, Debug, Display}; + +#[cfg(feature = "std")] +use std::boxed::Box; + +/// Result type. +/// +/// A result with the `signature` crate's [`Error`] type. +pub type Result<T> = core::result::Result<T, Error>; + +/// Signature errors. +/// +/// This type is deliberately opaque as to avoid sidechannel leakage which +/// could potentially be used recover signing private keys or forge signatures +/// (e.g. [BB'06]). +/// +/// When the `std` feature is enabled, it impls [`std::error::Error`] and +/// supports an optional [`std::error::Error::source`], which can be used by +/// things like remote signers (e.g. HSM, KMS) to report I/O or auth errors. +/// +/// [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher +#[derive(Default)] +pub struct Error { + /// Prevent from being instantiated as `Error {}` when the `std` feature + /// is disabled + _private: (), + + /// Source of the error (if applicable). + #[cfg(feature = "std")] + source: Option<Box<dyn std::error::Error + Send + Sync + 'static>>, +} + +impl Error { + /// Create a new error with no associated source + pub fn new() -> Self { + Self::default() + } + + /// Create a new error with an associated source. + /// + /// **NOTE:** The "source" should **NOT** be used to propagate cryptographic + /// errors e.g. signature parsing or verification errors. The intended use + /// cases are for propagating errors related to external signers, e.g. + /// communication/authentication errors with HSMs, KMS, etc. + #[cfg(feature = "std")] + #[cfg_attr(docsrs, doc(cfg(feature = "std")))] + pub fn from_source( + source: impl Into<Box<dyn std::error::Error + Send + Sync + 'static>>, + ) -> Self { + Self { + _private: (), + source: Some(source.into()), + } + } +} + +impl Debug for Error { + #[cfg(not(feature = "std"))] + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.write_str("signature::Error {}") + } + + #[cfg(feature = "std")] + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.write_str("signature::Error { source: ")?; + + if let Some(source) = &self.source { + write!(f, "Some({})", source)?; + } else { + f.write_str("None")?; + } + + f.write_str(" }") + } +} + +impl Display for Error { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.write_str("signature error")?; + + #[cfg(feature = "std")] + { + if let Some(source) = &self.source { + write!(f, ": {}", source)?; + } + } + + Ok(()) + } +} + +#[cfg(feature = "std")] +impl From<Box<dyn std::error::Error + Send + Sync + 'static>> for Error { + fn from(source: Box<dyn std::error::Error + Send + Sync + 'static>) -> Error { + Self::from_source(source) + } +} + +#[cfg(feature = "std")] +impl std::error::Error for Error { + fn source(&self) -> Option<&(dyn std::error::Error + 'static)> { + self.source + .as_ref() + .map(|source| source.as_ref() as &(dyn std::error::Error + 'static)) + } +} diff --git a/vendor/signature/src/hazmat.rs b/vendor/signature/src/hazmat.rs new file mode 100644 index 000000000..8119225c6 --- /dev/null +++ b/vendor/signature/src/hazmat.rs @@ -0,0 +1,75 @@ +//! Hazardous Materials: low-level APIs which can be insecure if misused. +//! +//! The traits in this module are not generally recommended, and should only be +//! used in special cases where they are specifically needed. +//! +//! Using them incorrectly can introduce security vulnerabilities. Please +//! carefully read the documentation before attempting to use them. +//! +//! To use them, enable the `hazmat-preview` crate feature. Note that this +//! feature is semi-unstable and not subject to regular 1.x SemVer guarantees. +//! However, any breaking changes will be accompanied with a minor version bump. + +use crate::{Error, Signature}; + +#[cfg(feature = "rand-preview")] +use crate::rand_core::{CryptoRng, RngCore}; + +/// Sign the provided message prehash, returning a digital signature. +pub trait PrehashSigner<S: Signature> { + /// Attempt to sign the given message digest, returning a digital signature + /// on success, or an error if something went wrong. + /// + /// The `prehash` parameter should be the output of a secure cryptographic + /// hash function. + /// + /// This API takes a `prehash` byte slice as there can potentially be many + /// compatible lengths for the message digest for a given concrete signature + /// algorithm. + /// + /// Allowed lengths are algorithm-dependent and up to a particular + /// implementation to decide. + fn sign_prehash(&self, prehash: &[u8]) -> Result<S, Error>; +} + +/// Sign the provided message prehash using the provided external randomness source, returning a digital signature. +#[cfg(feature = "rand-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))] +pub trait RandomizedPrehashSigner<S: Signature> { + /// Attempt to sign the given message digest, returning a digital signature + /// on success, or an error if something went wrong. + /// + /// The `prehash` parameter should be the output of a secure cryptographic + /// hash function. + /// + /// This API takes a `prehash` byte slice as there can potentially be many + /// compatible lengths for the message digest for a given concrete signature + /// algorithm. + /// + /// Allowed lengths are algorithm-dependent and up to a particular + /// implementation to decide. + fn sign_prehash_with_rng( + &self, + rng: impl CryptoRng + RngCore, + prehash: &[u8], + ) -> Result<S, Error>; +} + +/// Verify the provided message prehash using `Self` (e.g. a public key) +pub trait PrehashVerifier<S: Signature> { + /// Use `Self` to verify that the provided signature for a given message + /// `prehash` is authentic. + /// + /// The `prehash` parameter should be the output of a secure cryptographic + /// hash function. + /// + /// Returns `Error` if it is inauthentic or some other error occurred, or + /// otherwise returns `Ok(())`. + /// + /// # ⚠️ Security Warning + /// + /// If `prehash` is something other than the output of a cryptographically + /// secure hash function, an attacker can potentially forge signatures by + /// solving a system of linear equations. + fn verify_prehash(&self, prehash: &[u8], signature: &S) -> Result<(), Error>; +} diff --git a/vendor/signature/src/keypair.rs b/vendor/signature/src/keypair.rs new file mode 100644 index 000000000..6d9f947c6 --- /dev/null +++ b/vendor/signature/src/keypair.rs @@ -0,0 +1,17 @@ +//! Signing keypairs. + +use crate::Signature; + +/// Signing keypair with an associated verifying key. +/// +/// This represents a type which holds both a signing key and a verifying key. +pub trait Keypair<S: Signature>: AsRef<Self::VerifyingKey> { + /// Verifying key type for this keypair. + type VerifyingKey; + + /// Get the verifying key which can verify signatures produced by the + /// signing key portion of this keypair. + fn verifying_key(&self) -> &Self::VerifyingKey { + self.as_ref() + } +} diff --git a/vendor/signature/src/lib.rs b/vendor/signature/src/lib.rs new file mode 100644 index 000000000..ab504c2ac --- /dev/null +++ b/vendor/signature/src/lib.rs @@ -0,0 +1,195 @@ +#![no_std] +#![doc = include_str!("../README.md")] +#![doc( + html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg", + html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/8f1a9894/logo.svg" +)] +#![cfg_attr(docsrs, feature(doc_cfg))] +#![forbid(unsafe_code)] +#![warn(missing_docs, rust_2018_idioms, unused_qualifications)] + +//! # Design +//! +//! This crate provides a common set of traits for signing and verifying +//! digital signatures intended to be implemented by libraries which produce +//! or contain implementations of digital signature algorithms, and used by +//! libraries which want to produce or verify digital signatures while +//! generically supporting any compatible backend. +//! +//! ## Goals +//! +//! The traits provided by this crate were designed with the following goals +//! in mind: +//! +//! - Provide an easy-to-use, misuse resistant API optimized for consumers +//! (as opposed to implementers) of its traits. +//! - Support common type-safe wrappers around "bag-of-bytes" representations +//! which can be directly parsed from or written to the "wire". +//! - Expose a trait/object-safe API where signers/verifiers spanning multiple +//! homogeneous provider implementations can be seamlessly leveraged together +//! in the same logical "keyring" so long as they operate on the same +//! underlying signature type. +//! - Allow one provider type to potentially implement support (including +//! being generic over) several signature types. +//! - Keep signature algorithm customizations / "knobs" out-of-band from the +//! signing/verification APIs, ideally pushing such concerns into the type +//! system so that algorithm mismatches are caught as type errors. +//! - Opaque error type which minimizes information leaked from cryptographic +//! failures, as "rich" error types in these scenarios are often a source +//! of sidechannel information for attackers (e.g. [BB'06]) +//! +//! [BB'06]: https://en.wikipedia.org/wiki/Daniel_Bleichenbacher +//! +//! ## Implementation +//! +//! To accomplish the above goals, the [`Signer`] and [`Verifier`] traits +//! provided by this are generic over a [`Signature`] return value, and use +//! generic parameters rather than associated types. Notably, they use such +//! a parameter for the return value, allowing it to be inferred by the type +//! checker based on the desired signature type. +//! +//! The [`Signature`] trait is bounded on `AsRef<[u8]>`, enforcing that +//! signature types are thin wrappers around a "bag-of-bytes" +//! serialization. Inspiration for this approach comes from the Ed25519 +//! signature system, which was based on the observation that past +//! systems were not prescriptive about how signatures should be represented +//! on-the-wire, and that lead to a proliferation of different wire formats +//! and confusion about which ones should be used. This crate aims to provide +//! similar simplicity by minimizing the number of steps involved to obtain +//! a serializable signature. +//! +//! ## Alternatives considered +//! +//! This crate is based on over two years of exploration of how to encapsulate +//! digital signature systems in the most flexible, developer-friendly way. +//! During that time many design alternatives were explored, tradeoffs +//! compared, and ultimately the provided API was selected. +//! +//! The tradeoffs made in this API have all been to improve simplicity, +//! ergonomics, type safety, and flexibility for *consumers* of the traits. +//! At times, this has come at a cost to implementers. Below are some concerns +//! we are cognizant of which were considered in the design of the API: +//! +//! - "Bag-of-bytes" serialization precludes signature providers from using +//! their own internal representation of a signature, which can be helpful +//! for many reasons (e.g. advanced signature system features like batch +//! verification). Alternatively each provider could define its own signature +//! type, using a marker trait to identify the particular signature algorithm, +//! have `From` impls for converting to/from `[u8; N]`, and a marker trait +//! for identifying a specific signature algorithm. +//! - Associated types, rather than generic parameters of traits, could allow +//! more customization of the types used by a particular signature system, +//! e.g. using custom error types. +//! +//! It may still make sense to continue to explore the above tradeoffs, but +//! with a *new* set of traits which are intended to be implementor-friendly, +//! rather than consumer friendly. The existing [`Signer`] and [`Verifier`] +//! traits could have blanket impls for the "provider-friendly" traits. +//! However, as noted above this is a design space easily explored after +//! stabilizing the consumer-oriented traits, and thus we consider these +//! more important. +//! +//! That said, below are some caveats of trying to design such traits, and +//! why we haven't actively pursued them: +//! +//! - Generics in the return position are already used to select which trait +//! impl to use, i.e. for a particular signature algorithm/system. Avoiding +//! a unified, concrete signature type adds another dimension to complexity +//! and compiler errors, and in our experience makes them unsuitable for this +//! sort of API. We believe such an API is the natural one for signature +//! systems, reflecting the natural way they are written absent a trait. +//! - Associated types preclude multiple (or generic) implementations of the +//! same trait. These parameters are common in signature systems, notably +//! ones which support different digest algorithms. +//! - Digital signatures are almost always larger than the present 32-entry +//! trait impl limitation on array types, which complicates trait signatures +//! for these types (particularly things like `From` or `Borrow` bounds). +//! This may be more interesting to explore after const generics. +//! +//! ## Unstable features +//! +//! Despite being post-1.0, this crate includes a number of off-by-default +//! unstable features named `*-preview`, each of which depends on a pre-1.0 +//! crate. +//! +//! These features are considered exempt from SemVer. See the +//! [SemVer policy](#semver-policy) above for more information. +//! +//! The following unstable features are presently supported: +//! +//! - `derive-preview`: for implementers of signature systems using +//! [`DigestSigner`] and [`DigestVerifier`], the `derive-preview` feature +//! can be used to derive [`Signer`] and [`Verifier`] traits which prehash +//! the input message using the [`PrehashSignature::Digest`] algorithm for +//! a given [`Signature`] type. When the `derive-preview` feature is enabled +//! import the proc macros with `use signature::{Signer, Verifier}` and then +//! add a `derive(Signer)` or `derive(Verifier)` attribute to the given +//! digest signer/verifier type. Enabling this feature also enables `digest` +//! support (see immediately below). +//! - `digest-preview`: enables the [`DigestSigner`] and [`DigestVerifier`] +//! traits which are based on the [`Digest`] trait from the [`digest`] crate. +//! These traits are used for representing signature systems based on the +//! [Fiat-Shamir heuristic] which compute a random challenge value to sign +//! by computing a cryptographically secure digest of the input message. +//! - `rand-preview`: enables the [`RandomizedSigner`] trait for signature +//! systems which rely on a cryptographically secure random number generator +//! for security. +//! +//! NOTE: the [`async-signature`] crate contains experimental `async` support +//! for [`Signer`] and [`DigestSigner`]. +//! +//! [`async-signature`]: https://docs.rs/async-signature +//! [`digest`]: https://docs.rs/digest/ +//! [`Digest`]: https://docs.rs/digest/latest/digest/trait.Digest.html +//! [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic + +#[cfg(feature = "std")] +extern crate std; + +#[cfg(all(feature = "signature_derive", not(feature = "derive-preview")))] +compile_error!( + "The `signature_derive` feature should not be enabled directly. \ + Use the `derive-preview` feature instead." +); + +#[cfg(all(feature = "digest", not(feature = "digest-preview")))] +compile_error!( + "The `digest` feature should not be enabled directly. \ + Use the `digest-preview` feature instead." +); + +#[cfg(all(feature = "rand_core", not(feature = "rand-preview")))] +compile_error!( + "The `rand_core` feature should not be enabled directly. \ + Use the `rand-preview` feature instead." +); + +#[cfg(feature = "hazmat-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "hazmat-preview")))] +pub mod hazmat; + +mod error; +mod keypair; +mod signature; +mod signer; +mod verifier; + +#[cfg(feature = "derive-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "derive-preview")))] +pub use signature_derive::{Signer, Verifier}; + +#[cfg(all(feature = "derive-preview", feature = "digest-preview"))] +#[cfg_attr( + docsrs, + doc(cfg(all(feature = "derive-preview", feature = "digest-preview"))) +)] +pub use signature_derive::{DigestSigner, DigestVerifier}; + +#[cfg(feature = "digest-preview")] +pub use digest; + +#[cfg(feature = "rand-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))] +pub use rand_core; + +pub use crate::{error::*, keypair::*, signature::*, signer::*, verifier::*}; diff --git a/vendor/signature/src/signature.rs b/vendor/signature/src/signature.rs new file mode 100644 index 000000000..29aa0b845 --- /dev/null +++ b/vendor/signature/src/signature.rs @@ -0,0 +1,68 @@ +//! Signature traits + +use crate::error::Error; +use core::fmt::Debug; + +/// For intra-doc link resolution +#[cfg(feature = "digest-preview")] +#[allow(unused_imports)] +use crate::{ + signer::{DigestSigner, Signer}, + verifier::{DigestVerifier, Verifier}, +}; + +/// Trait impl'd by concrete types that represent digital signatures. +/// +/// Signature types *must* (as mandated by the `AsRef<[u8]>` bound) be a thin +/// wrapper around the "bag-of-bytes" serialized form of a signature which can +/// be directly parsed from or written to the "wire". +/// +/// Inspiration for this approach comes from the Ed25519 signature system, +/// which adopted it based on the observation that past signature systems +/// were not prescriptive about how signatures should be represented +/// on-the-wire, and that lead to a proliferation of different wire formats and +/// confusion about which ones should be used. +/// +/// The [`Signature`] trait aims to provide similar simplicity by minimizing +/// the number of steps involved to obtain a serializable signature and +/// ideally ensuring there is one signature type for any given signature system +/// shared by all "provider" crates. +/// +/// For signature systems which require a more advanced internal representation +/// (e.g. involving decoded scalars or decompressed elliptic curve points) it's +/// recommended that "provider" libraries maintain their own internal signature +/// type and use `From` bounds to provide automatic conversions. +pub trait Signature: AsRef<[u8]> + Debug + Sized { + /// Parse a signature from its byte representation + fn from_bytes(bytes: &[u8]) -> Result<Self, Error>; + + /// Borrow a byte slice representing the serialized form of this signature + fn as_bytes(&self) -> &[u8] { + self.as_ref() + } +} + +/// Marker trait for `Signature` types computable as `𝐒(𝐇(𝒎))` +/// i.e. ones which prehash a message to be signed as `𝐇(𝒎)` +/// +/// Where: +/// +/// - `𝐒`: signature algorithm +/// - `𝐇`: hash (a.k.a. digest) function +/// - `𝒎`: message +/// +/// This approach is relatively common in signature schemes based on the +/// [Fiat-Shamir heuristic]. +/// +/// For signature types that implement this trait, when the `derive-preview` +/// Cargo feature is enabled a custom derive for [`Signer`] is available for any +/// types that impl [`DigestSigner`], and likewise for deriving [`Verifier`] for +/// types which impl [`DigestVerifier`]. +/// +/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic +#[cfg(feature = "digest-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))] +pub trait PrehashSignature: Signature { + /// Preferred `Digest` algorithm to use when computing this signature type. + type Digest: digest::Digest; +} diff --git a/vendor/signature/src/signer.rs b/vendor/signature/src/signer.rs new file mode 100644 index 000000000..c025711fe --- /dev/null +++ b/vendor/signature/src/signer.rs @@ -0,0 +1,136 @@ +//! Traits for generating digital signatures + +use crate::{error::Error, Signature}; + +#[cfg(feature = "digest-preview")] +use crate::digest::Digest; + +#[cfg(feature = "rand-preview")] +use crate::rand_core::{CryptoRng, RngCore}; + +/// Sign the provided message bytestring using `Self` (e.g. a cryptographic key +/// or connection to an HSM), returning a digital signature. +pub trait Signer<S: Signature> { + /// Sign the given message and return a digital signature + fn sign(&self, msg: &[u8]) -> S { + self.try_sign(msg).expect("signature operation failed") + } + + /// Attempt to sign the given message, returning a digital signature on + /// success, or an error if something went wrong. + /// + /// The main intended use case for signing errors is when communicating + /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens. + fn try_sign(&self, msg: &[u8]) -> Result<S, Error>; +} + +/// Sign the provided message bytestring using `&mut Self` (e.g., an evolving +/// cryptographic key), returning a digital signature. +pub trait SignerMut<S: Signature> { + /// Sign the given message, update the state, and return a digital signature + fn sign(&mut self, msg: &[u8]) -> S { + self.try_sign(msg).expect("signature operation failed") + } + + /// Attempt to sign the given message, updating the state, and returning a + /// digital signature on success, or an error if something went wrong. + /// + /// Signing can fail, e.g., if the number of time periods allowed by the + /// current key is exceeded. + fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error>; +} + +// Blanket impl of SignerMut for all Signer types +impl<T, S> SignerMut<S> for T +where + T: Signer<S>, + S: Signature, +{ + fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error> { + T::try_sign(self, msg) + } +} + +/// Sign the given prehashed message [`Digest`] using `Self`. +/// +/// ## Notes +/// +/// This trait is primarily intended for signature algorithms based on the +/// [Fiat-Shamir heuristic], a method for converting an interactive +/// challenge/response-based proof-of-knowledge protocol into an offline +/// digital signature through the use of a random oracle, i.e. a digest +/// function. +/// +/// The security of such protocols critically rests upon the inability of +/// an attacker to solve for the output of the random oracle, as generally +/// otherwise such signature algorithms are a system of linear equations and +/// therefore doing so would allow the attacker to trivially forge signatures. +/// +/// To prevent misuse which would potentially allow this to be possible, this +/// API accepts a [`Digest`] instance, rather than a raw digest value. +/// +/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic +#[cfg(feature = "digest-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))] +pub trait DigestSigner<D, S> +where + D: Digest, + S: Signature, +{ + /// Sign the given prehashed message [`Digest`], returning a signature. + /// + /// Panics in the event of a signing error. + fn sign_digest(&self, digest: D) -> S { + self.try_sign_digest(digest) + .expect("signature operation failed") + } + + /// Attempt to sign the given prehashed message [`Digest`], returning a + /// digital signature on success, or an error if something went wrong. + fn try_sign_digest(&self, digest: D) -> Result<S, Error>; +} + +/// Sign the given message using the provided external randomness source. +#[cfg(feature = "rand-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))] +pub trait RandomizedSigner<S: Signature> { + /// Sign the given message and return a digital signature + fn sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> S { + self.try_sign_with_rng(rng, msg) + .expect("signature operation failed") + } + + /// Attempt to sign the given message, returning a digital signature on + /// success, or an error if something went wrong. + /// + /// The main intended use case for signing errors is when communicating + /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens. + fn try_sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> Result<S, Error>; +} + +/// Combination of [`DigestSigner`] and [`RandomizedSigner`] with support for +/// computing a signature over a digest which requires entropy from an RNG. +#[cfg(all(feature = "digest-preview", feature = "rand-preview"))] +#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))] +#[cfg_attr(docsrs, doc(cfg(feature = "rand-preview")))] +pub trait RandomizedDigestSigner<D, S> +where + D: Digest, + S: Signature, +{ + /// Sign the given prehashed message `Digest`, returning a signature. + /// + /// Panics in the event of a signing error. + fn sign_digest_with_rng(&self, rng: impl CryptoRng + RngCore, digest: D) -> S { + self.try_sign_digest_with_rng(rng, digest) + .expect("signature operation failed") + } + + /// Attempt to sign the given prehashed message `Digest`, returning a + /// digital signature on success, or an error if something went wrong. + fn try_sign_digest_with_rng( + &self, + rng: impl CryptoRng + RngCore, + digest: D, + ) -> Result<S, Error>; +} diff --git a/vendor/signature/src/verifier.rs b/vendor/signature/src/verifier.rs new file mode 100644 index 000000000..4d6efbc2b --- /dev/null +++ b/vendor/signature/src/verifier.rs @@ -0,0 +1,46 @@ +//! Trait for verifying digital signatures + +use crate::{error::Error, Signature}; + +#[cfg(feature = "digest-preview")] +use crate::digest::Digest; + +/// Verify the provided message bytestring using `Self` (e.g. a public key) +pub trait Verifier<S: Signature> { + /// Use `Self` to verify that the provided signature for a given message + /// bytestring is authentic. + /// + /// Returns `Error` if it is inauthentic, or otherwise returns `()`. + fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error>; +} + +/// Verify the provided signature for the given prehashed message [`Digest`] +/// is authentic. +/// +/// ## Notes +/// +/// This trait is primarily intended for signature algorithms based on the +/// [Fiat-Shamir heuristic], a method for converting an interactive +/// challenge/response-based proof-of-knowledge protocol into an offline +/// digital signature through the use of a random oracle, i.e. a digest +/// function. +/// +/// The security of such protocols critically rests upon the inability of +/// an attacker to solve for the output of the random oracle, as generally +/// otherwise such signature algorithms are a system of linear equations and +/// therefore doing so would allow the attacker to trivially forge signatures. +/// +/// To prevent misuse which would potentially allow this to be possible, this +/// API accepts a [`Digest`] instance, rather than a raw digest value. +/// +/// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic +#[cfg(feature = "digest-preview")] +#[cfg_attr(docsrs, doc(cfg(feature = "digest-preview")))] +pub trait DigestVerifier<D, S> +where + D: Digest, + S: Signature, +{ + /// Verify the signature against the given [`Digest`] output. + fn verify_digest(&self, digest: D, signature: &S) -> Result<(), Error>; +} diff --git a/vendor/signature/tests/derive.rs b/vendor/signature/tests/derive.rs new file mode 100644 index 000000000..5048dc682 --- /dev/null +++ b/vendor/signature/tests/derive.rs @@ -0,0 +1,76 @@ +//! Tests for code generated by `signature_derive` + +#![cfg(all(feature = "derive-preview", feature = "hazmat-preview"))] + +use digest::{generic_array::GenericArray, Digest, OutputSizeUser}; +use hex_literal::hex; +use sha2::Sha256; +use signature::{ + hazmat::{PrehashSigner, PrehashVerifier}, + DigestSigner, DigestVerifier, Error, PrehashSignature, Signature, Signer, Verifier, +}; + +/// Test vector to compute SHA-256 digest of +const INPUT_STRING: &[u8] = b"abc"; + +/// Expected SHA-256 digest for the input string +const INPUT_STRING_DIGEST: [u8; 32] = + hex!("ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad"); + +/// Dummy signature which just contains a digest output +#[derive(Debug)] +struct DummySignature(GenericArray<u8, <Sha256 as OutputSizeUser>::OutputSize>); + +impl Signature for DummySignature { + fn from_bytes(bytes: &[u8]) -> Result<Self, Error> { + Ok(DummySignature(GenericArray::clone_from_slice( + bytes.as_ref(), + ))) + } +} + +impl AsRef<[u8]> for DummySignature { + fn as_ref(&self) -> &[u8] { + self.0.as_ref() + } +} + +impl PrehashSignature for DummySignature { + type Digest = Sha256; +} + +/// Dummy signer which just returns the message digest as a `DummySignature` +#[derive(Signer, DigestSigner, Default)] +struct DummySigner {} + +impl PrehashSigner<DummySignature> for DummySigner { + fn sign_prehash(&self, prehash: &[u8]) -> signature::Result<DummySignature> { + DummySignature::from_bytes(prehash) + } +} + +/// Dummy verifier which ensures the `DummySignature` digest matches the +/// expected value. +/// +/// Panics (via `assert_eq!`) if the value is not what is expected. +#[derive(Verifier, DigestVerifier, Default)] +struct DummyVerifier {} + +impl PrehashVerifier<DummySignature> for DummyVerifier { + fn verify_prehash(&self, prehash: &[u8], signature: &DummySignature) -> signature::Result<()> { + assert_eq!(signature.as_ref(), prehash); + Ok(()) + } +} + +#[test] +fn derived_signer_impl() { + let sig: DummySignature = DummySigner::default().sign(INPUT_STRING); + assert_eq!(sig.as_ref(), INPUT_STRING_DIGEST.as_ref()) +} + +#[test] +fn derived_verifier_impl() { + let sig: DummySignature = DummySigner::default().sign(INPUT_STRING); + assert!(DummyVerifier::default().verify(INPUT_STRING, &sig).is_ok()); +} |