keetanetwork-crypto 0.2.0

Cryptographic primitives and operations for Keetanetwork
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

//! Digital signature operations using RustCrypto patterns.
//!
//! This module provides idiomatic traits and types for cryptographic signing
//! and verification operations, leveraging the RustCrypto ecosystem.

use alloc::vec::Vec;

use crate::algorithms::CryptoAlgorithm;

// Re-export key RustCrypto signature traits for easier use
pub use signature::{
	DigestSigner, DigestVerifier, Error as SignatureError, Keypair, RandomizedSigner, Signer, Verifier,
};

/// Core cryptographic signing operations.
///
/// This trait extends RustCrypto's Signer trait with additional functionality
/// needed for our cryptographic operations.
pub trait CryptoSigner<S>: CryptoAlgorithm + Signer<S> {
	/// Check if this signer has access to the private key
	fn has_private_key(&self) -> bool;
}

/// Core cryptographic verification operations.
///
/// This trait extends RustCrypto's Verifier trait with additional functionality
/// needed for our cryptographic operations.
pub trait CryptoVerifier<S>: CryptoAlgorithm + Verifier<S> {
	/// Get the public key bytes for this verifier
	fn public_key_bytes(&self) -> Vec<u8>;
}

/// Extended cryptographic key pair operations.
pub trait CryptoKeyPair<S>: CryptoAlgorithm + Keypair + Signer<S> + Clone
where
	Self::VerifyingKey: CryptoVerifier<S>,
{
	type SigningKey: CryptoSigner<S>;

	/// Extract the verifying key (public key) from this key pair.
	fn to_public_key(&self) -> Self::VerifyingKey {
		self.verifying_key()
	}

	/// Take ownership of the private key, consuming this key pair.
	/// This is useful when you need to move the private key out of the key pair.
	fn take_private_key(self) -> Self::SigningKey;
}

/// Signing and verification options for cryptographic operations.
///
/// Default options are:
/// - raw: false (will pre-hash the message)
/// - for_cert: false (use SEC format, not DER)
#[derive(Debug, Copy, Clone, Default)]
pub struct SigningOptions {
	/// If true, use the raw message without hashing
	/// If false, pre-hash the message before signing/verification
	pub raw: bool,

	/// For certificate processing
	pub for_cert: bool,
}

impl SigningOptions {
	/// Create options for raw message processing (no pre-hashing)
	pub fn raw() -> Self {
		Self { raw: true, for_cert: false }
	}

	/// Create options for certificate processing
	pub fn for_cert() -> Self {
		Self { raw: false, for_cert: true }
	}
}

/// Extended signing operations with configurable options.
///
/// This trait provides signing operations with additional configuration
/// options for message preprocessing and encoding formats.
pub trait CryptoSignerWithOptions<S>: CryptoSigner<S> {
	/// Sign a message with the specified options.
	fn sign_with_options<T: AsRef<[u8]>>(&self, message: T, options: SigningOptions) -> Result<S, SignatureError>;
}

/// Extended verification operations with configurable options.
///
/// This trait provides verification operations with additional configuration
/// options for message preprocessing and encoding formats.
pub trait CryptoVerifierWithOptions<S>: CryptoVerifier<S> {
	/// Verify a signature against a message using the specified options.
	fn verify_with_options<T: AsRef<[u8]>>(
		&self,
		message: T,
		signature: &S,
		options: SigningOptions,
	) -> Result<(), SignatureError>;
}