signatory 0.5.1

Multi-provider elliptic curve digital signature library with ECDSA and Ed25519 support
Documentation

Signatory

crate Docs Build Status MIT/Apache2 licensed

A pure Rust multi-provider digital signature library with support for elliptic curve digital signature algorithms, namely ECDSA (described in FIPS 186-4) and Ed25519 (described in RFC 8032).

Signatory provides a thread-safe and object-safe API and implements providers for many popular Rust crates, including ed25519-dalek, secp256k1-rs, ring, and sodiumoxide.

Documentation

About

Signatory exposes a thread-and-object-safe API for creating digital signatures which allows several signature providers to be compiled-in and available with specific providers selected at runtime.

Provider Support

Signatory includes the following providers, which can be enabled by selecting the corresponding cargo feature for a given crate:

ECDSA providers

Cargo Feature Crate Type Curve(s)
secp256k1-provider secp256k1-rs Soft secp256k1

Ed25519 providers

Cargo Feature Crate Type Signing Verification
dalek-provider ed25519-dalek Soft 43 k/s 17 k/s
ring-provider ring Soft 31 k/s 10 k/s
sodiumoxide-provider sodiumoxide Soft 38 k/s 14 k/s
yubihsm-provider yubihsm-rs Hard ~8/s N/A

Above benchmarks performed using cargo bench on an Intel Xeon E3-1225 v5 @ 3.30GHz with the nightly cargo feature enabled.

† NOTE: enabled by default

YubiHSM2 Provider Notes

The yubihsm-rs crate depends on the aesni crate, which uses the new "stdsimd" API (coming soon to stable!) to invoke hardware AES instructions via core::arch.

To access these features, you will need both a relatively recent Rust nightly and to pass the following as RUSTFLAGS:

RUSTFLAGS=-Ctarget-feature=+aes`

You can configure your ~/.cargo/config to always pass these flags:

[build]
rustflags = ["-Ctarget-feature=+aes"]

License

Signatory is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT for details.