dcrypt_api/traits/
signature.rs

1//! Trait definition for digital signature schemes with enhanced type safety
2//!
3//! This module provides a type-safe interface for digital signature schemes,
4//! with strong typing for keys and signatures.
5
6use crate::Result;
7use rand::{CryptoRng, RngCore};
8use zeroize::Zeroize;
9
10/// Trait for digital signature schemes with domain-specific types
11pub trait Signature {
12    /// Public key type
13    type PublicKey: AsRef<[u8]> + AsMut<[u8]> + Clone;
14
15    /// Secret key type with security guarantees
16    type SecretKey: Zeroize + AsRef<[u8]> + AsMut<[u8]> + Clone;
17
18    /// Signature type
19    type SignatureData: AsRef<[u8]> + AsMut<[u8]> + Clone;
20
21    /// Keypair type for efficient storage of related keys
22    type KeyPair: Clone;
23
24    /// Returns the signature algorithm name
25    fn name() -> &'static str;
26
27    /// Generate a new keypair
28    fn keypair<R: CryptoRng + RngCore>(rng: &mut R) -> Result<Self::KeyPair>;
29
30    /// Extract public key from keypair
31    fn public_key(keypair: &Self::KeyPair) -> Self::PublicKey;
32
33    /// Extract secret key from keypair
34    fn secret_key(keypair: &Self::KeyPair) -> Self::SecretKey;
35
36    /// Sign a message using the secret key
37    fn sign(message: &[u8], secret_key: &Self::SecretKey) -> Result<Self::SignatureData>;
38
39    /// Verify a signature on a message using the public key
40    fn verify(
41        message: &[u8],
42        signature: &Self::SignatureData,
43        public_key: &Self::PublicKey,
44    ) -> Result<()>;
45
46    /// Sign multiple messages in batch (may be more efficient for some algorithms)
47    fn batch_sign(
48        messages: &[&[u8]],
49        secret_key: &Self::SecretKey,
50    ) -> Result<Vec<Self::SignatureData>> {
51        // Default implementation just calls sign for each message
52        messages
53            .iter()
54            .map(|message| Self::sign(message, secret_key))
55            .collect()
56    }
57
58    /// Verify multiple signatures in batch (may be more efficient for some algorithms)
59    fn batch_verify(
60        message_signature_pairs: &[(&[u8], &Self::SignatureData)],
61        public_key: &Self::PublicKey,
62    ) -> Result<()> {
63        // Default implementation just calls verify for each pair
64        for (message, signature) in message_signature_pairs {
65            Self::verify(message, signature, public_key)?;
66        }
67        Ok(())
68    }
69}