Signature

ecdsa

Struct Signature 

Source 
pub struct Signature<C: EcdsaCurve> { /* private fields */ }
Expand description

ECDSA signature (fixed-size, a.k.a. IEEE P1363). Generic over elliptic curve types.

Serialized as fixed-sized big endian scalar values with no added framing:

  • r: field element size for the given curve, big-endian
  • s: field element size for the given curve, big-endian

Both r and s MUST be non-zero.

For example, in a curve with a 256-bit modulus like NIST P-256 or secp256k1, r and s will both be 32-bytes and serialized as big endian, resulting in a signature with a total of 64-bytes.

ASN.1 DER-encoded signatures also supported via the Signature::from_der and Signature::to_der methods.

§serde support

When the serde feature of this crate is enabled, it provides support for serializing and deserializing ECDSA signatures using the Serialize and Deserialize traits.

The serialization uses a hexadecimal encoding when used with “human readable” text formats, and a binary encoding otherwise.

Implementations§

Source§

impl<C> Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source

pub fn from_bytes(bytes: &SignatureBytes<C>) -> Result<Self>

Parse a signature from fixed-width bytes, i.e. 2 * the size of FieldBytes for a particular curve.

§Returns
  • Ok(signature) if the r and s components are both in the valid range 1..n when serialized as concatenated big endian integers.
  • Err(err) if the r and/or s component of the signature is out-of-range when interpreted as a big endian integer.
Source

pub fn from_slice(slice: &[u8]) -> Result<Self>

Parse a signature from a byte slice.

Source

pub fn from_der(bytes: &[u8]) -> Result<Self>
where MaxSize<C>: ArraySize, <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,

Available on crate feature der only.

Parse a signature from ASN.1 DER.

Source

pub fn from_scalars( r: impl Into<FieldBytes<C>>, s: impl Into<FieldBytes<C>>, ) -> Result<Self>

Create a Signature from the serialized r and s scalar values which comprise the signature.

§Returns
  • Ok(signature) if the r and s components are both in the valid range 1..n when serialized as concatenated big endian integers.
  • Err(err) if the r and/or s component of the signature is out-of-range when interpreted as a big endian integer.
Source

pub fn split_bytes(&self) -> (FieldBytes<C>, FieldBytes<C>)

Split the signature into its r and s components, represented as bytes.

Source

pub fn to_bytes(&self) -> SignatureBytes<C>

Serialize this signature as bytes.

Source

pub fn to_der(&self) -> Signature<C>
where MaxSize<C>: ArraySize, <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,

Available on crate feature der only.

Serialize this signature as ASN.1 DER.

Source

pub fn to_vec(&self) -> Vec<u8>

Available on crate feature alloc only.

Convert this signature into a byte vector.

Source§

impl<C> Signature<C>
where C: EcdsaCurve + CurveArithmetic, SignatureSize<C>: ArraySize,

Source

pub fn r(&self) -> NonZeroScalar<C>

Available on crate feature arithmetic only.

Get the r component of this signature

Source

pub fn s(&self) -> NonZeroScalar<C>

Available on crate feature arithmetic only.

Get the s component of this signature

Source

pub fn split_scalars(&self) -> (NonZeroScalar<C>, NonZeroScalar<C>)

Available on crate feature arithmetic only.

Split the signature into its r and s scalars.

Source

pub fn normalize_s(&self) -> Self

Available on crate feature arithmetic only.

Normalize signature into “low S” form as described in BIP 0062: Dealing with Malleability.

Trait Implementations§

Source§

impl<C> AssociatedAlgorithmIdentifier for Signature<C>
where C: EcdsaCurve, Self: AssociatedOid,

Available on crate feature pkcs8 only.

ECDSA AlgorithmIdentifier which identifies the digest used by default with the Signer and Verifier traits.

Source§

const ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static>

AlgorithmIdentifier for this structure.
Source§

type Params = AnyRef<'static>

Algorithm parameters.
Source§

impl<C> AssociatedOid for Signature<C>
where C: DigestAlgorithm, C::Digest: AssociatedOid,

Available on crate features digest and hazmat only.

ECDSA ObjectIdentifier which identifies the digest used by default with the Signer and Verifier traits.

To support non-default digest algorithms, use the SignatureWithOid type instead.

Source§

const OID: ObjectIdentifier

The OID associated with this type.
Source§

impl<C: Clone + EcdsaCurve> Clone for Signature<C>

Source§

fn clone(&self) -> Signature<C>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<C> Debug for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de, C> Deserialize<'de> for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Available on crate feature serde only.
Source§

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl<C, D> DigestSigner<D, Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest + FixedOutput, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.

Sign message digest using a deterministic ephemeral scalar (k) computed using the algorithm described in RFC6979 § 3.2.

Source§

fn try_sign_digest<F: Fn(&mut D) -> Result<()>>( &self, f: F, ) -> Result<Signature<C>>

Attempt to sign a message by updating the received Digest with it, returning a digital signature on success, or an error if something went wrong. Read more
Source§

fn sign_digest<F>(&self, f: F) -> S
where F: Fn(&mut D),

Sign a message by updating the received Digest with it, returning a signature. Read more
Source§

impl<C, D> DigestVerifier<D, Signature<C>> for VerifyingKey<C>
where C: EcdsaCurve + CurveArithmetic, D: Digest + FixedOutput, SignatureSize<C>: ArraySize,

Available on crate feature verifying only.
Source§

fn verify_digest<F: Fn(&mut D) -> Result<()>>( &self, f: F, signature: &Signature<C>, ) -> Result<()>

Verify the signature against the received Digest output, by updating it with the message. Read more
Source§

impl<C> Display for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<C> From<Signature<C>> for SignatureBytes<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

fn from(signature: Signature<C>) -> SignatureBytes<C>

Converts to this type from the input type.
Source§

impl<C> From<Signature<C>> for Signature<C>
where C: EcdsaCurve, MaxSize<C>: ArraySize, <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,

Available on crate feature der only.
Source§

fn from(sig: Signature<C>) -> Signature<C>

Converts to this type from the input type.
Source§

impl<C> From<SignatureWithOid<C>> for Signature<C>
where C: EcdsaCurve,

Available on crate feature digest only.
Source§

fn from(sig: SignatureWithOid<C>) -> Signature<C>

Converts to this type from the input type.
Source§

impl<C> FromStr for Signature<C>
where C: EcdsaCurve + CurveArithmetic, SignatureSize<C>: ArraySize,

Available on crate feature arithmetic only.
Source§

type Err = Error

The associated error which can be returned from parsing.
Source§

fn from_str(hex: &str) -> Result<Self>

Parses a string s to return a value of this type. Read more
Source§

impl<C> LowerHex for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<C> MultipartSigner<Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.
Source§

fn try_multipart_sign(&self, msg: &[&[u8]]) -> Result<Signature<C>, Error>

Equivalent of Signer::try_sign() but the message is provided in non-contiguous byte slices.
Source§

fn multipart_sign(&self, msg: &[&[u8]]) -> S

Equivalent of Signer::sign() but the message is provided in non-contiguous byte slices.
Source§

impl<C> MultipartVerifier<Signature<C>> for VerifyingKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, SignatureSize<C>: ArraySize,

Available on crate feature verifying only.
Source§

fn multipart_verify( &self, msg: &[&[u8]], signature: &Signature<C>, ) -> Result<()>

Equivalent of Verifier::verify() but the message is provided in non-contiguous byte slices.
Source§

impl<C: PartialEq + EcdsaCurve> PartialEq for Signature<C>

Source§

fn eq(&self, other: &Signature<C>) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<C> PrehashSigner<Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.

Sign message prehash using a deterministic ephemeral scalar (k) computed using the algorithm described in RFC6979 § 3.2.

Source§

fn sign_prehash(&self, prehash: &[u8]) -> Result<Signature<C>>

Attempt to sign the given message digest, returning a digital signature on success, or an error if something went wrong. Read more
Source§

impl<C> PrehashVerifier<Signature<C>> for VerifyingKey<C>
where C: EcdsaCurve + CurveArithmetic, SignatureSize<C>: ArraySize,

Available on crate feature verifying only.
Source§

fn verify_prehash(&self, prehash: &[u8], signature: &Signature<C>) -> Result<()>

Use Self to verify that the provided signature for a given message prehash is authentic. Read more
Source§

impl<C, D> RandomizedDigestSigner<D, Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, D: Digest + FixedOutput, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.
Source§

fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized, F: Fn(&mut D) -> Result<()>>( &self, rng: &mut R, f: F, ) -> Result<Signature<C>>

Attempt to sign a message by updating the received Digest with it, returning a digital signature on success, or an error if something went wrong. Read more
Source§

fn sign_digest_with_rng<R, F>(&self, rng: &mut R, f: F) -> S
where R: CryptoRng + ?Sized, F: Fn(&mut D),

Sign a message by updating the received Digest with it, returning a signature. Read more
Source§

impl<C> RandomizedMultipartSigner<Signature<C>> for SigningKey<C>
where Self: RandomizedDigestSigner<C::Digest, Signature<C>>, C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.
Source§

fn try_multipart_sign_with_rng<R: TryCryptoRng + ?Sized>( &self, rng: &mut R, msg: &[&[u8]], ) -> Result<Signature<C>>

Equivalent of RandomizedSigner::try_sign_with_rng() but the message is provided in non-contiguous byte slices.
Source§

fn multipart_sign_with_rng<R>(&self, rng: &mut R, msg: &[&[u8]]) -> S
where R: CryptoRng + ?Sized,

Equivalent of RandomizedSigner::sign_with_rng() but the message is provided in non-contiguous byte slices.
Source§

impl<C> RandomizedPrehashSigner<Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.
Source§

fn sign_prehash_with_rng<R: TryCryptoRng + ?Sized>( &self, rng: &mut R, prehash: &[u8], ) -> Result<Signature<C>>

Attempt to sign the given message digest, returning a digital signature on success, or an error if something went wrong. Read more
Source§

impl<C> RandomizedSigner<Signature<C>> for SigningKey<C>
where Self: RandomizedDigestSigner<C::Digest, Signature<C>>, C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.
Source§

fn try_sign_with_rng<R: TryCryptoRng + ?Sized>( &self, rng: &mut R, msg: &[u8], ) -> Result<Signature<C>>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong. Read more
Source§

fn sign_with_rng<R>(&self, rng: &mut R, msg: &[u8]) -> S
where R: CryptoRng + ?Sized,

Sign the given message and return a digital signature
Source§

impl<C> Serialize for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Available on crate feature serde only.
Source§

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl<C> SignatureEncoding for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

type Repr = Array<u8, <<C as Curve>::FieldBytesSize as Add>::Output>

Byte representation of a signature.
Source§

fn to_bytes(&self) -> Self::Repr

Encode signature as its byte representation.
Source§

fn to_vec(&self) -> Vec<u8>

Encode signature as a byte vector.
Source§

fn encoded_len(&self) -> usize

Get the length of this signature when encoded.
Source§

impl<C> Signer<Signature<C>> for SigningKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, Scalar<C>: Invert<Output = CtOption<Scalar<C>>>, SignatureSize<C>: ArraySize,

Available on crate feature signing only.

Sign message using a deterministic ephemeral scalar (k) computed using the algorithm described in RFC6979 § 3.2.

Source§

fn try_sign(&self, msg: &[u8]) -> Result<Signature<C>>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong. Read more
Source§

fn sign(&self, msg: &[u8]) -> S

Sign the given message and return a digital signature
Source§

impl<C> TryFrom<&[u8]> for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from(slice: &[u8]) -> Result<Self>

Performs the conversion.
Source§

impl<C> TryFrom<Signature<C>> for Signature<C>
where C: EcdsaCurve, MaxSize<C>: ArraySize, <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,

Available on crate feature der only.
Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from(sig: Signature<C>) -> Result<Signature<C>>

Performs the conversion.
Source§

impl<C> UpperHex for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<C> Verifier<Signature<C>> for VerifyingKey<C>
where C: EcdsaCurve + CurveArithmetic + DigestAlgorithm, SignatureSize<C>: ArraySize,

Available on crate feature verifying only.
Source§

fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<()>

Use Self to verify that the provided signature for a given message bytestring is authentic. Read more
Source§

impl<C: EcdsaCurve> Zeroize for Signature<C>

Source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.
Source§

impl<C> Copy for Signature<C>
where C: EcdsaCurve, SignatureSize<C>: ArraySize, <SignatureSize<C> as ArraySize>::ArrayType<u8>: Copy,

Source§

impl<C: Eq + EcdsaCurve> Eq for Signature<C>

Source§

impl<C: EcdsaCurve> StructuralPartialEq for Signature<C>

Auto Trait Implementations§

§

impl<C> Freeze for Signature<C>
where <C as Curve>::Uint: Freeze,

§

impl<C> RefUnwindSafe for Signature<C>
where <C as Curve>::Uint: RefUnwindSafe,

§

impl<C> Send for Signature<C>

§

impl<C> Sync for Signature<C>

§

impl<C> Unpin for Signature<C>
where <C as Curve>::Uint: Unpin,

§

impl<C> UnwindSafe for Signature<C>
where <C as Curve>::Uint: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynAssociatedAlgorithmIdentifier for T
where T: AssociatedAlgorithmIdentifier,

Source§

fn algorithm_identifier(&self) -> Result<AlgorithmIdentifier<Any>, Error>

AlgorithmIdentifier for this structure.
Source§

impl<T> DynAssociatedOid for T
where T: AssociatedOid,

Source§

fn oid(&self) -> ObjectIdentifier

Get the OID associated with this value.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,