Skip to main content

oxicrypto_core/traits/
sig.rs

1use alloc::vec::Vec;
2
3use crate::{CryptoError, KeyPair, SecretVec};
4
5/// Asymmetric signing operation.
6///
7/// When the `debug` Cargo feature is enabled this trait gains `Debug` as a
8/// supertrait, enabling `Box<dyn Signer>` to be formatted with `{:?}`.
9pub trait Signer: Send + Sync + crate::traits::MaybeDebug {
10    /// Human-readable algorithm identifier (e.g. `"Ed25519"`).
11    #[must_use]
12    fn name(&self) -> &'static str;
13    /// Fixed signature length in bytes.
14    #[must_use]
15    fn signature_len(&self) -> usize;
16    /// Sign `msg` with `sk` (raw secret-key bytes) and write the signature
17    /// into `sig_out`.
18    ///
19    /// Returns the number of bytes written.
20    #[must_use = "result must be checked"]
21    fn sign(&self, sk: &[u8], msg: &[u8], sig_out: &mut [u8]) -> Result<usize, CryptoError>;
22}
23
24/// Asymmetric signature verification.
25///
26/// When the `debug` Cargo feature is enabled this trait gains `Debug` as a
27/// supertrait, enabling `Box<dyn Verifier>` to be formatted with `{:?}`.
28pub trait Verifier: Send + Sync + crate::traits::MaybeDebug {
29    /// Human-readable algorithm identifier (e.g. `"Ed25519"`).
30    #[must_use]
31    fn name(&self) -> &'static str;
32    /// Verify `sig` over `msg` with `pk` (raw public-key bytes).
33    ///
34    /// Returns [`CryptoError::InvalidTag`] on verification failure.
35    #[must_use = "result must be checked"]
36    fn verify(&self, pk: &[u8], msg: &[u8], sig: &[u8]) -> Result<(), CryptoError>;
37}
38
39/// Key pair generator for asymmetric algorithms.
40///
41/// When the `debug` Cargo feature is enabled this trait gains `Debug` as a
42/// supertrait, enabling `Box<dyn KeyGenerator>` to be formatted with `{:?}`.
43pub trait KeyGenerator: Send + Sync + crate::traits::MaybeDebug {
44    /// Human-readable algorithm identifier (e.g. `"Ed25519"`).
45    #[must_use]
46    fn name(&self) -> &'static str;
47    /// Generate a fresh key pair.
48    ///
49    /// Returns `(secret_key, public_key)` wrapped in [`KeyPair`].
50    /// The secret half uses [`SecretVec`] (auto-zeroized on drop).
51    #[must_use = "result must be checked"]
52    fn generate_keypair(&self) -> Result<KeyPair<SecretVec, Vec<u8>>, CryptoError>;
53}