[−][src]Crate signatory
Signatory: a multi-provider digital signature library
This crate provides a thread-and-object-safe API for both creating and verifying elliptic curve digital signatures, using either software-based or hardware-based providers.
The following algorithms are supported:
- ecdsa: Elliptic Curve Digital Signature Algorithm (FIPS 186-4)
- ed25519: Edwards Digital Signature Algorithm (EdDSA) instantiated using the twisted Edwards form of Curve25519 (RFC 8032).
Providers
There are several backend providers available, which are each available in their own crates:
- signatory-dalek: Ed25519 signing/verification using the pure-Rust ed25519-dalek crate.
- signatory-ring: ECDSA and Ed25519 signing/verification provider for the ring cryptography library.
- signatory-secp256k1: ECDSA signing/verification for the secp256k1 elliptic curve (commonly used by Bitcoin and other cryptocurrrencies) which wraps the libsecp256k1 library from Bitcoin Core.
- signatory-sodiumoxide: Ed25519 signing/verification with the sodiumoxide crate, a Rust wrapper for libsodium (NOTE: requires libsodium to be installed on the system)
- signatory-yubihsm: ECDSA and Ed25519 signing provider which uses
private keys stored in a
YubiHSM2
hardware device, via the yubihsm-rs crate.
Signing API
Signatory provides the following convenience methods for signing. Each of them dispatches through a trait object for the given trait:
- signatory::sign - sign a byte slice using a given signing provider. This method wraps the Signer trait and is most useful for computing ed25519 signatures.
- signatory::sign_digest - sign the given precomputed digest using the given signing provider, a.k.a. Initialize-Update-Finalize (IUF). This method wraps the DigestSigner trait and is most useful for signing large messages in conjunction with hardware-backed signers.
- signatory::sign_sha256, signatory::sign_sha384, signatory::sign_sha512 - sign the given message after first computing its SHA-2 digest. These methods wrap the Sha256Signer, Sha384Signer, and Sha512Signer traits respectively, and are most useful in conjunction with ecdsa.
Each of these methods and traits is generic around the signature type. This makes it important to annotate the particular type of signature which you would like when using them, e.g.
use signatory::{self, ed25519}; let sig: ed25519::Signature = signatory::sign(signer, &msg).unwrap();
Or use the turbofish:
use signatory::{self, ed25519}; let sig = signatory::sign::<ed25519::Signature>(signer, &msg).unwrap();
Alternatively, for Ed25519 signatures, the ed25519 module provides methods which operate on concrete Ed25519 types.
Verifier API
Signatory provides the following convenience methods for verifying signatures, which map 1:1 to the methods provided for signing:
- signatory::verify - verify a byte slice using a given provider. This method wraps the Verifier trait and is most useful for verifying ed25519 signatures.
- signatory::verify_digest - verify the given precomputed message digest against the provided signature, i.e. IUF. This method wraps the DigestVerifier trait and is most useful for verifying large messages in conjunction with hardware-backed signers.
- signatory::verify_sha256, signatory::verify_sha384, signatory::verify_sha512 - verify the given message after first computing its SHA-2 digest. These methods wrap the Sha256Verifier, Sha384Verifier, and Sha512Verifier traits respectively, and are most useful in conjunction with ecdsa.
Re-exports
pub extern crate digest; |
pub extern crate generic_array; |
pub use crate::encoding::*; |
pub use crate::error::Error; |
pub use crate::error::ErrorKind; |
Modules
ecdsa | The Elliptic Curve Digital Signature Algorithm (ECDSA) as specified in FIPS 186-4 (Digital Signature Standard) |
ed25519 | Ed25519: Schnorr signatures using the twisted Edwards form of Curve25519 |
encoding | Support for encoding and decoding serialization formats (hex and Base64) with implementations that do not branch on potentially secret data, such as cryptographic keys. |
error | Error types |
Structs
EcdsaSecretKey | Raw ECDSA secret keys: raw scalar value |
Ed25519PublicKey | Ed25519 public keys |
Ed25519Seed | Ed25519 seeds: derivation secrets for Ed25519 private scalars/nonce prefixes |
Ed25519Signature | Ed25519 signatures |
Enums
EcdsaPublicKey | ECDSA public keys |
Traits
Digest | The |
DigestSigner | Trait for signers which take a prehashed |
DigestVerifier | Trait for verifiers which take a prehashed |
EcdsaSignature | Marker trait for ECDSA signatures |
PublicKey | Common trait for all public keys |
PublicKeyed | Signers which know their public keys (to be implemented by Signatory providers) |
Sha256Signer | Signer which computes SHA-256 digests of messages |
Sha256Verifier | Verifier which computes SHA-256 digests of messages |
Sha384Signer | Signer which computes SHA-384 digests of messages |
Sha384Verifier | Verifier which computes SHA-384 digests of messages |
Sha512Signer | Signer which computes SHA-512 digests of messages |
Sha512Verifier | Verifier which computes SHA-512 digests of messages |
Signature | Common trait for all signatures |
Signer | Trait for all signers which accept a message (byte slice) and produce a signature of that message using this signer's private key. |
Verifier | Trait for all verifiers which accept a message (byte slice) and signature |
Functions
public_key | Get the public key for the given public keyed object (i.e. a |
sign | Sign the given message (byte slice) with the given |
sign_digest | Sign the given prehashed |
sign_sha256 | Compute SHA-256 of the given message and then sign the resulting digest.
This can be used to avoid importing the |
sign_sha384 | Compute SHA-384 of the given message and then sign the resulting digest.
This can be used to avoid importing the |
sign_sha512 | Compute SHA-512 of the given message and then sign the resulting digest.
This can be used to avoid importing the |
verify | Verify the given message (byte slice) with the given |
verify_digest | Verify the given prehashed |
verify_sha256 | Verify SHA-256 of the given message and then sign the resulting digest.
This can be used to avoid importing the |
verify_sha384 | Verify SHA-384 of the given message and then sign the resulting digest.
This can be used to avoid importing the |
verify_sha512 | Verify SHA-512 of the given message and then sign the resulting digest.
This can be used to avoid importing the |