Signatory: a multi-provider digital signature library
This crate provides a thread-and-object-safe API for both creating and verifying elliptic curve digital signatures, using either software-based or hardware-based providers.
The following algorithms are supported:
- ecdsa: Elliptic Curve Digital Signature Algorithm (FIPS 186-4)
- ed25519: Edwards Digital Signature Algorithm (EdDSA) instantiated using the twisted Edwards form of Curve25519 (RFC 8032).
There are several backend providers available, which are each available in their own crates:
- signatory-dalek: Ed25519 signing/verification using the pure-Rust ed25519-dalek crate.
- signatory-ring: ECDSA and Ed25519 signing/verification provider for the ring cryptography library.
- signatory-secp256k1: ECDSA signing/verification for the secp256k1 elliptic curve (commonly used by Bitcoin and other cryptocurrrencies) which wraps the libsecp256k1 library from Bitcoin Core.
- signatory-sodiumoxide: Ed25519 signing/verification with the sodiumoxide crate, a Rust wrapper for libsodium (NOTE: requires libsodium to be installed on the system)
- yubihsm-rs: ECDSA and Ed25519 signing provider support for
private keys stored in a
YubiHSM2hardware device, via the Signatory signers types in the yubihsm-rs crate (yubihsm::ecdsa::Signer and yubihsm::ed25519::Signer).
The Elliptic Curve Digital Signature Algorithm (ECDSA) as specified in FIPS 186-4 (Digital Signature Standard)
Ed25519: Schnorr signatures using the twisted Edwards form of Curve25519
Support for encoding and decoding serialization formats (hex and Base64) with implementations that do not branch on potentially secret data, such as cryptographic keys.
Traits for public keys
Test vector structure for signatures
Generate tests for Ed25519