Crate signature 

RustCrypto: Digital Signature Algorithms

This crate contains traits which provide generic type-safe APIs for generating and verifying digital signatures.

Supported crates

The following crates are implemented using traits from the signature crate:

RustCrypto crates

• dsa
• ecdsa
• ed25519
• ed448
• ed448-goldilocks
• lms
• ml-dsa
• slh-dsa
• sm2
• rsa

Third-party crates

• ed25519-dalek
• yubihsm

SemVer Policy Exemptions

• The off-by-default features digest and rand_core are unstable features which are also considered exempt from SemVer as they correspond to pre-1.0 crates which are still subject to changes. Breaking changes to these features will, like MSRV, be done with a minor version bump.

License

Licensed under either of

• Apache License, Version 2.0
• MIT license

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Design

This crate provides a common set of traits for signing and verifying digital signatures intended to be implemented by libraries which produce or contain implementations of digital signature algorithms, and used by libraries which want to produce or verify digital signatures generically.

Unstable features

Despite being post-1.0, this crate includes off-by-default unstable optional features, each of which depends on a pre-1.0 crate.

These features are considered exempt from SemVer. See “SemVer Policy Exemptions” for more information.

The following unstable features are presently supported:

• digest: enables the DigestSigner and DigestVerifier traits which are based on the Digest trait from the digest crate.
• rand_core: enables the RandomizedSigner trait for signature systems which rely on a cryptographically secure random number generator for security.

Re-exports

pub use digest;digest

pub use rand_core;rand_core

Modules

hazmat

Hazardous Materials: low-level APIs which can be insecure if misused.

Structs

Error

Signature errors.

Traits

AsyncDigestSignerdigest

Asynchronously sign the given prehashed message Digest using Self.

AsyncDigestVerifierdigest

Asynchronously verify the provided signature for the given prehashed message Digest is authentic.

AsyncMultipartVerifier

Asynchronous equivalent of MultipartVerifier where the message is provided in non-contiguous byte slices.

AsyncRandomizedSignerrand_core

Sign the given message using the provided external randomness source.

AsyncSigner

Asynchronously sign the provided message bytestring using Self (e.g. client for a Cloud KMS or HSM), returning a digital signature.

AsyncVerifier

Asynchronously verify the provided message bytestring using Self.

DigestSignerdigest

Sign the given prehashed message Digest using Self.

DigestVerifierdigest

Verify the provided signature for the given prehashed message Digest is authentic.

Keypair

Signing keypair with an associated verifying key.

KeypairRef

Signing keypair with an associated verifying key.

MultipartSigner

Equivalent of Signer but the message is provided in non-contiguous byte slices.

MultipartVerifier

Equivalent of Verifier but the message is provided in non-contiguous byte slices.

RandomizedDigestSignerdigest and rand_core

Combination of DigestSigner and RandomizedSigner with support for computing a signature over a digest which requires entropy from an RNG.

RandomizedMultipartSignerrand_core

Equivalent of RandomizedSigner but the message is provided in non-contiguous byte slices.

RandomizedMultipartSignerMutrand_core

Equivalent of RandomizedSignerMut but the message is provided in non-contiguous byte slices.

RandomizedSignerrand_core

Sign the given message using the provided external randomness source.

RandomizedSignerMutrand_core

Sign the provided message bytestring using &mut Self (e.g. an evolving cryptographic key such as a stateful hash-based signature), and a per-signature randomizer, returning a digital signature.

SignatureEncoding

Support for decoding/encoding signatures as bytes.

Signer

Sign the provided message bytestring using Self (e.g. a cryptographic key or connection to an HSM), returning a digital signature.

SignerMut

Sign the provided message bytestring using &mut Self (e.g. an evolving cryptographic key such as a stateful hash-based signature), returning a digital signature.

Verifier

Verify the provided message bytestring using Self (e.g. a public key).

Type Aliases

Result

Result type.