chore(deps): bump signature to 3.0.0-pre

Cargo.toml

@@ -19,7 +19,7 @@ subtle = { version = "2.6.1", default-features = false }
 digest = { version = "=0.11.0-pre.10", default-features = false, features = ["alloc", "oid"] }
 pkcs1 = { version = "0.8.0-rc.1", default-features = false, features = ["alloc", "pkcs8"] }
 pkcs8 = { version = "0.11.0-rc.2", default-features = false, features = ["alloc"] }
-signature = { version = "=2.3.0-pre.6", default-features = false, features = ["alloc", "digest", "rand_core"] }
+signature = { version = "=3.0.0-pre", default-features = false, features = ["alloc", "digest", "rand_core"] }
 spki = { version = "0.8.0-rc.1", default-features = false, features = ["alloc"] }
 zeroize = { version = "1.5", features = ["alloc"] }
 crypto-bigint = { version = "0.7.0-pre", default-features = false, features = ["zeroize", "alloc"] }
@@ -57,7 +57,7 @@ os_rng = ["rand_core/os_rng", "crypto-bigint/rand_core"]
 serde = ["dep:serde", "dep:serdect", "crypto-bigint/serde"]
 pem = ["pkcs1/pem", "pkcs8/pem"]
 pkcs5 = ["pkcs8/encryption"]
-std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "signature/std", "crypto-bigint/rand"]
+std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "crypto-bigint/rand"]
 
 
 [package.metadata.docs.rs]

src/pkcs1v15/signature.rs

@@ -2,11 +2,16 @@
 
 use ::signature::SignatureEncoding;
 use alloc::boxed::Box;
-use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex};
+use core::{
+    fmt::{self, Debug, Display, Formatter, LowerHex, UpperHex},
+    marker::PhantomData,
+};
 use crypto_bigint::BoxedUint;
 
+use digest::Digest;
 #[cfg(feature = "serde")]
 use serdect::serde::{de, Deserialize, Serialize};
+use signature::PrehashSignature;
 use spki::{
     der::{asn1::BitString, Result as DerResult},
     SignatureBitStringEncoding,
@@ -15,22 +20,46 @@ use spki::{
 /// `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2].
 ///
 /// [RFC8017 § 8.2]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.2
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub struct Signature {
+#[derive(Eq)]
+pub struct Signature<D> {
     pub(super) inner: BoxedUint,
+    _digest: PhantomData<D>,
+}
+
+impl<D> Debug for Signature<D> {
+    fn fmt(&self, f: &mut Formatter) -> fmt::Result {
+        f.debug_struct("Signature")
+            .field("inner", &self.inner)
+            .finish()
+    }
 }
 
-impl SignatureEncoding for Signature {
+impl<D> Clone for Signature<D> {
+    fn clone(&self) -> Self {
+        Self {
+            inner: self.inner.clone(),
+            _digest: PhantomData,
+        }
+    }
+}
+
+impl<D> PartialEq for Signature<D> {
+    fn eq(&self, other: &Self) -> bool {
+        self.inner.eq(&other.inner)
+    }
+}
+
+impl<D> SignatureEncoding for Signature<D> {
     type Repr = Box<[u8]>;
 }
 
-impl SignatureBitStringEncoding for Signature {
+impl<D> SignatureBitStringEncoding for Signature<D> {
     fn to_bitstring(&self) -> DerResult<BitString> {
         BitString::new(0, self.to_vec())
     }
 }
 
-impl TryFrom<&[u8]> for Signature {
+impl<D> TryFrom<&[u8]> for Signature<D> {
     type Error = signature::Error;
 
     fn try_from(bytes: &[u8]) -> signature::Result<Self> {
@@ -42,17 +71,20 @@ impl TryFrom<&[u8]> for Signature {
         #[cfg(not(feature = "std"))]
         let inner = inner.map_err(|_| signature::Error::new())?;
 
-        Ok(Self { inner })
+        Ok(Self {
+            inner,
+            _digest: PhantomData,
+        })
     }
 }
 
-impl From<Signature> for Box<[u8]> {
-    fn from(signature: Signature) -> Box<[u8]> {
+impl<D> From<Signature<D>> for Box<[u8]> {
+    fn from(signature: Signature<D>) -> Box<[u8]> {
         signature.inner.to_be_bytes()
     }
 }
 
-impl LowerHex for Signature {
+impl<D> LowerHex for Signature<D> {
     fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
         for byte in self.to_bytes().iter() {
             write!(f, "{:02x}", byte)?;
@@ -61,7 +93,7 @@ impl LowerHex for Signature {
     }
 }
 
-impl UpperHex for Signature {
+impl<D> UpperHex for Signature<D> {
     fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
         for byte in self.to_bytes().iter() {
             write!(f, "{:02X}", byte)?;
@@ -70,14 +102,14 @@ impl UpperHex for Signature {
     }
 }
 
-impl Display for Signature {
+impl<D> Display for Signature<D> {
     fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
         write!(f, "{:X}", self)
     }
 }
 
 #[cfg(feature = "serde")]
-impl Serialize for Signature {
+impl<D> Serialize for Signature<D> {
     fn serialize<S>(&self, serializer: S) -> core::result::Result<S::Ok, S::Error>
     where
         S: serdect::serde::Serializer,
@@ -87,7 +119,7 @@ impl Serialize for Signature {
 }
 
 #[cfg(feature = "serde")]
-impl<'de> Deserialize<'de> for Signature {
+impl<'de, Di> Deserialize<'de> for Signature<Di> {
     fn deserialize<D>(deserializer: D) -> core::result::Result<Self, D::Error>
     where
         D: serdect::serde::Deserializer<'de>,
@@ -99,6 +131,13 @@ impl<'de> Deserialize<'de> for Signature {
     }
 }
 
+impl<D> PrehashSignature for Signature<D>
+where
+    D: Digest,
+{
+    type Digest = D;
+}
+
 #[cfg(test)]
 mod tests {
     #[test]
@@ -108,6 +147,7 @@ mod tests {
         use serde_test::{assert_tokens, Configure, Token};
         let signature = Signature {
             inner: BoxedUint::from(42u32),
+            _digest: PhantomData::<()>,
         };
 
         let tokens = [Token::Str("000000000000002a")];

src/pkcs1v15/signing_key.rs

@@ -17,9 +17,7 @@ use {
     serdect::serde::{de, ser, Deserialize, Serialize},
 };
 
-use signature::{
-    hazmat::PrehashSigner, DigestSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, Signer,
-};
+use signature::{hazmat::PrehashSigner, DigestSigner, Keypair, RandomizedDigestSigner};
 use zeroize::ZeroizeOnDrop;
 
 /// Signing key for `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2].
@@ -101,69 +99,43 @@ where
 // `*Signer` trait impls
 //
 
-impl<D> DigestSigner<D, Signature> for SigningKey<D>
+impl<D> DigestSigner<D, Signature<D>> for SigningKey<D>
 where
     D: Digest,
 {
-    fn try_sign_digest(&self, digest: D) -> signature::Result<Signature> {
+    fn try_sign_digest(&self, digest: D) -> signature::Result<Signature<D>> {
         sign::<DummyRng>(None, &self.inner, &self.prefix, &digest.finalize())?
             .as_slice()
             .try_into()
     }
 }
 
-impl<D> PrehashSigner<Signature> for SigningKey<D>
+impl<D> PrehashSigner<Signature<D>> for SigningKey<D>
 where
     D: Digest,
 {
-    fn sign_prehash(&self, prehash: &[u8]) -> signature::Result<Signature> {
+    fn sign_prehash(&self, prehash: &[u8]) -> signature::Result<Signature<D>> {
         sign::<DummyRng>(None, &self.inner, &self.prefix, prehash)?
             .as_slice()
             .try_into()
     }
 }
 
-impl<D> RandomizedDigestSigner<D, Signature> for SigningKey<D>
+impl<D> RandomizedDigestSigner<D, Signature<D>> for SigningKey<D>
 where
     D: Digest,
 {
     fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
         &self,
         rng: &mut R,
         digest: D,
-    ) -> signature::Result<Signature> {
+    ) -> signature::Result<Signature<D>> {
         sign(Some(rng), &self.inner, &self.prefix, &digest.finalize())?
             .as_slice()
             .try_into()
     }
 }
 
-impl<D> RandomizedSigner<Signature> for SigningKey<D>
-where
-    D: Digest,
-{
-    fn try_sign_with_rng<R: TryCryptoRng + ?Sized>(
-        &self,
-        rng: &mut R,
-        msg: &[u8],
-    ) -> signature::Result<Signature> {
-        sign(Some(rng), &self.inner, &self.prefix, &D::digest(msg))?
-            .as_slice()
-            .try_into()
-    }
-}
-
-impl<D> Signer<Signature> for SigningKey<D>
-where
-    D: Digest,
-{
-    fn try_sign(&self, msg: &[u8]) -> signature::Result<Signature> {
-        sign::<DummyRng>(None, &self.inner, &self.prefix, &D::digest(msg))?
-            .as_slice()
-            .try_into()
-    }
-}
-
 //
 // Other trait impls
 //

src/pkcs1v15/verifying_key.rs

@@ -17,7 +17,7 @@ use {
     spki::DecodePublicKey,
 };
 
-use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier};
+use signature::{hazmat::PrehashVerifier, DigestVerifier};
 use spki::{Document, EncodePublicKey};
 
 /// Verifying key for `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2].
@@ -75,11 +75,11 @@ where
 // `*Verifier` trait impls
 //
 
-impl<D> DigestVerifier<D, Signature> for VerifyingKey<D>
+impl<D> DigestVerifier<D, Signature<D>> for VerifyingKey<D>
 where
     D: Digest,
 {
-    fn verify_digest(&self, digest: D, signature: &Signature) -> signature::Result<()> {
+    fn verify_digest(&self, digest: D, signature: &Signature<D>) -> signature::Result<()> {
         verify(
             &self.inner,
             &self.prefix,
@@ -90,30 +90,15 @@ where
     }
 }
 
-impl<D> PrehashVerifier<Signature> for VerifyingKey<D>
+impl<D> PrehashVerifier<Signature<D>> for VerifyingKey<D>
 where
     D: Digest,
 {
-    fn verify_prehash(&self, prehash: &[u8], signature: &Signature) -> signature::Result<()> {
+    fn verify_prehash(&self, prehash: &[u8], signature: &Signature<D>) -> signature::Result<()> {
         verify(&self.inner, &self.prefix, prehash, &signature.inner).map_err(|e| e.into())
     }
 }
 
-impl<D> Verifier<Signature> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn verify(&self, msg: &[u8], signature: &Signature) -> signature::Result<()> {
-        verify(
-            &self.inner,
-            &self.prefix.clone(),
-            &D::digest(msg),
-            &signature.inner,
-        )
-        .map_err(|e| e.into())
-    }
-}
-
 //
 // Other trait impls
 //

src/pss/blinded_signing_key.rs

@@ -11,9 +11,7 @@ use pkcs8::{
     EncodePrivateKey, SecretDocument,
 };
 use rand_core::{CryptoRng, TryCryptoRng};
-use signature::{
-    hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner,
-};
+use signature::{hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner};
 use zeroize::ZeroizeOnDrop;
 #[cfg(feature = "serde")]
 use {
@@ -84,45 +82,30 @@ where
 // `*Signer` trait impls
 //
 
-impl<D> RandomizedSigner<Signature> for BlindedSigningKey<D>
-where
-    D: Digest + FixedOutputReset,
-{
-    fn try_sign_with_rng<R: TryCryptoRng + ?Sized>(
-        &self,
-        rng: &mut R,
-        msg: &[u8],
-    ) -> signature::Result<Signature> {
-        sign_digest::<_, D>(rng, true, &self.inner, &D::digest(msg), self.salt_len)?
-            .as_slice()
-            .try_into()
-    }
-}
-
-impl<D> RandomizedDigestSigner<D, Signature> for BlindedSigningKey<D>
+impl<D> RandomizedDigestSigner<D, Signature<D>> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
     fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
         &self,
         rng: &mut R,
         digest: D,
-    ) -> signature::Result<Signature> {
+    ) -> signature::Result<Signature<D>> {
         sign_digest::<_, D>(rng, true, &self.inner, &digest.finalize(), self.salt_len)?
             .as_slice()
             .try_into()
     }
 }
 
-impl<D> RandomizedPrehashSigner<Signature> for BlindedSigningKey<D>
+impl<D> RandomizedPrehashSigner<Signature<D>> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
     fn sign_prehash_with_rng<R: TryCryptoRng + ?Sized>(
         &self,
         rng: &mut R,
         prehash: &[u8],
-    ) -> signature::Result<Signature> {
+    ) -> signature::Result<Signature<D>> {
         sign_digest::<_, D>(rng, true, &self.inner, prehash, self.salt_len)?
             .as_slice()
             .try_into()