Bump signature to v2.0.0-pre.2; use impl CryptoRngCore (#579)

As discussed in RustCrypto/traits#1148, this uses
`&mut impl CryptoRngCore` as the API for passing CSRNGs.

This removes the need for a generic parameter in the type signature
while also keeping syntax to a minimum.

The traits in `signature` v2.0.0-pre.2 switched to these APIs. See
RustCrypto/traits#1147.

Author: tarcieri

Cargo.lock

@@ -19,10 +19,9 @@ digest = "0.10"
 num-bigint = { package = "num-bigint-dig", version = "0.8", default-features = false, features = ["prime", "rand", "zeroize"] }
 num-traits = { version = "0.2", default-features = false }
 pkcs8 = { version = "0.9", default-features = false, features = ["alloc"] }
-rand = { version = "0.8", default-features = false }
 rfc6979 = { version = "0.3", path = "../rfc6979" }
 sha2 = { version = "0.10", default-features = false }
-signature = { version = "=2.0.0-pre.0", default-features = false, features = ["alloc", "digest-preview", "rand-preview"] }
+signature = { version = "=2.0.0-pre.2", default-features = false, features = ["alloc", "digest-preview", "rand-preview"] }
 zeroize = { version = "1.5", default-features = false }
 
 [dev-dependencies]

dsa/Cargo.toml

@@ -11,8 +11,10 @@ fn main() {
     let signing_key = SigningKey::generate(&mut rng, components);
     let verifying_key = signing_key.verifying_key();
 
-    let signature = signing_key
-        .sign_digest_with_rng(rand::thread_rng(), Sha1::new().chain_update(b"hello world"));
+    let signature = signing_key.sign_digest_with_rng(
+        &mut rand::thread_rng(),
+        Sha1::new().chain_update(b"hello world"),
+    );
 
     let signing_key_bytes = signing_key.to_pkcs8_pem(LineEnding::LF).unwrap();
     let verifying_key_bytes = verifying_key.to_public_key_pem(LineEnding::LF).unwrap();

dsa/examples/sign.rs

@@ -6,7 +6,7 @@ use crate::{size::KeySize, two};
 use num_bigint::BigUint;
 use num_traits::Zero;
 use pkcs8::der::{self, asn1::UIntRef, DecodeValue, Encode, Header, Reader, Sequence, Tag};
-use rand::{CryptoRng, RngCore};
+use signature::rand_core::CryptoRngCore;
 
 /// The common components of an DSA keypair
 ///
@@ -35,10 +35,7 @@ impl Components {
     }
 
     /// Generate a new pair of common components
-    pub fn generate<R>(rng: &mut R, key_size: KeySize) -> Self
-    where
-        R: CryptoRng + RngCore + ?Sized,
-    {
+    pub fn generate(rng: &mut impl CryptoRngCore, key_size: KeySize) -> Self {
         let (p, q, g) = crate::generate::common_components(rng, key_size);
         Self::from_components(p, q, g).expect("[Bug] Newly generated components considered invalid")
     }

dsa/src/components.rs

@@ -1,7 +1,7 @@
 use crate::two;
 use num_bigint::{BigUint, RandPrime};
 use num_traits::Pow;
-use rand::{CryptoRng, RngCore};
+use signature::rand_core::CryptoRngCore;
 
 mod components;
 mod keypair;
@@ -24,9 +24,6 @@ fn calculate_bounds(size: u32) -> (BigUint, BigUint) {
 ///
 /// This wrapper function mainly exists to enforce the [`CryptoRng`](rand::CryptoRng) requirement (I might otherwise forget it)
 #[inline]
-fn generate_prime<R>(bit_length: usize, rng: &mut R) -> BigUint
-where
-    R: CryptoRng + RngCore + ?Sized,
-{
+fn generate_prime(bit_length: usize, rng: &mut impl CryptoRngCore) -> BigUint {
     rng.gen_prime(bit_length)
 }

dsa/src/generate/mod.rs renamed to dsa/src/generate.rs

@@ -9,7 +9,7 @@ use crate::{
 };
 use num_bigint::{prime::probably_prime, BigUint, RandBigInt};
 use num_traits::One;
-use rand::{CryptoRng, RngCore};
+use signature::rand_core::CryptoRngCore;
 
 /// Numbers of miller-rabin rounds performed to determine primality
 const MR_ROUNDS: usize = 64;
@@ -19,10 +19,10 @@ const MR_ROUNDS: usize = 64;
 /// # Returns
 ///
 /// Tuple of three `BigUint`s. Ordered like this `(p, q, g)`
-pub fn common<R>(rng: &mut R, KeySize { l, n }: KeySize) -> (BigUint, BigUint, BigUint)
-where
-    R: CryptoRng + RngCore + ?Sized,
-{
+pub fn common(
+    rng: &mut impl CryptoRngCore,
+    KeySize { l, n }: KeySize,
+) -> (BigUint, BigUint, BigUint) {
     // Calculate the lower and upper bounds of p and q
     let (p_min, p_max) = calculate_bounds(l);
     let (q_min, q_max) = calculate_bounds(n);

dsa/src/generate/components.rs

@@ -5,14 +5,11 @@
 use crate::{generate::components, Components, SigningKey, VerifyingKey};
 use num_bigint::{BigUint, RandBigInt};
 use num_traits::One;
-use rand::{CryptoRng, RngCore};
+use signature::rand_core::CryptoRngCore;
 
 /// Generate a new keypair
 #[inline]
-pub fn keypair<R>(rng: &mut R, components: Components) -> SigningKey
-where
-    R: CryptoRng + RngCore + ?Sized,
-{
+pub fn keypair(rng: &mut impl CryptoRngCore, components: Components) -> SigningKey {
     let x = rng.gen_biguint_range(&BigUint::one(), components.q());
     let y = components::public(&components, &x);
 

dsa/src/generate/keypair.rs

@@ -8,8 +8,8 @@ use core::cmp::min;
 use digest::{core_api::BlockSizeUser, Digest, FixedOutputReset};
 use num_bigint::{BigUint, ModInverse, RandBigInt};
 use num_traits::{One, Zero};
-use rand::{CryptoRng, RngCore};
 use rfc6979::HmacDrbg;
+use signature::rand_core::CryptoRngCore;
 use zeroize::Zeroize;
 
 /// Reduce the hash into an RFC-6979 appropriate form
@@ -69,10 +69,10 @@ where
 ///
 /// Secret number k and its modular multiplicative inverse with q
 #[inline]
-pub fn secret_number<R>(rng: &mut R, components: &Components) -> Option<(BigUint, BigUint)>
-where
-    R: CryptoRng + RngCore + ?Sized,
-{
+pub fn secret_number(
+    rng: &mut impl CryptoRngCore,
+    components: &Components,
+) -> Option<(BigUint, BigUint)> {
     let q = components.q();
     let n = q.bits();
 

dsa/src/generate/secret_number.rs

@@ -157,7 +157,7 @@ impl SignatureEncoding for Signature {
     type Repr = Box<[u8]>;
 
     fn to_bytes(&self) -> Box<[u8]> {
-        self.to_boxed_slice()
+        SignatureEncoding::to_vec(self).into_boxed_slice()
     }
 
     fn to_vec(&self) -> Vec<u8> {

dsa/src/lib.rs

@@ -14,9 +14,9 @@ use pkcs8::{
     der::{asn1::UIntRef, AnyRef, Decode, Encode},
     AlgorithmIdentifier, DecodePrivateKey, EncodePrivateKey, PrivateKeyInfo, SecretDocument,
 };
-use rand::{CryptoRng, RngCore};
 use signature::{
     hazmat::{PrehashSigner, RandomizedPrehashSigner},
+    rand_core::CryptoRngCore,
     DigestSigner, RandomizedDigestSigner, Signer,
 };
 use zeroize::{Zeroize, Zeroizing};
@@ -50,10 +50,7 @@ impl SigningKey {
 
     /// Generate a new DSA keypair
     #[inline]
-    pub fn generate<R>(rng: &mut R, components: Components) -> SigningKey
-    where
-        R: CryptoRng + RngCore + ?Sized,
-    {
+    pub fn generate(rng: &mut impl CryptoRngCore, components: Components) -> SigningKey {
         crate::generate::keypair(rng, components)
     }
 
@@ -117,7 +114,7 @@ impl PrehashSigner<Signature> for SigningKey {
 impl RandomizedPrehashSigner<Signature> for SigningKey {
     fn sign_prehash_with_rng(
         &self,
-        mut rng: impl CryptoRng + RngCore,
+        mut rng: &mut impl CryptoRngCore,
         prehash: &[u8],
     ) -> Result<Signature, signature::Error> {
         let components = self.verifying_key.components();
@@ -147,7 +144,7 @@ where
 {
     fn try_sign_digest_with_rng(
         &self,
-        mut rng: impl CryptoRng + RngCore,
+        mut rng: &mut impl CryptoRngCore,
         digest: D,
     ) -> Result<Signature, signature::Error> {
         let ks = crate::generate::secret_number(&mut rng, self.verifying_key().components())

dsa/src/signing_key.rs

@@ -70,7 +70,7 @@ fn decode_encode_signature() {
 fn sign_message() {
     let signing_key = generate_deterministic_keypair();
     let generated_signature =
-        signing_key.sign_digest_with_rng(seeded_csprng(), Sha256::new().chain_update(MESSAGE));
+        signing_key.sign_digest_with_rng(&mut seeded_csprng(), Sha256::new().chain_update(MESSAGE));
 
     let expected_signature =
         Signature::from_der(MESSAGE_SIGNATURE_CRATE_ASN1).expect("Failed to decode signature");

dsa/tests/signature.rs

@@ -47,7 +47,7 @@ fn sign_and_verify() {
     let verifying_key = signing_key.verifying_key();
 
     let signature =
-        signing_key.sign_digest_with_rng(rand::thread_rng(), Sha1::new().chain_update(DATA));
+        signing_key.sign_digest_with_rng(&mut rand::thread_rng(), Sha1::new().chain_update(DATA));
 
     assert!(verifying_key
         .verify_digest(Sha1::new().chain_update(DATA), &signature)

dsa/tests/private_key.rs renamed to dsa/tests/signing_key.rs

@@ -17,7 +17,7 @@ rust-version = "1.57"
 
 [dependencies]
 elliptic-curve = { version = "0.12", default-features = false, features = ["digest", "sec1"] }
-signature = { version = "=2.0.0-pre.0", default-features = false, features = ["rand-preview"] }
+signature = { version = "=2.0.0-pre.2", default-features = false, features = ["rand-preview"] }
 
 # optional dependencies
 der = { version = "0.6", optional = true }

dsa/tests/public_key.rs renamed to dsa/tests/verifying_key.rs

@@ -230,7 +230,7 @@ where
     <FieldSize<C> as Add>::Output: Add<MaxOverhead> + ArrayLength<u8>,
 {
     fn from(signature: Signature<C>) -> Box<[u8]> {
-        signature.to_boxed_slice()
+        signature.to_vec().into_boxed_slice()
     }
 }
 

ecdsa/Cargo.toml

@@ -18,7 +18,7 @@ use elliptic_curve::{
 use signature::{
     digest::{core_api::BlockSizeUser, Digest, FixedOutput, FixedOutputReset},
     hazmat::PrehashSigner,
-    rand_core::{CryptoRng, RngCore},
+    rand_core::CryptoRngCore,
     DigestSigner, RandomizedDigestSigner, RandomizedSigner, Signer,
 };
 
@@ -68,7 +68,7 @@ where
     SignatureSize<C>: ArrayLength<u8>,
 {
     /// Generate a cryptographically random [`SigningKey`].
-    pub fn random(rng: impl CryptoRng + RngCore) -> Self {
+    pub fn random(rng: &mut impl CryptoRngCore) -> Self {
         NonZeroScalar::<C>::random(rng).into()
     }
 
@@ -171,7 +171,7 @@ where
     /// entropy from an RNG.
     fn try_sign_digest_with_rng(
         &self,
-        mut rng: impl CryptoRng + RngCore,
+        rng: &mut impl CryptoRngCore,
         msg_digest: D,
     ) -> Result<Signature<C>> {
         let mut ad = FieldBytes::<C>::default();
@@ -190,7 +190,7 @@ where
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
     SignatureSize<C>: ArrayLength<u8>,
 {
-    fn try_sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> Result<Signature<C>> {
+    fn try_sign_with_rng(&self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> Result<Signature<C>> {
         self.try_sign_digest_with_rng(rng, C::Digest::new_with_prefix(msg))
     }
 }
@@ -242,7 +242,7 @@ where
 {
     fn try_sign_digest_with_rng(
         &self,
-        rng: impl CryptoRng + RngCore,
+        rng: &mut impl CryptoRngCore,
         msg_digest: D,
     ) -> Result<der::Signature<C>> {
         RandomizedDigestSigner::<D, Signature<C>>::try_sign_digest_with_rng(self, rng, msg_digest)
@@ -263,7 +263,7 @@ where
 {
     fn try_sign_with_rng(
         &self,
-        rng: impl CryptoRng + RngCore,
+        rng: &mut impl CryptoRngCore,
         msg: &[u8],
     ) -> Result<der::Signature<C>> {
         RandomizedSigner::<Signature<C>>::try_sign_with_rng(self, rng, msg).map(Into::into)

ecdsa/src/der.rs

@@ -17,7 +17,7 @@ edition = "2021"
 rust-version = "1.56"
 
 [dependencies]
-signature = { version = "=2.0.0-pre.0", default-features = false }
+signature = { version = "=2.0.0-pre.2", default-features = false }
 
 # optional dependencies
 pkcs8 = { version = "0.9", optional = true }