ecdsa: Signer would only be implemented with hazmat

Author: baloo

ecdsa/Cargo.toml

@@ -44,6 +44,7 @@ digest = ["dep:digest", "elliptic-curve/digest", "signature/digest"]
 hazmat = []
 pkcs8 = ["digest", "elliptic-curve/pkcs8", "der"]
 pem = ["elliptic-curve/pem", "pkcs8"]
+rfc6979 = ["arithmetic", "digest", "dep:rfc6979"]
 serde = ["elliptic-curve/serde", "pkcs8", "serdect"]
 signing = ["arithmetic", "digest", "hazmat", "rfc6979"]
 verifying = ["arithmetic", "digest", "hazmat"]

ecdsa/src/der.rs

@@ -382,10 +382,10 @@ fn find_scalar_range(outer: &[u8], inner: &[u8]) -> Result<Range<usize>> {
     Ok(Range { start, end })
 }
 
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> signature::PrehashSignature for Signature<C>
 where
-    C: EcdsaCurve + crate::hazmat::DigestPrimitive,
+    C: EcdsaCurve + crate::DigestPrimitive,
     MaxSize<C>: ArraySize,
     <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,
 {

ecdsa/src/hazmat.rs

@@ -27,46 +27,21 @@ use {
     },
 };
 
-#[cfg(feature = "digest")]
+#[cfg(feature = "rfc6979")]
 use {
-    elliptic_curve::FieldBytesSize,
-    signature::{
-        PrehashSignature,
-        digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser},
-    },
+    elliptic_curve::FieldBytesEncoding,
+    signature::digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser},
 };
 
-#[cfg(feature = "rfc6979")]
-use elliptic_curve::FieldBytesEncoding;
-
-#[cfg(any(feature = "arithmetic", feature = "digest"))]
+#[cfg(any(feature = "arithmetic", feature = "rfc6979"))]
 use crate::{Signature, elliptic_curve::array::ArraySize};
 
-/// Bind a preferred [`Digest`] algorithm to an elliptic curve type.
-///
-/// Generally there is a preferred variety of the SHA-2 family used with ECDSA
-/// for a particular elliptic curve.
-///
-/// This trait can be used to specify it, and with it receive a blanket impl of
-/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`]
-/// type for a particular elliptic curve.
-///
-/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive
-#[cfg(feature = "digest")]
-pub trait DigestPrimitive: EcdsaCurve {
-    /// Preferred digest to use when computing ECDSA signatures for this
-    /// elliptic curve. This is typically a member of the SHA-2 family.
-    type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset;
-}
-
 #[cfg(feature = "digest")]
-impl<C> PrehashSignature for Signature<C>
-where
-    C: DigestPrimitive,
-    <FieldBytesSize<C> as core::ops::Add>::Output: ArraySize,
-{
-    type Digest = C::Digest;
-}
+#[deprecated(
+    since = "0.17.0",
+    note = "`DigestPrimitive` is no longer in `hazmat`, please use `ecdsa::DigestPrimitive` instead"
+)]
+pub use crate::DigestPrimitive;
 
 /// Partial implementation of the `bits2int` function as defined in
 /// [RFC6979 § 2.3.2] as well as [SEC1] § 2.3.8.

ecdsa/src/lib.rs

@@ -101,9 +101,13 @@ use {
 };
 
 #[cfg(feature = "digest")]
-use digest::{
-    Digest,
-    const_oid::{AssociatedOid, ObjectIdentifier},
+use {
+    digest::{
+        Digest, FixedOutput, FixedOutputReset,
+        const_oid::{AssociatedOid, ObjectIdentifier},
+        core_api::BlockSizeUser,
+    },
+    signature::PrehashSignature,
 };
 
 #[cfg(feature = "pkcs8")]
@@ -463,10 +467,10 @@ where
 ///
 /// To support non-default digest algorithms, use the [`SignatureWithOid`]
 /// type instead.
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> AssociatedOid for Signature<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestPrimitive,
     C::Digest: AssociatedOid,
 {
     const OID: ObjectIdentifier = match ecdsa_oid_for_digest(C::Digest::OID) {
@@ -713,29 +717,29 @@ where
 }
 
 /// NOTE: this implementation assumes the default digest for the given elliptic
-/// curve as defined by [`hazmat::DigestPrimitive`].
+/// curve as defined by [`DigestPrimitive`].
 ///
 /// When working with alternative digests, you will need to use e.g.
 /// [`SignatureWithOid::new_with_digest`].
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> SignatureEncoding for SignatureWithOid<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestPrimitive,
     C::Digest: AssociatedOid,
     SignatureSize<C>: ArraySize,
 {
     type Repr = SignatureBytes<C>;
 }
 
 /// NOTE: this implementation assumes the default digest for the given elliptic
-/// curve as defined by [`hazmat::DigestPrimitive`].
+/// curve as defined by [`DigestPrimitive`].
 ///
 /// When working with alternative digests, you will need to use e.g.
 /// [`SignatureWithOid::new_with_digest`].
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> TryFrom<&[u8]> for SignatureWithOid<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestPrimitive,
     C::Digest: AssociatedOid,
     SignatureSize<C>: ArraySize,
 {
@@ -770,3 +774,29 @@ const fn ecdsa_oid_for_digest(digest_oid: ObjectIdentifier) -> Option<ObjectIden
         _ => None,
     }
 }
+
+/// Bind a preferred [`Digest`] algorithm to an elliptic curve type.
+///
+/// Generally there is a preferred variety of the SHA-2 family used with ECDSA
+/// for a particular elliptic curve.
+///
+/// This trait can be used to specify it, and with it receive a blanket impl of
+/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`]
+/// type for a particular elliptic curve.
+///
+/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive
+#[cfg(feature = "digest")]
+pub trait DigestPrimitive: EcdsaCurve {
+    /// Preferred digest to use when computing ECDSA signatures for this
+    /// elliptic curve. This is typically a member of the SHA-2 family.
+    type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset;
+}
+
+#[cfg(feature = "digest")]
+impl<C> PrehashSignature for Signature<C>
+where
+    C: DigestPrimitive,
+    <FieldBytesSize<C> as Add>::Output: ArraySize,
+{
+    type Digest = C::Digest;
+}

ecdsa/src/recovery.rs

@@ -28,10 +28,7 @@ use {
 
 #[cfg(any(feature = "signing", feature = "verifying"))]
 use {
-    crate::{
-        EcdsaCurve, Signature, SignatureSize,
-        hazmat::{DigestPrimitive, bits2field},
-    },
+    crate::{DigestPrimitive, EcdsaCurve, Signature, SignatureSize, hazmat::bits2field},
     elliptic_curve::{CurveArithmetic, Scalar, array::ArraySize, ops::Invert},
     signature::digest::Digest,
 };

ecdsa/src/signing.rs

@@ -1,8 +1,9 @@
 //! ECDSA signing: producing signatures using a [`SigningKey`].
 
 use crate::{
-    EcdsaCurve, Error, Result, Signature, SignatureSize, SignatureWithOid, ecdsa_oid_for_digest,
-    hazmat::{DigestPrimitive, bits2field, sign_prehashed_rfc6979},
+    DigestPrimitive, EcdsaCurve, Error, Result, Signature, SignatureSize, SignatureWithOid,
+    ecdsa_oid_for_digest,
+    hazmat::{bits2field, sign_prehashed_rfc6979},
 };
 use core::fmt::{self, Debug};
 use digest::{Digest, FixedOutput, const_oid::AssociatedOid};

ecdsa/src/verifying.rs

@@ -2,7 +2,7 @@
 
 use crate::{
     EcdsaCurve, Error, Result, Signature, SignatureSize,
-    hazmat::{self, DigestPrimitive, bits2field},
+    hazmat::{self, bits2field},
 };
 use core::{cmp::Ordering, fmt::Debug};
 use elliptic_curve::{
@@ -13,7 +13,7 @@ use elliptic_curve::{
     sec1::{self, CompressedPoint, EncodedPoint, FromEncodedPoint, ToEncodedPoint},
 };
 use signature::{
-    DigestVerifier, Verifier,
+    DigestVerifier,
     digest::{Digest, FixedOutput},
     hazmat::PrehashVerifier,
 };
@@ -42,9 +42,11 @@ use serdect::serde::{Deserialize, Serialize, de, ser};
 #[cfg(feature = "sha2")]
 use {
     crate::{
-        ECDSA_SHA224_OID, ECDSA_SHA256_OID, ECDSA_SHA384_OID, ECDSA_SHA512_OID, SignatureWithOid,
+        DigestPrimitive, ECDSA_SHA224_OID, ECDSA_SHA256_OID, ECDSA_SHA384_OID, ECDSA_SHA512_OID,
+        SignatureWithOid,
     },
     sha2::{Sha224, Sha256, Sha384, Sha512},
+    signature::Verifier,
 };
 
 #[cfg(all(feature = "alloc", feature = "pkcs8"))]