signature: replace signature_derive with blanket impls (#1827)

Adds blanket impls of:
- `Signer` for types which impl `PrehashSignature + DigestSignature`
- `Verifier` for types which impl `PrehashSignature + DigestVerifier`

These blanket impls eliminate the need to have a `signature_derive`
crate, which only existed to write the `Signer` and `Verifier` impls for
this particular case.

Since this is a breaking change, bumps the version to `3.0.0-pre`

Author: tarcieri

.github/workflows/signature.yml

@@ -37,9 +37,8 @@ jobs:
           toolchain: ${{ matrix.rust }}
           targets: ${{ matrix.target }}
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features
-      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features derive
+      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features digest
       - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features rand_core
-      - run: cargo build --target ${{ matrix.target }} --release --no-default-features --features derive,rand_core
 
   minimal-versions:
     if: false # disabled until we stop using pre-releases
@@ -52,7 +51,7 @@ jobs:
     strategy:
       matrix:
         rust:
-          - 1.85.0 # Minimum Rust version the tests pass on
+          - 1.85.0 # MSRV
           - stable
     steps:
       - uses: actions/checkout@v4
@@ -63,19 +62,3 @@ jobs:
       - run: cargo test --release --no-default-features
       - run: cargo test --release
       - run: cargo test --release --all-features
-
-  derive:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        rust:
-          - 1.85.0 # MSRV
-          - stable
-    steps:
-      - uses: actions/checkout@v4
-      - uses: RustCrypto/actions/cargo-cache@master
-      - uses: dtolnay/rust-toolchain@master
-        with:
-          toolchain: ${{ matrix.rust }}
-      - run: cargo test --release
-        working-directory: signature_derive

Cargo.lock

@@ -10,7 +10,6 @@ members = [
     "elliptic-curve",
     "kem",
     "password-hash",
-    "signature_derive",
     "universal-hash",
     "signature",
 ]

Cargo.toml

@@ -21,7 +21,7 @@ cipher = { version = "0.5.0-pre.7", path = "../cipher", optional = true }
 digest = { version = "0.11.0-pre.9", path = "../digest", optional = true, features = ["mac"] }
 elliptic-curve = { version = "0.14.0-rc.1", path = "../elliptic-curve", optional = true }
 password-hash = { version = "0.6.0-rc.0", path = "../password-hash", optional = true }
-signature = { version = "2.3.0-pre.6", path = "../signature", optional = true, default-features = false }
+signature = { version = "3.0.0-pre", path = "../signature", optional = true, default-features = false }
 universal-hash = { version = "0.6.0-rc.0", path = "../universal-hash", optional = true }
 
 [features]

crypto/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "signature"
-version = "2.3.0-pre.7"
+version = "3.0.0-pre"
 authors = ["RustCrypto Developers"]
 edition = "2024"
 rust-version = "1.85"
@@ -13,7 +13,6 @@ categories = ["cryptography", "no-std"]
 description = "Traits for cryptographic signature algorithms (e.g. ECDSA, Ed25519)"
 
 [dependencies]
-derive = { package = "signature_derive", version = "2", optional = true, path = "../signature_derive" }
 digest = { version = "=0.11.0-pre.10", optional = true, default-features = false }
 rand_core = { version = "0.9", optional = true, default-features = false }
 

signature/Cargo.toml

@@ -144,12 +144,6 @@ mod prehash_signature;
 
 pub use crate::{encoding::*, error::*, keypair::*, signer::*, verifier::*};
 
-#[cfg(feature = "derive")]
-pub use derive::{Signer, Verifier};
-
-#[cfg(all(feature = "derive", feature = "digest"))]
-pub use derive::{DigestSigner, DigestVerifier};
-
 #[cfg(feature = "digest")]
 pub use {crate::prehash_signature::*, digest};
 

signature/src/lib.rs

@@ -19,9 +19,8 @@ use crate::{
 /// This approach is relatively common in signature schemes based on the
 /// [Fiat-Shamir heuristic].
 ///
-/// For signature types that implement this trait, when the `derive` crate
-/// feature is enabled a custom derive for [`Signer`] is available for any
-/// types that impl [`DigestSigner`], and likewise for deriving [`Verifier`] for
+/// For signature types that implement this trait, a blanket impl of the [`Signer`] trait is
+/// available for any types that impl [`DigestSigner`], and likewise for the [`Verifier`] for
 /// types which impl [`DigestVerifier`].
 ///
 /// [Fiat-Shamir heuristic]: https://en.wikipedia.org/wiki/Fiat%E2%80%93Shamir_heuristic

signature/src/prehash_signature.rs

@@ -3,7 +3,7 @@
 use crate::error::Error;
 
 #[cfg(feature = "digest")]
-use crate::digest::Digest;
+use crate::{PrehashSignature, digest::Digest};
 
 #[cfg(feature = "rand_core")]
 use crate::rand_core::{CryptoRng, TryCryptoRng};
@@ -82,6 +82,17 @@ pub trait DigestSigner<D: Digest, S> {
     fn try_sign_digest(&self, digest: D) -> Result<S, Error>;
 }
 
+#[cfg(feature = "digest")]
+impl<S, T> Signer<S> for T
+where
+    S: PrehashSignature,
+    T: DigestSigner<S::Digest, S>,
+{
+    fn try_sign(&self, msg: &[u8]) -> Result<S, Error> {
+        self.try_sign_digest(S::Digest::new_with_prefix(msg))
+    }
+}
+
 /// Sign the given message using the provided external randomness source.
 #[cfg(feature = "rand_core")]
 pub trait RandomizedSigner<S> {
@@ -124,6 +135,21 @@ pub trait RandomizedDigestSigner<D: Digest, S> {
     ) -> Result<S, Error>;
 }
 
+#[cfg(all(feature = "digest", feature = "rand_core"))]
+impl<S, T> RandomizedSigner<S> for T
+where
+    S: PrehashSignature,
+    T: RandomizedDigestSigner<S::Digest, S>,
+{
+    fn try_sign_with_rng<R: TryCryptoRng + ?Sized>(
+        &self,
+        rng: &mut R,
+        msg: &[u8],
+    ) -> Result<S, Error> {
+        self.try_sign_digest_with_rng(rng, S::Digest::new_with_prefix(msg))
+    }
+}
+
 /// Sign the provided message bytestring using `&mut Self` (e.g. an evolving
 /// cryptographic key such as a stateful hash-based signature), and a per-signature
 /// randomizer, returning a digital signature.

signature/src/signer.rs

@@ -3,7 +3,7 @@
 use crate::error::Error;
 
 #[cfg(feature = "digest")]
-use crate::digest::Digest;
+use crate::{PrehashSignature, digest::Digest};
 
 /// Verify the provided message bytestring using `Self` (e.g. a public key)
 pub trait Verifier<S> {
@@ -39,3 +39,14 @@ pub trait DigestVerifier<D: Digest, S> {
     /// Verify the signature against the given [`Digest`] output.
     fn verify_digest(&self, digest: D, signature: &S) -> Result<(), Error>;
 }
+
+#[cfg(feature = "digest")]
+impl<S, T> Verifier<S> for T
+where
+    S: PrehashSignature,
+    T: DigestVerifier<S::Digest, S>,
+{
+    fn verify(&self, msg: &[u8], signature: &S) -> Result<(), Error> {
+        self.verify_digest(S::Digest::new_with_prefix(msg), signature)
+    }
+}