From 8e5cf8aea390d4f69ce30bae42e381a24d7c61bb Mon Sep 17 00:00:00 2001
From: Tjaden Hess <tjade273@gmail.com>
Date: Tue, 2 Jan 2024 18:51:10 -0600
Subject: [PATCH 1/3] Add a RandomizedSignerMut trait for randomized stateful
 signatures like LMS/LM-OTS

---
 signature/src/signer.rs | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/signature/src/signer.rs b/signature/src/signer.rs
index b339ddf59..c98b9aed6 100644
--- a/signature/src/signer.rs
+++ b/signature/src/signer.rs
@@ -116,3 +116,29 @@ pub trait RandomizedDigestSigner<D: Digest, S> {
     fn try_sign_digest_with_rng(&self, rng: &mut impl CryptoRngCore, digest: D)
         -> Result<S, Error>;
 }
+
+/// Sign the provided message bytestring using `&mut Self` (e.g. an evolving
+/// cryptographic key such as a stateful hash-based signature), and a per-signature
+/// randomizer, returning a digital signature.
+#[cfg(feature = "rand_core")]
+pub trait RandomizedSignerMut<S> {
+    /// Sign the given message, update the state, and return a digital signature.
+    fn sign_with_rng(&mut self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> S {
+        self.try_sign(msg).expect("signature operation failed")
+    }
+
+    /// Attempt to sign the given message, updating the state, and returning a
+    /// digital signature on success, or an error if something went wrong.
+    ///
+    /// Signing can fail, e.g., if the number of time periods allowed by the
+    /// current key is exceeded.
+    fn try_sign_with_rng(&mut self, msg: &[u8]) -> Result<S, Error>;
+}
+
+/// Blanket impl of [`RandomizedSignerMut`] for all [`RandomizedSigner`] types.
+#[cfg(feature = "rand_core")]
+impl<S, T: RandomizedSigner<S>> RandomizedSignerMut<S> for T {
+    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error> {
+        T::try_sign_with_rng(self, msg)
+    }
+}

From 01eb2966d031a1daa8366f8de8c3a73447b621eb Mon Sep 17 00:00:00 2001
From: Tjaden Hess <tjade273@gmail.com>
Date: Tue, 2 Jan 2024 19:02:14 -0600
Subject: [PATCH 2/3] Add Changelog and fix compile errors

---
 signature/CHANGELOG.md  | 6 ++++++
 signature/src/signer.rs | 8 ++++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/signature/CHANGELOG.md b/signature/CHANGELOG.md
index 3f9d8cd08..554e0f5fd 100644
--- a/signature/CHANGELOG.md
+++ b/signature/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## Unreleased
+### Added
+- `RandomizedSignerMut` trait
+
+[#1448](https://github.com/RustCrypto/traits/pull/1448)
+
 ## 2.2.0 (2023-11-12)
 ### Changed
 - MSRV 1.60 ([#1387])
diff --git a/signature/src/signer.rs b/signature/src/signer.rs
index c98b9aed6..f5069f169 100644
--- a/signature/src/signer.rs
+++ b/signature/src/signer.rs
@@ -124,7 +124,7 @@ pub trait RandomizedDigestSigner<D: Digest, S> {
 pub trait RandomizedSignerMut<S> {
     /// Sign the given message, update the state, and return a digital signature.
     fn sign_with_rng(&mut self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> S {
-        self.try_sign(msg).expect("signature operation failed")
+        self.try_sign_with_rng(rng, msg).expect("signature operation failed")
     }
 
     /// Attempt to sign the given message, updating the state, and returning a
@@ -132,13 +132,13 @@ pub trait RandomizedSignerMut<S> {
     ///
     /// Signing can fail, e.g., if the number of time periods allowed by the
     /// current key is exceeded.
-    fn try_sign_with_rng(&mut self, msg: &[u8]) -> Result<S, Error>;
+    fn try_sign_with_rng(&mut self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> Result<S, Error>;
 }
 
 /// Blanket impl of [`RandomizedSignerMut`] for all [`RandomizedSigner`] types.
 #[cfg(feature = "rand_core")]
 impl<S, T: RandomizedSigner<S>> RandomizedSignerMut<S> for T {
-    fn try_sign(&mut self, msg: &[u8]) -> Result<S, Error> {
-        T::try_sign_with_rng(self, msg)
+    fn try_sign_with_rng(&mut self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> Result<S, Error> {
+        T::try_sign_with_rng(self, rng, msg)
     }
 }

From e275adaf6942fdbaec36d7c194f0c2495495ded5 Mon Sep 17 00:00:00 2001
From: Tjaden Hess <tjade273@gmail.com>
Date: Tue, 2 Jan 2024 19:03:13 -0600
Subject: [PATCH 3/3] cargo fmt

---
 signature/src/signer.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/signature/src/signer.rs b/signature/src/signer.rs
index f5069f169..488f7da67 100644
--- a/signature/src/signer.rs
+++ b/signature/src/signer.rs
@@ -124,7 +124,8 @@ pub trait RandomizedDigestSigner<D: Digest, S> {
 pub trait RandomizedSignerMut<S> {
     /// Sign the given message, update the state, and return a digital signature.
     fn sign_with_rng(&mut self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> S {
-        self.try_sign_with_rng(rng, msg).expect("signature operation failed")
+        self.try_sign_with_rng(rng, msg)
+            .expect("signature operation failed")
     }
 
     /// Attempt to sign the given message, updating the state, and returning a