Skip to content

async-signature: adds hazmat::AsyncPrehashSigner #1719

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
baloo wants to merge 1 commit into from
Closed

async-signature: adds hazmat::AsyncPrehashSigner #1719

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 53 additions & 0 deletions async-signature/src/hazmat.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
//! Hazardous Materials: low-level APIs which can be insecure if misused.
//!
//! The traits in this module are not generally recommended, and should only be
//! used in special cases where they are specifically needed.
//!
//! Using them incorrectly can introduce security vulnerabilities. Please
//! carefully read the documentation before attempting to use them.

use signature::Error;

#[cfg(feature = "rand_core")]
use signature::rand_core::CryptoRngCore;

/// Asynchronously sign the provided message prehash, returning a digital signature.
#[allow(async_fn_in_trait)]
pub trait AsyncPrehashSigner<S> {
/// Attempt to sign the given message digest, returning a digital signature
/// on success, or an error if something went wrong.
///
/// The `prehash` parameter should be the output of a secure cryptographic
/// hash function.
///
/// This API takes a `prehash` byte slice as there can potentially be many
/// compatible lengths for the message digest for a given concrete signature
/// algorithm.
///
/// Allowed lengths are algorithm-dependent and up to a particular
/// implementation to decide.
async fn sign_prehash_async(&self, prehash: &[u8]) -> Result<S, Error>;
}

/// Asynchronously sign the provided message prehash using the provided external randomness source, returning a digital signature.
#[cfg(feature = "rand_core")]
#[allow(async_fn_in_trait)]
pub trait AsyncRandomizedPrehashSigner<S> {
/// Attempt to sign the given message digest, returning a digital signature
/// on success, or an error if something went wrong.
///
/// The `prehash` parameter should be the output of a secure cryptographic
/// hash function.
///
/// This API takes a `prehash` byte slice as there can potentially be many
/// compatible lengths for the message digest for a given concrete signature
/// algorithm.
///
/// Allowed lengths are algorithm-dependent and up to a particular
/// implementation to decide.
async fn sign_prehash_with_rng_async(
&self,
rng: &mut impl CryptoRngCore,
prehash: &[u8],
) -> Result<S, Error>;
}
2 changes: 2 additions & 0 deletions async-signature/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@
missing_debug_implementations
)]

pub mod hazmat;

pub use signature::{self, Error};

#[cfg(feature = "digest")]
Expand Down