Struct ecdsa::Signature

pub struct Signature<C: PrimeCurve>where
    SignatureSize<C>: ArrayLength<u8>,{ /* private fields */ }

ECDSA signature (fixed-size). Generic over elliptic curve types.

Serialized as fixed-sized big endian scalar values with no added framing:

• r: field element size for the given curve, big-endian
• s: field element size for the given curve, big-endian

For example, in a curve with a 256-bit modulus like NIST P-256 or secp256k1, r and s will both be 32-bytes, resulting in a signature with a total of 64-bytes.

ASN.1 DER-encoded signatures also supported via the Signature::from_der and Signature::to_der methods.

serde support

When the serde feature of this crate is enabled, it provides support for serializing and deserializing ECDSA signatures using the Serialize and Deserialize traits.

The serialization uses a 64-byte fixed encoding when used with binary formats, and a hexadecimal encoding when used with text formats.

Implementations

impl<C> Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

pub fn from_der(bytes: &[u8]) -> Result<Self>where
    MaxSize<C>: ArrayLength<u8>,
    <FieldSize<C> as Add>::Output: Add<MaxOverhead> + ArrayLength<u8>,

Available on crate feature der only.

Parse a signature from ASN.1 DER

pub fn from_scalars(
    r: impl Into<FieldBytes<C>>,
    s: impl Into<FieldBytes<C>>
) -> Result<Self>

Create a Signature from the serialized r and s scalar values which comprise the signature.

pub fn split_bytes(&self) -> (FieldBytes<C>, FieldBytes<C>)

Split the signature into its r and s components, represented as bytes.

pub fn to_der(&self) -> Signature<C>where
    MaxSize<C>: ArrayLength<u8>,
    <FieldSize<C> as Add>::Output: Add<MaxOverhead> + ArrayLength<u8>,

Available on crate feature der only.

Serialize this signature as ASN.1 DER

pub fn to_vec(&self) -> Vec<u8>

Available on crate feature alloc only.

Convert this signature into a byte vector.

impl<C> Signature<C>where
    C: PrimeCurve + ScalarArithmetic,
    SignatureSize<C>: ArrayLength<u8>,

pub fn r(&self) -> NonZeroScalar<C>

Available on crate feature arithmetic only.

Get the r component of this signature

pub fn s(&self) -> NonZeroScalar<C>

Available on crate feature arithmetic only.

Get the s component of this signature

pub fn split_scalars(&self) -> (NonZeroScalar<C>, NonZeroScalar<C>)

Available on crate feature arithmetic only.

Split the signature into its r and s scalars.

pub fn normalize_s(&self) -> Option<Self>

Available on crate feature arithmetic only.

Normalize signature into “low S” form as described in BIP 0062: Dealing with Malleability.

Trait Implementations

impl<C> AsRef<[u8]> for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn as_ref(&self) -> &[u8]

Converts this type into a shared reference of the (usually inferred) input type.

impl<C: Clone + PrimeCurve> Clone for Signature<C>where
    SignatureSize<C>: ArrayLength<u8>,

fn clone(&self) -> Signature<C>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<C> Debug for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de, C> Deserialize<'de> for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

Available on crate feature serde only.

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>where
    D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl<C, D> DigestSigner<D, Signature<C>> for SigningKey<C>where
    C: PrimeCurve + ProjectiveArithmetic,
    C::UInt: for<'a> From<&'a Scalar<C>>,
    D: Digest + BlockSizeUser + FixedOutput<OutputSize = FieldSize<C>> + FixedOutputReset,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

fn try_sign_digest(&self, msg_digest: D) -> Result<Signature<C>>

Sign message digest using a deterministic ephemeral scalar (k) computed using the algorithm described in RFC6979 § 3.2.

fn sign_digest(&self, digest: D) -> S

Sign the given prehashed message [Digest], returning a signature.

impl<C, D> DigestVerifier<D, Signature<C>> for VerifyingKey<C>where
    C: PrimeCurve + ProjectiveArithmetic,
    D: Digest + FixedOutput<OutputSize = FieldSize<C>>,
    AffinePoint<C>: VerifyPrimitive<C>,
    Scalar<C>: Reduce<C::UInt>,
    SignatureSize<C>: ArrayLength<u8>,

fn verify_digest(&self, msg_digest: D, signature: &Signature<C>) -> Result<()>

Verify the signature against the given [Digest] output.

impl<C> Display for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<C> FromStr for Signature<C>where
    C: PrimeCurve + ScalarArithmetic,
    SignatureSize<C>: ArrayLength<u8>,

Available on crate feature arithmetic only.

type Err = Error

The associated error which can be returned from parsing.

fn from_str(hex: &str) -> Result<Self>

Parses a string s to return a value of this type.

impl<C> Keypair<Signature<C>> for SigningKey<C>where
    C: PrimeCurve + ProjectiveArithmetic,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

Available on crate feature verify only.

type VerifyingKey = VerifyingKey<C>

Verifying key type for this keypair.

fn verifying_key(&self) -> &Self::VerifyingKey

Get the verifying key which can verify signatures produced by the signing key portion of this keypair.

impl<C> LowerHex for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<C: PartialEq + PrimeCurve> PartialEq<Signature<C>> for Signature<C>where
    SignatureSize<C>: ArrayLength<u8>,

fn eq(&self, other: &Signature<C>) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<C> PrehashSignature for Signature<C>where
    C: DigestPrimitive,
    <FieldSize<C> as Add>::Output: ArrayLength<u8>,

Available on crate feature hazmat only.

type Digest = <C as DigestPrimitive>::Digest

Preferred Digest algorithm to use when computing this signature type.

impl<C> PrehashSigner<Signature<C>> for SigningKey<C>where
    C: PrimeCurve + ProjectiveArithmetic + DigestPrimitive,
    C::Digest: BlockSizeUser + FixedOutput<OutputSize = FieldSize<C>> + FixedOutputReset,
    C::UInt: for<'a> From<&'a Scalar<C>>,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

fn sign_prehash(&self, prehash: &[u8]) -> Result<Signature<C>>

Attempt to sign the given message digest, returning a digital signature on success, or an error if something went wrong.

impl<C> PrehashVerifier<Signature<C>> for VerifyingKey<C>where
    C: PrimeCurve + ProjectiveArithmetic + DigestPrimitive,
    AffinePoint<C>: VerifyPrimitive<C>,
    Scalar<C>: Reduce<C::UInt>,
    SignatureSize<C>: ArrayLength<u8>,

fn verify_prehash(&self, prehash: &[u8], signature: &Signature<C>) -> Result<()>

Use Self to verify that the provided signature for a given message prehash is authentic.

impl<C, D> RandomizedDigestSigner<D, Signature<C>> for SigningKey<C>where
    C: PrimeCurve + ProjectiveArithmetic,
    C::UInt: for<'a> From<&'a Scalar<C>>,
    D: Digest + BlockSizeUser + FixedOutput<OutputSize = FieldSize<C>> + FixedOutputReset,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

fn try_sign_digest_with_rng(
    &self,
    rng: impl CryptoRng + RngCore,
    msg_digest: D
) -> Result<Signature<C>>

Sign message prehash using an ephemeral scalar (k) derived according to a variant of RFC 6979 (Section 3.6) which supplies additional entropy from an RNG.

fn sign_digest_with_rng(&self, rng: impl CryptoRng + RngCore, digest: D) -> S

Sign the given prehashed message Digest, returning a signature.

impl<C> RandomizedSigner<Signature<C>> for SigningKey<C>where
    Self: RandomizedDigestSigner<C::Digest, Signature<C>>,
    C: PrimeCurve + ProjectiveArithmetic + DigestPrimitive,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

fn try_sign_with_rng(
    &self,
    rng: impl CryptoRng + RngCore,
    msg: &[u8]
) -> Result<Signature<C>>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong.

fn sign_with_rng(&self, rng: impl CryptoRng + RngCore, msg: &[u8]) -> S

Sign the given message and return a digital signature

impl<C> Serialize for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

Available on crate feature serde only.

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>where
    S: Serializer,

Serialize this value into the given Serde serializer.

impl<C> Signature for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn from_bytes(bytes: &[u8]) -> Result<Self>

Parse a signature from its byte representation

fn as_bytes(&self) -> &[u8]

Borrow a byte slice representing the serialized form of this signature

impl<C> Signer<Signature<C>> for SigningKey<C>where
    Self: DigestSigner<C::Digest, Signature<C>>,
    C: PrimeCurve + ProjectiveArithmetic + DigestPrimitive,
    Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + Reduce<C::UInt> + SignPrimitive<C>,
    SignatureSize<C>: ArrayLength<u8>,

fn try_sign(&self, msg: &[u8]) -> Result<Signature<C>>

Attempt to sign the given message, returning a digital signature on success, or an error if something went wrong.

fn sign(&self, msg: &[u8]) -> S

Sign the given message and return a digital signature

impl<C> TryFrom<&[u8]> for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

type Error = Error

The type returned in the event of a conversion error.

fn try_from(bytes: &[u8]) -> Result<Self>

Performs the conversion.

impl<C> TryFrom<Signature<C>> for Signature<C>where
    C: PrimeCurve,
    MaxSize<C>: ArrayLength<u8>,
    <FieldSize<C> as Add>::Output: Add<MaxOverhead> + ArrayLength<u8>,

Available on crate feature der only.

type Error = Error

The type returned in the event of a conversion error.

fn try_from(sig: Signature<C>) -> Result<Signature<C>>

Performs the conversion.

impl<C> UpperHex for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<C> Verifier<Signature<C>> for VerifyingKey<C>where
    C: PrimeCurve + ProjectiveArithmetic + DigestPrimitive,
    C::Digest: FixedOutput<OutputSize = FieldSize<C>>,
    AffinePoint<C>: VerifyPrimitive<C>,
    Scalar<C>: Reduce<C::UInt>,
    SignatureSize<C>: ArrayLength<u8>,

fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<()>

Use Self to verify that the provided signature for a given message bytestring is authentic.

impl<C> Copy for Signature<C>where
    C: PrimeCurve,
    SignatureSize<C>: ArrayLength<u8>,
    <SignatureSize<C> as ArrayLength<u8>>::ArrayType: Copy,

impl<C: Eq + PrimeCurve> Eq for Signature<C>where
    SignatureSize<C>: ArrayLength<u8>,

impl<C: PrimeCurve> StructuralEq for Signature<C>where
    SignatureSize<C>: ArrayLength<u8>,

impl<C: PrimeCurve> StructuralPartialEq for Signature<C>where
    SignatureSize<C>: ArrayLength<u8>,