Expand description
RustCrypto: ECDSA
Elliptic Curve Digital Signature Algorithm (ECDSA) as specified in FIPS 186-4 (Digital Signature Standard).
About
This crate provides generic ECDSA support which can be used in the following ways:
- Generic implementation of ECDSA usable with the following crates:
- Other crates which provide their own complete implementations of ECDSA can
also leverage the types from this crate to export ECDSA functionality in a
generic, interoperable way by leveraging
ecdsa::Signature
with thesignature::Signer
andsignature::Verifier
traits.
⚠️ Security Warning
The ECDSA implementation contained in this crate has never been independently audited for security!
This crate contains a generic implementation of ECDSA which must be instantiated using a separate crate providing a concrete implementation of arithmetic for a particular curve. It’s possible timing variability can exist in concrete curve implementations, and thus this crate’s security can only be properly assessed for a specific elliptic curve.
USE AT YOUR OWN RISK!
Minimum Supported Rust Version
This crate requires Rust 1.65 at a minimum.
We may change the MSRV in the future, but it will be accompanied by a minor version bump.
License
All crates licensed under either of
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
serde
support
When the serde
feature of this crate is enabled, Serialize
and
Deserialize
impls are provided for the Signature
and VerifyingKey
types.
Please see type-specific documentation for more information.
Interop
Any crates which provide an implementation of ECDSA for a particular
elliptic curve can leverage the types from this crate, along with the
k256
, p256
, and/or p384
crates to expose ECDSA functionality in
a generic, interoperable way by leveraging the Signature
type with in
conjunction with the signature::Signer
and signature::Verifier
traits.
For example, the ring-compat
crate implements the signature::Signer
and signature::Verifier
traits in conjunction with the
p256::ecdsa::Signature
and p384::ecdsa::Signature
types to
wrap the ECDSA implementations from ring in a generic, interoperable
API.
Re-exports
pub use elliptic_curve;
pub use signature;
Modules
- der
der
Support for ASN.1 DER-encoded ECDSA signatures as specified in RFC5912 Appendix A. - dev
dev
Development-related functionality. - hazmat
hazmat
Low-level ECDSA primitives.
Macros
- Define ECDSA signing test.
- Define ECDSA verification test.
- Define a Wycheproof verification test.
Structs
- Signature errors.
- ECDSA signature with low-S normalization applied.
- Recovery IDs, a.k.a. “recid”.
- ECDSA signature (fixed-size). Generic over elliptic curve types.
- SignatureWithOid
digest
An extendedSignature
type which is parameterized by anObjectIdentifier
which identifies the ECDSA variant used by a particular signature. - SigningKey
signing
ECDSA secret key used for signing. Generic over prime order elliptic curves (e.g. NIST P-curves) - VerifyingKey
verifying
ECDSA public key used for verifying signatures. Generic over prime order elliptic curves (e.g. NIST P-curves)
Constants
- ECDSA_SHA224_OID
digest
OID for ECDSA with SHA-224 digests. - ECDSA_SHA256_OID
digest
OID for ECDSA with SHA-256 digests. - ECDSA_SHA384_OID
digest
OID for ECDSA with SHA-384 digests. - ECDSA_SHA512_OID
digest
OID for ECDSA with SHA-512 digests.
Traits
- Marker trait for elliptic curves with prime order.
- Support for decoding/encoding signatures as bytes.
Type Aliases
- Encoded elliptic curve point sized appropriately for a given curve.
- Result type.
- Fixed-size byte array containing an ECDSA signature
- Size of a fixed sized signature for the given elliptic curve.