Trait ed25519_dalek::DigestSigner

source · 
pub trait DigestSigner<D, S>
where
    D: Digest,
{
    // Required method
    fn try_sign_digest(&self, digest: D) -> Result<S, Error>;

    // Provided method
    fn sign_digest(&self, digest: D) -> S { ... }
}
Available on crate feature digest only.
Expand description

Sign the given prehashed message Digest using Self.

§Notes

This trait is primarily intended for signature algorithms based on the Fiat-Shamir heuristic, a method for converting an interactive challenge/response-based proof-of-knowledge protocol into an offline digital signature through the use of a random oracle, i.e. a digest function.

The security of such protocols critically rests upon the inability of an attacker to solve for the output of the random oracle, as generally otherwise such signature algorithms are a system of linear equations and therefore doing so would allow the attacker to trivially forge signatures.

To prevent misuse which would potentially allow this to be possible, this API accepts a Digest instance, rather than a raw digest value.

Required Methods§

source

fn try_sign_digest(&self, digest: D) -> Result<S, Error>

Attempt to sign the given prehashed message Digest, returning a digital signature on success, or an error if something went wrong.

Provided Methods§

source

fn sign_digest(&self, digest: D) -> S

Sign the given prehashed message Digest, returning a signature.

Panics in the event of a signing error.

Implementors§

source§

impl<D> DigestSigner<D, Signature> for Context<'_, '_, SigningKey>
where D: Digest<OutputSize = U64>,

Equivalent to SigningKey::sign_prehashed with context set to Some containing self.value().

§Note

The RFC only permits SHA-512 to be used for prehashing. This function technically works, and is probably safe to use, with any secure hash function with 512-bit digests, but anything outside of SHA-512 is NOT specification-compliant. We expose crate::Sha512 for user convenience.

source§

impl<D> DigestSigner<D, Signature> for SigningKey
where D: Digest<OutputSize = U64>,

Equivalent to SigningKey::sign_prehashed with context set to None.

§Note

The RFC only permits SHA-512 to be used for prehashing. This function technically works, and is probably safe to use, with any secure hash function with 512-bit digests, but anything outside of SHA-512 is NOT specification-compliant. We expose crate::Sha512 for user convenience.