diff --git a/Cargo.lock b/Cargo.lock index dbcb5847..7b93a3f4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -736,9 +736,9 @@ dependencies = [ [[package]] name = "signature" -version = "3.0.0-rc.0" +version = "3.0.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7ae074ff622614874804868b07d9cb786223082c9fe726a6653608f32f37b02" +checksum = "b8852cecbd17ba45978bbbe43061ebe36a2ae376058c5c172e09f72888f8f7de" dependencies = [ "digest", "rand_core 0.9.3", diff --git a/Cargo.toml b/Cargo.toml index d95ee6d5..20a28726 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,7 +19,7 @@ subtle = { version = "2.6.1", default-features = false } digest = { version = "0.11.0-rc.0", default-features = false, features = ["alloc", "oid"] } pkcs1 = { version = "0.8.0-rc.2", default-features = false, features = ["alloc", "pkcs8"] } pkcs8 = { version = "0.11.0-rc.4", default-features = false, features = ["alloc"] } -signature = { version = "3.0.0-rc.0", default-features = false, features = ["alloc", "digest", "rand_core"] } +signature = { version = "3.0.0-rc.1", default-features = false, features = ["alloc", "digest", "rand_core"] } spki = { version = "0.8.0-rc.2", default-features = false, features = ["alloc"] } zeroize = { version = "1.5", features = ["alloc"] } crypto-bigint = { version = "0.7.0-pre.4", default-features = false, features = ["zeroize", "alloc"] } diff --git a/src/pkcs1v15/signing_key.rs b/src/pkcs1v15/signing_key.rs index 04c0d30f..ffb3d654 100644 --- a/src/pkcs1v15/signing_key.rs +++ b/src/pkcs1v15/signing_key.rs @@ -18,7 +18,8 @@ use { }; use signature::{ - hazmat::PrehashSigner, DigestSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, Signer, + hazmat::PrehashSigner, DigestSigner, Keypair, MultipartSigner, RandomizedDigestSigner, + RandomizedMultipartSigner, RandomizedSigner, Signer, }; use zeroize::ZeroizeOnDrop; @@ -147,7 +148,22 @@ where rng: &mut R, msg: &[u8], ) -> signature::Result { - sign(Some(rng), &self.inner, &self.prefix, &D::digest(msg))? + self.try_multipart_sign_with_rng(rng, &[msg]) + } +} + +impl RandomizedMultipartSigner for SigningKey +where + D: Digest, +{ + fn try_multipart_sign_with_rng( + &self, + rng: &mut R, + msg: &[&[u8]], + ) -> signature::Result { + let mut digest = D::new(); + msg.iter().for_each(|slice| digest.update(slice)); + sign(Some(rng), &self.inner, &self.prefix, &digest.finalize())? .as_slice() .try_into() } @@ -158,7 +174,18 @@ where D: Digest, { fn try_sign(&self, msg: &[u8]) -> signature::Result { - sign::(None, &self.inner, &self.prefix, &D::digest(msg))? + self.try_multipart_sign(&[msg]) + } +} + +impl MultipartSigner for SigningKey +where + D: Digest, +{ + fn try_multipart_sign(&self, msg: &[&[u8]]) -> signature::Result { + let mut digest = D::new(); + msg.iter().for_each(|slice| digest.update(slice)); + sign::(None, &self.inner, &self.prefix, &digest.finalize())? .as_slice() .try_into() } diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs index 6de1cf16..f0ff3c5e 100644 --- a/src/pss/blinded_signing_key.rs +++ b/src/pss/blinded_signing_key.rs @@ -12,7 +12,8 @@ use pkcs8::{ }; use rand_core::{CryptoRng, TryCryptoRng}; use signature::{ - hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, + hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedMultipartSigner, + RandomizedSigner, }; use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] @@ -93,7 +94,23 @@ where rng: &mut R, msg: &[u8], ) -> signature::Result { - sign_digest::<_, D>(rng, true, &self.inner, &D::digest(msg), self.salt_len)? + self.try_multipart_sign_with_rng(rng, &[msg]) + } +} + +impl RandomizedMultipartSigner for BlindedSigningKey +where + D: Digest + FixedOutputReset, +{ + fn try_multipart_sign_with_rng( + &self, + rng: &mut R, + msg: &[&[u8]], + ) -> signature::Result { + let mut digest = D::new(); + msg.iter() + .for_each(|slice| ::update(&mut digest, slice)); + sign_digest::<_, D>(rng, true, &self.inner, &digest.finalize(), self.salt_len)? .as_slice() .try_into() } diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs index 17c46a8e..f250b961 100644 --- a/src/pss/signing_key.rs +++ b/src/pss/signing_key.rs @@ -13,7 +13,8 @@ use pkcs8::{ }; use rand_core::{CryptoRng, TryCryptoRng}; use signature::{ - hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, + hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedMultipartSigner, + RandomizedSigner, }; use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] @@ -25,7 +26,7 @@ use { #[cfg(feature = "os_rng")] use { rand_core::OsRng, - signature::{hazmat::PrehashSigner, Signer}, + signature::{hazmat::PrehashSigner, MultipartSigner, Signer}, }; /// Signing key for producing RSASSA-PSS signatures as described in @@ -118,6 +119,22 @@ where } } +impl RandomizedMultipartSigner for SigningKey +where + D: Digest + FixedOutputReset, +{ + fn try_multipart_sign_with_rng( + &self, + rng: &mut R, + msg: &[&[u8]], + ) -> signature::Result { + let mut digest = D::new(); + msg.iter() + .for_each(|slice| ::update(&mut digest, slice)); + self.try_sign_digest_with_rng(rng, digest) + } +} + impl RandomizedPrehashSigner for SigningKey where D: Digest + FixedOutputReset, @@ -153,6 +170,16 @@ where } } +#[cfg(feature = "os_rng")] +impl MultipartSigner for SigningKey +where + D: Digest + FixedOutputReset, +{ + fn try_multipart_sign(&self, msg: &[&[u8]]) -> signature::Result { + self.try_multipart_sign_with_rng(&mut OsRng, msg) + } +} + // // Other trait impls //