Update to signature::DigestSigner/Verifier changes (#1064)

Companion PR to RustCrypto/traits#2004

Author: daxpedda

Cargo.lock

@@ -25,3 +25,6 @@ lms-signature = { path = "./lms" }
 ml-dsa = { path = "./ml-dsa" }
 rfc6979 = { path = "./rfc6979" }
 slh-dsa = { path = "./slh-dsa" }
+
+# https://github.com/RustCrypto/traits/pull/2004
+signature = { git = "https://github.com/RustCrypto/traits", rev = "77c001c5abdfea97c7710173c196c76253490734" }

Cargo.toml

@@ -11,8 +11,9 @@ fn main() {
     let signing_key = SigningKey::generate(&mut rng, components);
     let verifying_key = signing_key.verifying_key();
 
-    let signature = signing_key
-        .sign_digest_with_rng(&mut rand::rng(), Sha1::new().chain_update(b"hello world"));
+    let signature = signing_key.sign_digest_with_rng(&mut rand::rng(), |digest: &mut Sha1| {
+        digest.update(b"hello world")
+    });
 
     let signing_key_bytes = signing_key.to_pkcs8_pem(LineEnding::LF).unwrap();
     let verifying_key_bytes = verifying_key.to_public_key_pem(LineEnding::LF).unwrap();

dsa/examples/sign.rs

@@ -13,7 +13,7 @@ use crypto_bigint::{
     BoxedUint, NonZero, Resize,
     modular::{BoxedMontyForm, BoxedMontyParams},
 };
-use digest::{Digest, FixedOutputReset, block_api::BlockSizeUser};
+use digest::{Digest, FixedOutputReset, Update, block_api::BlockSizeUser};
 use signature::{
     DigestSigner, MultipartSigner, RandomizedDigestSigner, Signer,
     hazmat::{PrehashSigner, RandomizedPrehashSigner},
@@ -157,9 +157,10 @@ impl Signer<Signature> for SigningKey {
 
 impl MultipartSigner<Signature> for SigningKey {
     fn try_multipart_sign(&self, msg: &[&[u8]]) -> Result<Signature, signature::Error> {
-        let mut digest = sha2::Sha256::new();
-        msg.iter().for_each(|slice| digest.update(slice));
-        self.try_sign_digest(digest)
+        self.try_sign_digest(|digest: &mut sha2::Sha256| {
+            msg.iter().for_each(|slice| Digest::update(digest, slice));
+            Ok(())
+        })
     }
 }
 
@@ -191,7 +192,12 @@ impl<D> DigestSigner<D, Signature> for SigningKey
 where
     D: Digest + BlockSizeUser + FixedOutputReset,
 {
-    fn try_sign_digest(&self, digest: D) -> Result<Signature, signature::Error> {
+    fn try_sign_digest<F: Fn(&mut D) -> Result<(), signature::Error>>(
+        &self,
+        f: F,
+    ) -> Result<Signature, signature::Error> {
+        let mut digest = D::new();
+        f(&mut digest)?;
         let hash = digest.finalize_fixed();
         let ks = crate::generate::secret_number_rfc6979::<D>(self, &hash)?;
 
@@ -201,15 +207,20 @@ where
 
 impl<D> RandomizedDigestSigner<D, Signature> for SigningKey
 where
-    D: Digest,
+    D: Digest + Update,
 {
-    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
+    fn try_sign_digest_with_rng<
+        R: TryCryptoRng + ?Sized,
+        F: Fn(&mut D) -> Result<(), signature::Error>,
+    >(
         &self,
         rng: &mut R,
-        digest: D,
+        f: F,
     ) -> Result<Signature, signature::Error> {
         let ks = crate::generate::secret_number(rng, self.verifying_key().components())?
             .ok_or_else(signature::Error::new)?;
+        let mut digest = D::new();
+        f(&mut digest)?;
         let hash = digest.finalize();
 
         self.sign_prehashed(ks, &hash)

dsa/src/signing_key.rs

@@ -8,7 +8,7 @@ use crypto_bigint::{
     BoxedUint, NonZero, Resize,
     modular::{BoxedMontyForm, BoxedMontyParams},
 };
-use digest::Digest;
+use digest::{Digest, Update};
 use signature::{DigestVerifier, MultipartVerifier, Verifier, hazmat::PrehashVerifier};
 
 #[cfg(feature = "pkcs8")]
@@ -124,9 +124,13 @@ impl MultipartVerifier<Signature> for VerifyingKey {
         msg: &[&[u8]],
         signature: &Signature,
     ) -> Result<(), signature::Error> {
-        let mut digest = sha2::Sha256::new();
-        msg.iter().for_each(|slice| digest.update(slice));
-        self.verify_digest(digest, signature)
+        self.verify_digest(
+            |digest: &mut sha2::Sha256| {
+                msg.iter().for_each(|slice| Digest::update(digest, slice));
+                Ok(())
+            },
+            signature,
+        )
     }
 }
 
@@ -146,9 +150,15 @@ impl PrehashVerifier<Signature> for VerifyingKey {
 
 impl<D> DigestVerifier<D, Signature> for VerifyingKey
 where
-    D: Digest,
+    D: Digest + Update,
 {
-    fn verify_digest(&self, digest: D, signature: &Signature) -> Result<(), signature::Error> {
+    fn verify_digest<F: Fn(&mut D) -> Result<(), signature::Error>>(
+        &self,
+        f: F,
+        signature: &Signature,
+    ) -> Result<(), signature::Error> {
+        let mut digest = D::new();
+        f(&mut digest)?;
         let hash = digest.finalize();
 
         let is_valid = self

dsa/src/verifying_key.rs

@@ -102,7 +102,7 @@ fn generate_signature<D>(signing_key: SigningKey, data: &[u8]) -> Signature
 where
     D: Digest + BlockSizeUser + FixedOutputReset,
 {
-    signing_key.sign_digest(<D as Digest>::new().chain_update(data))
+    signing_key.sign_digest(|digest: &mut D| Digest::update(digest, data))
 }
 
 /// Generate a signature using the 1024-bit DSA key

dsa/tests/deterministic.rs

@@ -71,8 +71,10 @@ fn decode_encode_signature() {
 #[test]
 fn sign_message() {
     let signing_key = generate_deterministic_keypair();
-    let generated_signature =
-        signing_key.sign_digest_with_rng(&mut seeded_csprng(), Sha256::new().chain_update(MESSAGE));
+    let generated_signature = signing_key
+        .sign_digest_with_rng(&mut seeded_csprng(), |digest: &mut Sha256| {
+            digest.update(MESSAGE)
+        });
 
     let expected_signature =
         Signature::from_der(MESSAGE_SIGNATURE_CRATE_ASN1).expect("Failed to decode signature");
@@ -90,7 +92,13 @@ fn verify_signature() {
 
     assert!(
         verifying_key
-            .verify_digest(Sha256::new().chain_update(MESSAGE), &signature)
+            .verify_digest(
+                |digest: &mut Sha256| {
+                    digest.update(MESSAGE);
+                    Ok(())
+                },
+                &signature
+            )
             .is_ok()
     );
 }
@@ -160,6 +168,12 @@ fn verify_signature_precision() {
         let signature = Signature::from_der(&asn1)
             .expect("Failed to parse ASN.1 representation of the test signature");
 
-        let _ = verifying_key.verify_digest(Sha256::new().chain_update(MESSAGE), &signature);
+        let _ = verifying_key.verify_digest(
+            |digest: &mut Sha256| {
+                digest.update(MESSAGE);
+                Ok(())
+            },
+            &signature,
+        );
     }
 }

dsa/tests/signature.rs

@@ -49,12 +49,20 @@ fn sign_and_verify() {
     let signing_key = generate_keypair();
     let verifying_key = signing_key.verifying_key();
 
-    let signature =
-        signing_key.sign_digest_with_rng(&mut rand::thread_rng(), Sha1::new().chain_update(DATA));
+    let signature = signing_key
+        .sign_digest_with_rng(&mut rand::thread_rng(), |digest: &mut Sha1| {
+            digest.update(DATA)
+        });
 
     assert!(
         verifying_key
-            .verify_digest(Sha1::new().chain_update(DATA), &signature)
+            .verify_digest(
+                |digest: &mut Sha1| {
+                    digest.update(DATA);
+                    Ok(())
+                },
+                &signature
+            )
             .is_ok()
     );
 }

dsa/tests/signing_key.rs

@@ -8,7 +8,7 @@ use {
     elliptic_curve::{FieldBytes, subtle::CtOption},
     signature::{
         DigestSigner, MultipartSigner, RandomizedDigestSigner, Signer,
-        digest::FixedOutput,
+        digest::{FixedOutput, Update},
         hazmat::{PrehashSigner, RandomizedPrehashSigner},
         rand_core::TryCryptoRng,
     },
@@ -229,12 +229,17 @@ where
 impl<C, D> DigestSigner<D, (Signature<C>, RecoveryId)> for SigningKey<C>
 where
     C: EcdsaCurve + CurveArithmetic + DigestAlgorithm,
-    D: Digest,
+    D: Digest + Update,
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
     SignatureSize<C>: ArraySize,
 {
-    fn try_sign_digest(&self, msg_digest: D) -> Result<(Signature<C>, RecoveryId)> {
-        self.sign_digest_recoverable(msg_digest)
+    fn try_sign_digest<F: Fn(&mut D) -> Result<()>>(
+        &self,
+        f: F,
+    ) -> Result<(Signature<C>, RecoveryId)> {
+        let mut digest = D::new();
+        f(&mut digest)?;
+        self.sign_digest_recoverable(digest)
     }
 }
 
@@ -262,12 +267,14 @@ where
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
     SignatureSize<C>: ArraySize,
 {
-    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
+    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized, F: Fn(&mut D) -> Result<()>>(
         &self,
         rng: &mut R,
-        msg_digest: D,
+        f: F,
     ) -> Result<(Signature<C>, RecoveryId)> {
-        self.sign_prehash_with_rng(rng, &msg_digest.finalize_fixed())
+        let mut digest = D::new();
+        f(&mut digest)?;
+        self.sign_prehash_with_rng(rng, &digest.finalize_fixed())
     }
 }
 
@@ -304,7 +311,8 @@ where
 {
     fn try_multipart_sign(&self, msg: &[&[u8]]) -> Result<(Signature<C>, RecoveryId)> {
         let mut digest = C::Digest::new();
-        msg.iter().for_each(|slice| digest.update(slice));
+        msg.iter()
+            .for_each(|slice| Digest::update(&mut digest, slice));
         self.sign_digest_recoverable(digest)
     }
 }

ecdsa/src/recovery.rs

@@ -145,8 +145,10 @@ where
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
     SignatureSize<C>: ArraySize,
 {
-    fn try_sign_digest(&self, msg_digest: D) -> Result<Signature<C>> {
-        self.sign_prehash(&msg_digest.finalize_fixed())
+    fn try_sign_digest<F: Fn(&mut D) -> Result<()>>(&self, f: F) -> Result<Signature<C>> {
+        let mut digest = D::new();
+        f(&mut digest)?;
+        self.sign_prehash(&digest.finalize_fixed())
     }
 }
 
@@ -188,9 +190,10 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn try_multipart_sign(&self, msg: &[&[u8]]) -> core::result::Result<Signature<C>, Error> {
-        let mut digest = C::Digest::new();
-        msg.iter().for_each(|slice| digest.update(slice));
-        self.try_sign_digest(digest)
+        self.try_sign_digest(|digest: &mut C::Digest| {
+            msg.iter().for_each(|slice| digest.update(slice));
+            Ok(())
+        })
     }
 }
 
@@ -201,12 +204,14 @@ where
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
     SignatureSize<C>: ArraySize,
 {
-    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
+    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized, F: Fn(&mut D) -> Result<()>>(
         &self,
         rng: &mut R,
-        msg_digest: D,
+        f: F,
     ) -> Result<Signature<C>> {
-        self.sign_prehash_with_rng(rng, &msg_digest.finalize_fixed())
+        let mut digest = D::new();
+        f(&mut digest)?;
+        self.sign_prehash_with_rng(rng, &digest.finalize_fixed())
     }
 }
 
@@ -264,9 +269,10 @@ where
         rng: &mut R,
         msg: &[&[u8]],
     ) -> Result<Signature<C>> {
-        let mut digest = C::Digest::new();
-        msg.iter().for_each(|slice| digest.update(slice));
-        self.try_sign_digest_with_rng(rng, digest)
+        self.try_sign_digest_with_rng(rng, |digest: &mut C::Digest| {
+            msg.iter().for_each(|slice| digest.update(slice));
+            Ok(())
+        })
     }
 }
 
@@ -277,8 +283,8 @@ where
     Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
     SignatureSize<C>: ArraySize,
 {
-    fn try_sign_digest(&self, msg_digest: D) -> Result<SignatureWithOid<C>> {
-        let signature: Signature<C> = self.try_sign_digest(msg_digest)?;
+    fn try_sign_digest<F: Fn(&mut D) -> Result<()>>(&self, f: F) -> Result<SignatureWithOid<C>> {
+        let signature: Signature<C> = self.try_sign_digest(f)?;
         let oid = ecdsa_oid_for_digest(D::OID).ok_or_else(Error::new)?;
         SignatureWithOid::new(signature, oid)
     }
@@ -304,9 +310,10 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn try_multipart_sign(&self, msg: &[&[u8]]) -> Result<SignatureWithOid<C>> {
-        let mut digest = C::Digest::new();
-        msg.iter().for_each(|slice| digest.update(slice));
-        self.try_sign_digest(digest)
+        self.try_sign_digest(|digest: &mut C::Digest| {
+            msg.iter().for_each(|slice| digest.update(slice));
+            Ok(())
+        })
     }
 }
 
@@ -348,12 +355,12 @@ where
     der::MaxSize<C>: ArraySize,
     <FieldBytesSize<C> as Add>::Output: Add<der::MaxOverhead> + ArraySize,
 {
-    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized>(
+    fn try_sign_digest_with_rng<R: TryCryptoRng + ?Sized, F: Fn(&mut D) -> Result<()>>(
         &self,
         rng: &mut R,
-        msg_digest: D,
+        f: F,
     ) -> Result<der::Signature<C>> {
-        RandomizedDigestSigner::<D, Signature<C>>::try_sign_digest_with_rng(self, rng, msg_digest)
+        RandomizedDigestSigner::<D, Signature<C>>::try_sign_digest_with_rng(self, rng, f)
             .map(Into::into)
     }
 }
@@ -387,8 +394,8 @@ where
     der::MaxSize<C>: ArraySize,
     <FieldBytesSize<C> as Add>::Output: Add<der::MaxOverhead> + ArraySize,
 {
-    fn try_sign_digest(&self, msg_digest: D) -> Result<der::Signature<C>> {
-        DigestSigner::<D, Signature<C>>::try_sign_digest(self, msg_digest).map(Into::into)
+    fn try_sign_digest<F: Fn(&mut D) -> Result<()>>(&self, f: F) -> Result<der::Signature<C>> {
+        DigestSigner::<D, Signature<C>>::try_sign_digest(self, f).map(Into::into)
     }
 }