Implement MultiPartSigner/Verifier for ECDSA

Author: daxpedda

ecdsa/src/recovery.rs

@@ -7,7 +7,7 @@ use {
     crate::{SigningKey, hazmat::sign_prehashed_rfc6979},
     elliptic_curve::{FieldBytes, subtle::CtOption},
     signature::{
-        DigestSigner, RandomizedDigestSigner, Signer,
+        DigestSigner, MultiPartSigner, RandomizedDigestSigner, Signer,
         digest::FixedOutput,
         hazmat::{PrehashSigner, RandomizedPrehashSigner},
         rand_core::TryCryptoRng,
@@ -291,7 +291,21 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn try_sign(&self, msg: &[u8]) -> Result<(Signature<C>, RecoveryId)> {
-        self.sign_recoverable(msg)
+        self.try_multi_part_sign(&[msg])
+    }
+}
+
+#[cfg(feature = "signing")]
+impl<C> MultiPartSigner<(Signature<C>, RecoveryId)> for SigningKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
+    SignatureSize<C>: ArraySize,
+{
+    fn try_multi_part_sign(&self, msg: &[&[u8]]) -> Result<(Signature<C>, RecoveryId)> {
+        let mut digest = C::Digest::new();
+        msg.iter().for_each(|slice| digest.update(slice));
+        self.sign_digest_recoverable(digest)
     }
 }
 

ecdsa/src/signing.rs

@@ -15,7 +15,8 @@ use elliptic_curve::{
     zeroize::{Zeroize, ZeroizeOnDrop},
 };
 use signature::{
-    DigestSigner, RandomizedDigestSigner, RandomizedSigner, Signer,
+    DigestSigner, MultiPartSigner, RandomizedDigestSigner, RandomizedMultiPartSigner,
+    RandomizedSigner, Signer,
     hazmat::{PrehashSigner, RandomizedPrehashSigner},
     rand_core::{CryptoRng, TryCryptoRng},
 };
@@ -176,7 +177,20 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn try_sign(&self, msg: &[u8]) -> Result<Signature<C>> {
-        self.try_sign_digest(C::Digest::new_with_prefix(msg))
+        self.try_multi_part_sign(&[msg])
+    }
+}
+
+impl<C> MultiPartSigner<Signature<C>> for SigningKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
+    SignatureSize<C>: ArraySize,
+{
+    fn try_multi_part_sign(&self, msg: &[&[u8]]) -> core::result::Result<Signature<C>, Error> {
+        let mut digest = C::Digest::new();
+        msg.iter().for_each(|slice| digest.update(slice));
+        self.try_sign_digest(digest)
     }
 }
 
@@ -234,7 +248,25 @@ where
         rng: &mut R,
         msg: &[u8],
     ) -> Result<Signature<C>> {
-        self.try_sign_digest_with_rng(rng, C::Digest::new_with_prefix(msg))
+        self.try_multi_part_sign_with_rng(rng, &[msg])
+    }
+}
+
+impl<C> RandomizedMultiPartSigner<Signature<C>> for SigningKey<C>
+where
+    Self: RandomizedDigestSigner<C::Digest, Signature<C>>,
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
+    SignatureSize<C>: ArraySize,
+{
+    fn try_multi_part_sign_with_rng<R: TryCryptoRng + ?Sized>(
+        &self,
+        rng: &mut R,
+        msg: &[&[u8]],
+    ) -> Result<Signature<C>> {
+        let mut digest = C::Digest::new();
+        msg.iter().for_each(|slice| digest.update(slice));
+        self.try_sign_digest_with_rng(rng, digest)
     }
 }
 
@@ -260,7 +292,21 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn try_sign(&self, msg: &[u8]) -> Result<SignatureWithOid<C>> {
-        self.try_sign_digest(C::Digest::new_with_prefix(msg))
+        self.try_multi_part_sign(&[msg])
+    }
+}
+
+impl<C> MultiPartSigner<SignatureWithOid<C>> for SigningKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    C::Digest: AssociatedOid,
+    Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
+    SignatureSize<C>: ArraySize,
+{
+    fn try_multi_part_sign(&self, msg: &[&[u8]]) -> Result<SignatureWithOid<C>> {
+        let mut digest = C::Digest::new();
+        msg.iter().for_each(|slice| digest.update(slice));
+        self.try_sign_digest(digest)
     }
 }
 
@@ -364,6 +410,25 @@ where
     }
 }
 
+#[cfg(feature = "der")]
+impl<C> RandomizedMultiPartSigner<der::Signature<C>> for SigningKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    Scalar<C>: Invert<Output = CtOption<Scalar<C>>>,
+    SignatureSize<C>: ArraySize,
+    der::MaxSize<C>: ArraySize,
+    <FieldBytesSize<C> as Add>::Output: Add<der::MaxOverhead> + ArraySize,
+{
+    fn try_multi_part_sign_with_rng<R: TryCryptoRng + ?Sized>(
+        &self,
+        rng: &mut R,
+        msg: &[&[u8]],
+    ) -> Result<der::Signature<C>> {
+        RandomizedMultiPartSigner::<Signature<C>>::try_multi_part_sign_with_rng(self, rng, msg)
+            .map(Into::into)
+    }
+}
+
 //
 // Other trait impls
 //

ecdsa/src/verifying.rs

@@ -13,7 +13,7 @@ use elliptic_curve::{
     sec1::{self, CompressedPoint, EncodedPoint, FromEncodedPoint, ToEncodedPoint},
 };
 use signature::{
-    DigestVerifier, Verifier,
+    DigestVerifier, MultiPartVerifier, Verifier,
     digest::{Digest, FixedOutput},
     hazmat::PrehashVerifier,
 };
@@ -178,7 +178,19 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<()> {
-        self.verify_digest(C::Digest::new_with_prefix(msg), signature)
+        self.multi_part_verify(&[msg], signature)
+    }
+}
+
+impl<C> MultiPartVerifier<Signature<C>> for VerifyingKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    SignatureSize<C>: ArraySize,
+{
+    fn multi_part_verify(&self, msg: &[&[u8]], signature: &Signature<C>) -> Result<()> {
+        let mut digest = C::Digest::new();
+        msg.iter().for_each(|slice| digest.update(slice));
+        self.verify_digest(digest, signature)
     }
 }
 
@@ -189,11 +201,38 @@ where
     SignatureSize<C>: ArraySize,
 {
     fn verify(&self, msg: &[u8], sig: &SignatureWithOid<C>) -> Result<()> {
+        self.multi_part_verify(&[msg], sig)
+    }
+}
+
+#[cfg(feature = "sha2")]
+impl<C> MultiPartVerifier<SignatureWithOid<C>> for VerifyingKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    SignatureSize<C>: ArraySize,
+{
+    fn multi_part_verify(&self, msg: &[&[u8]], sig: &SignatureWithOid<C>) -> Result<()> {
         match sig.oid() {
-            ECDSA_SHA224_OID => self.verify_prehash(&Sha224::digest(msg), sig.signature()),
-            ECDSA_SHA256_OID => self.verify_prehash(&Sha256::digest(msg), sig.signature()),
-            ECDSA_SHA384_OID => self.verify_prehash(&Sha384::digest(msg), sig.signature()),
-            ECDSA_SHA512_OID => self.verify_prehash(&Sha512::digest(msg), sig.signature()),
+            ECDSA_SHA224_OID => {
+                let mut digest = Sha224::new();
+                msg.iter().for_each(|slice| digest.update(slice));
+                self.verify_prehash(&digest.finalize(), sig.signature())
+            }
+            ECDSA_SHA256_OID => {
+                let mut digest = Sha256::new();
+                msg.iter().for_each(|slice| digest.update(slice));
+                self.verify_prehash(&digest.finalize(), sig.signature())
+            }
+            ECDSA_SHA384_OID => {
+                let mut digest = Sha384::new();
+                msg.iter().for_each(|slice| digest.update(slice));
+                self.verify_prehash(&digest.finalize(), sig.signature())
+            }
+            ECDSA_SHA512_OID => {
+                let mut digest = Sha512::new();
+                msg.iter().for_each(|slice| digest.update(slice));
+                self.verify_prehash(&digest.finalize(), sig.signature())
+            }
             _ => Err(Error::new()),
         }
     }
@@ -242,6 +281,20 @@ where
     }
 }
 
+#[cfg(feature = "der")]
+impl<C> MultiPartVerifier<der::Signature<C>> for VerifyingKey<C>
+where
+    C: EcdsaCurve + CurveArithmetic + DigestPrimitive,
+    SignatureSize<C>: ArraySize,
+    der::MaxSize<C>: ArraySize,
+    <FieldBytesSize<C> as Add>::Output: Add<der::MaxOverhead> + ArraySize,
+{
+    fn multi_part_verify(&self, msg: &[&[u8]], signature: &der::Signature<C>) -> Result<()> {
+        let signature = Signature::<C>::try_from(signature.clone())?;
+        MultiPartVerifier::<Signature<C>>::multi_part_verify(self, msg, &signature)
+    }
+}
+
 //
 // Other trait impls
 //