[public] Provide methods on PrivateKey and PublicKey for signing/verification
- Add convenience method PrivateKey::sign, unlocking the pattern
key.sign(message)
- Add convenience method PublicKey::verify, unlocking the pattern
key.verify(message, signature)
Change-Id: Iaf69741bd72924f0db355d665da778d69c31fae8
diff --git a/src/public/mod.rs b/src/public/mod.rs
index 89a2c0b..2734b19 100644
--- a/src/public/mod.rs
+++ b/src/public/mod.rs
@@ -18,6 +18,16 @@
pub trait PublicKey: Sealed + Sized {
/// The type of the private component.
type Private: PrivateKey<Public = Self>;
+
+ /// Verifies a message with this public key.
+ ///
+ /// `verify` verifies that a message was signed by the private key
+ /// corresponding to this public key. It is equivalent to
+ /// `signature.verify(self, message)`.
+ #[must_use]
+ fn verify<S: Signature<PrivateKey = Self::Private>>(&self, message: &[u8], signature: &S) -> bool {
+ signature.verify(self, message)
+ }
}
/// The private component of a public/private key pair.
@@ -28,6 +38,15 @@
/// Gets the public key corresponding to this private key.
#[must_use]
fn public(&self) -> Self::Public;
+
+ /// Signs a message with this private key.
+ ///
+ /// `sign` signs a message with this key using the signature scheme `S`. It
+ /// is equivalent to `S::sign(self, message)`.
+ #[must_use]
+ fn sign<S: Signature<PrivateKey = Self>>(&self, message: &[u8]) -> Result<S, Error> {
+ S::sign(self, message)
+ }
}
/// A public key which can be encoded as a DER object.
@@ -211,8 +230,16 @@
) -> S {
let sig = S::sign(key, message).unwrap();
assert!(sig.verify(&key.public(), message));
+ // Make sure the PrivateKey::sign and PublicKey::verify convenience
+ // functions also work.
+ let sig = key.sign::<S>(message).unwrap();
+ assert!(key.public().verify(message, &sig));
let sig2 = S::sign(&key, bytes_from_sig(&sig)).unwrap();
assert!(!sig2.verify(&key.public(), message));
+ // Make sure the PrivateKey::sign and PublicKey::verify convenience
+ // functions also work.
+ let sig2 = key.sign::<S>(bytes_from_sig(&sig)).unwrap();
+ assert!(!key.public().verify(message, &sig2));
sig_from_bytes(bytes_from_sig(&sig))
}