Skip to main content

Signature

arcana::ecc::ecdsa

Struct Signature

pub struct Signature {
    pub r: Vec<u8>,
    pub s: Vec<u8>,
}

Expand description

ECDSA signature (r, s) as big-endian byte arrays.

Each component is felem_bytes octets long for the curve (32 / 48 / 64 / 66 depending on the curve).

Fields§

§r: Vec<u8>

r component of the signature, big-endian.

§s: Vec<u8>

s component of the signature, big-endian.

Implementations§

impl Signature

pub fn to_der(&self) -> Vec<u8> ⓘ

Encode as ASN.1 DER (RFC 5480 / X.509 standard form):

ECDSA-Sig-Value ::= SEQUENCE {
    r  INTEGER,
    s  INTEGER
}

Uses the strict canonical DER encoding:

Lengths use the shortest form (single byte < 128, 81 xx up to 255, 82 hi lo above).
INTEGERs strip leading zero octets, and prepend one 00 octet if the high bit of the first octet would otherwise be set (which would make the number look negative in two’s complement).

This is the format used by X.509 certificates, TLS, S/MIME, CMS, JWS ES256-DER, and virtually every OpenSSL-derived tool.

pub fn from_der(der: &[u8]) -> Option<Self>

Parse an ASN.1 DER encoding (strict). Returns None if the input is not a valid canonical DER encoding of an ECDSA signature.

Rejected inputs include (for defence against signature malleability and parser-differential attacks):

Any input whose length does not exactly match the advertised SEQUENCE length.
Non-minimal length encodings (e.g. 81 10 where 10 would do, or 82 00 10 where 10 would do).
INTEGERs with superfluous leading zero octets, or with the high bit set (which would be a negative number).
r or s equal to zero.

The returned Signature has r and s stripped of their DER padding (so they may be shorter than LIMBS * 8 bytes). This is fine for Curve::verify, which interprets them via bits2int and thus handles variable widths correctly.

Trait Implementations§

impl Clone for Signature

fn clone(&self) -> Signature

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for Signature

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for Signature

impl RefUnwindSafe for Signature

impl Send for Signature

impl Sync for Signature

impl Unpin for Signature

impl UnsafeUnpin for Signature

impl UnwindSafe for Signature

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.