diff --git a/async-signature/Cargo.toml b/async-signature/Cargo.toml index d5bc4511..7028483c 100644 --- a/async-signature/Cargo.toml +++ b/async-signature/Cargo.toml @@ -18,6 +18,7 @@ signature = ">= 2.0, <2.3" [features] digest = ["signature/digest"] +rand_core = ["signature/rand_core"] [package.metadata.docs.rs] all-features = true diff --git a/async-signature/src/lib.rs b/async-signature/src/lib.rs index 6b88d34d..1dcd2b19 100644 --- a/async-signature/src/lib.rs +++ b/async-signature/src/lib.rs @@ -17,6 +17,8 @@ pub use signature::{self, Error}; #[cfg(feature = "digest")] pub use signature::digest::{self, Digest}; +#[cfg(feature = "rand_core")] +use signature::rand_core::CryptoRngCore; /// Asynchronously sign the provided message bytestring using `Self` /// (e.g. client for a Cloud KMS or HSM), returning a digital signature. @@ -68,3 +70,41 @@ where self.try_sign_digest(digest) } } + +/// Sign the given message using the provided external randomness source. +#[cfg(feature = "rand_core")] +#[allow(async_fn_in_trait)] +pub trait AsyncRandomizedSigner { + /// Sign the given message and return a digital signature + async fn sign_with_rng_async(&self, rng: &mut impl CryptoRngCore, msg: &[u8]) -> S { + self.try_sign_with_rng_async(rng, msg) + .await + .expect("signature operation failed") + } + + /// Attempt to sign the given message, returning a digital signature on + /// success, or an error if something went wrong. + /// + /// The main intended use case for signing errors is when communicating + /// with external signers, e.g. cloud KMS, HSMs, or other hardware tokens. + async fn try_sign_with_rng_async( + &self, + rng: &mut impl CryptoRngCore, + msg: &[u8], + ) -> Result; +} + +#[cfg(feature = "rand_core")] +impl AsyncRandomizedSigner for T +where + S: 'static, + T: signature::RandomizedSigner, +{ + async fn try_sign_with_rng_async( + &self, + rng: &mut impl CryptoRngCore, + msg: &[u8], + ) -> Result { + self.try_sign_with_rng(rng, msg) + } +}