ecdsa: use blanket impl from signature 3 (#945)

- Renames `DigestPrimitive` to `DigestAlgorithm`
- `DigestAlgorithm` now exported from crate root instead of `hazmat`

Author: baloo

Cargo.lock

@@ -34,7 +34,4 @@ slh-dsa         = { path = "./slh-dsa" }
 # https://github.com/RustCrypto/traits/pull/1774
 # https://github.com/RustCrypto/traits/pull/1822
 elliptic-curve = { git = "https://github.com/RustCrypto/traits.git" }
-
-# https://github.com/RustCrypto/crypto-bigint/pull/762
-# https://github.com/RustCrypto/crypto-bigint/pull/765
-crypto-bigint = { git = "https://github.com/RustCrypto/crypto-bigint.git" }
+signature      = { git = "https://github.com/RustCrypto/traits.git" }

Cargo.toml

@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.17.0 (UNRELEASED)
+
+### Changed
+- `DigestPrimitive` was moved off of hazmat ([#945])
+- `DigestPrimitive` has been renamed `DigestAlgorithm` ([#945])
+
+[#945]: https://github.com/RustCrypto/signatures/pull/945
+
 ## 0.16.9 (2023-11-16)
 ### Changed
 - Loosen `signature` bound to `2.0, <2.3` ([#756])

ecdsa/CHANGELOG.md

@@ -18,7 +18,7 @@ rust-version = "1.85"
 
 [dependencies]
 elliptic-curve = { version = "0.14.0-rc.1", default-features = false, features = ["sec1"] }
-signature = { version = "=2.3.0-pre.7", default-features = false, features = ["rand_core"] }
+signature = { version = "=3.0.0-pre", default-features = false, features = ["rand_core"] }
 
 # optional dependencies
 der = { version = "0.8.0-rc.1", optional = true }
@@ -44,6 +44,7 @@ digest = ["dep:digest", "elliptic-curve/digest", "signature/digest"]
 hazmat = []
 pkcs8 = ["digest", "elliptic-curve/pkcs8", "der"]
 pem = ["elliptic-curve/pem", "pkcs8"]
+rfc6979 = ["arithmetic", "digest", "dep:rfc6979"]
 serde = ["elliptic-curve/serde", "pkcs8", "serdect"]
 signing = ["arithmetic", "digest", "hazmat", "rfc6979"]
 verifying = ["arithmetic", "digest", "hazmat"]

ecdsa/Cargo.toml

@@ -382,10 +382,10 @@ fn find_scalar_range(outer: &[u8], inner: &[u8]) -> Result<Range<usize>> {
     Ok(Range { start, end })
 }
 
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> signature::PrehashSignature for Signature<C>
 where
-    C: EcdsaCurve + crate::hazmat::DigestPrimitive,
+    C: EcdsaCurve + crate::DigestAlgorithm,
     MaxSize<C>: ArraySize,
     <FieldBytesSize<C> as Add>::Output: Add<MaxOverhead> + ArraySize,
 {

ecdsa/src/der.rs

@@ -27,46 +27,21 @@ use {
     },
 };
 
-#[cfg(feature = "digest")]
+#[cfg(feature = "rfc6979")]
 use {
-    elliptic_curve::FieldBytesSize,
-    signature::{
-        PrehashSignature,
-        digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser},
-    },
+    elliptic_curve::FieldBytesEncoding,
+    signature::digest::{Digest, FixedOutput, FixedOutputReset, core_api::BlockSizeUser},
 };
 
-#[cfg(feature = "rfc6979")]
-use elliptic_curve::FieldBytesEncoding;
-
-#[cfg(any(feature = "arithmetic", feature = "digest"))]
+#[cfg(any(feature = "arithmetic", feature = "rfc6979"))]
 use crate::{Signature, elliptic_curve::array::ArraySize};
 
-/// Bind a preferred [`Digest`] algorithm to an elliptic curve type.
-///
-/// Generally there is a preferred variety of the SHA-2 family used with ECDSA
-/// for a particular elliptic curve.
-///
-/// This trait can be used to specify it, and with it receive a blanket impl of
-/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`]
-/// type for a particular elliptic curve.
-///
-/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive
-#[cfg(feature = "digest")]
-pub trait DigestPrimitive: EcdsaCurve {
-    /// Preferred digest to use when computing ECDSA signatures for this
-    /// elliptic curve. This is typically a member of the SHA-2 family.
-    type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset;
-}
-
 #[cfg(feature = "digest")]
-impl<C> PrehashSignature for Signature<C>
-where
-    C: DigestPrimitive,
-    <FieldBytesSize<C> as core::ops::Add>::Output: ArraySize,
-{
-    type Digest = C::Digest;
-}
+#[deprecated(
+    since = "0.17.0",
+    note = "`DigestAlgorithm` is no longer in `hazmat`, please use `ecdsa::DigestAlgorithm` instead"
+)]
+pub use crate::DigestAlgorithm;
 
 /// Partial implementation of the `bits2int` function as defined in
 /// [RFC6979 § 2.3.2] as well as [SEC1] § 2.3.8.

ecdsa/src/hazmat.rs

@@ -101,9 +101,13 @@ use {
 };
 
 #[cfg(feature = "digest")]
-use digest::{
-    Digest,
-    const_oid::{AssociatedOid, ObjectIdentifier},
+use {
+    digest::{
+        Digest, FixedOutput, FixedOutputReset,
+        const_oid::{AssociatedOid, ObjectIdentifier},
+        core_api::BlockSizeUser,
+    },
+    signature::PrehashSignature,
 };
 
 #[cfg(feature = "pkcs8")]
@@ -463,15 +467,15 @@ where
 ///
 /// To support non-default digest algorithms, use the [`SignatureWithOid`]
 /// type instead.
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> AssociatedOid for Signature<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestAlgorithm,
     C::Digest: AssociatedOid,
 {
     const OID: ObjectIdentifier = match ecdsa_oid_for_digest(C::Digest::OID) {
         Some(oid) => oid,
-        None => panic!("no RFC5758 ECDSA OID defined for DigestPrimitive::Digest"),
+        None => panic!("no RFC5758 ECDSA OID defined for DigestAlgorithm::Digest"),
     };
 }
 
@@ -713,29 +717,29 @@ where
 }
 
 /// NOTE: this implementation assumes the default digest for the given elliptic
-/// curve as defined by [`hazmat::DigestPrimitive`].
+/// curve as defined by [`DigestAlgorithm`].
 ///
 /// When working with alternative digests, you will need to use e.g.
 /// [`SignatureWithOid::new_with_digest`].
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> SignatureEncoding for SignatureWithOid<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestAlgorithm,
     C::Digest: AssociatedOid,
     SignatureSize<C>: ArraySize,
 {
     type Repr = SignatureBytes<C>;
 }
 
 /// NOTE: this implementation assumes the default digest for the given elliptic
-/// curve as defined by [`hazmat::DigestPrimitive`].
+/// curve as defined by [`DigestAlgorithm`].
 ///
 /// When working with alternative digests, you will need to use e.g.
 /// [`SignatureWithOid::new_with_digest`].
-#[cfg(all(feature = "digest", feature = "hazmat"))]
+#[cfg(feature = "digest")]
 impl<C> TryFrom<&[u8]> for SignatureWithOid<C>
 where
-    C: hazmat::DigestPrimitive,
+    C: DigestAlgorithm,
     C::Digest: AssociatedOid,
     SignatureSize<C>: ArraySize,
 {
@@ -770,3 +774,29 @@ const fn ecdsa_oid_for_digest(digest_oid: ObjectIdentifier) -> Option<ObjectIden
         _ => None,
     }
 }
+
+/// Bind a preferred [`Digest`] algorithm to an elliptic curve type.
+///
+/// Generally there is a preferred variety of the SHA-2 family used with ECDSA
+/// for a particular elliptic curve.
+///
+/// This trait can be used to specify it, and with it receive a blanket impl of
+/// [`PrehashSignature`], used by [`signature_derive`][1]) for the [`Signature`]
+/// type for a particular elliptic curve.
+///
+/// [1]: https://github.com/RustCrypto/traits/tree/master/signature/derive
+#[cfg(feature = "digest")]
+pub trait DigestAlgorithm: EcdsaCurve {
+    /// Preferred digest to use when computing ECDSA signatures for this
+    /// elliptic curve. This is typically a member of the SHA-2 family.
+    type Digest: BlockSizeUser + Digest + FixedOutput + FixedOutputReset;
+}
+
+#[cfg(feature = "digest")]
+impl<C> PrehashSignature for Signature<C>
+where
+    C: DigestAlgorithm,
+    <FieldBytesSize<C> as Add>::Output: ArraySize,
+{
+    type Digest = C::Digest;
+}