ecdsa: refactor signature types into Signature + asn1::Document #98
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The previous implementation had `Asn1Signature` and `FixedSignature` types which sat side-by-side as equals. However, that's annoying, because it means we need to do various work in duplicate for both signature types. It's also annoying because there's no "one true signature type" to reach for. The original motivations for doing this were a few different things: - Initial implementation lacked transcoding necessitating the split - Avoids unnecessary transcoding, which could preserve ASN.1 structures Now that we have bidirectional transcoding between the formats, and particularly one which should always serialize to "strict DER", it seems like it's probably worth it to pay the transcoding costs and "standardize" on the previous `FixedSignature` format as the blessed `ecdsa::Signature` type. This allows factoring everything ASN.1 related (besides a few helper methods and a From-impl on Signature) into the `ecdsa::asn1` module which everything else aside just feels cleaner than before. This also means downstream ECDSA provider crates don't need to worry about ASN.1 at all (unless they're e.g. parsing it from HSM/KMS output) and can focus exclusively on the `ecdsa::Signature` type.
Codecov Report
@@ Coverage Diff @@
## master #98 +/- ##
===========================================
+ Coverage 0.00% 54.44% +54.44%
===========================================
Files 4 3 -1
Lines 179 180 +1
===========================================
+ Hits 0 98 +98
+ Misses 179 82 -97
Continue to review full report at Codecov.
|
tarcieri
added a commit
to RustCrypto/elliptic-curves
that referenced
this pull request
Jul 14, 2020
The equivalents of these types used to live in the `ecdsa` crate, but were removed in this PR: RustCrypto/signatures#96 The goal of that PR was to reverse the previous relationship where the `ecdsa` crate depended on the `k256`/`p256`/`p384` crates, and instead have the curve implementation crates consume the `ecdsa` crate as an (optional) dependency. It makes each curve implementation a one-stop-shop for everything related to that curve, while allowing the ECDSA crate to provide some common functionality like ASN.1 (de)serialization, in addition to allowing it to export "primitive" traits which can be used with the goal of a reusable high-level ECDSA implementation which is generic over elliptic curves. This commit ports over equivalent types that were removed in `RustCrypto/signatures#96`, but also incorporates these changes: RustCrypto/signatures#98 Where the `ecdsa` crate previously had `Asn1Signature` and `FixedSignature` types generic over a curve, the PR above refactored it to make the "fixed" form the preferred `Signature` type, and refactoring ASN.1 DER support into an `ecdsa::asn1::Document` type. The nice advantage of that approach is it means the curve implementations no longer need to worry about an `Asn1Signature` type and can focus on `ecdsa::Signature` as the type they need to support.
tarcieri
added a commit
to RustCrypto/elliptic-curves
that referenced
this pull request
Jul 14, 2020
The equivalents of these types used to live in the `ecdsa` crate, but were removed in this PR: RustCrypto/signatures#96 The goal of that PR was to reverse the previous relationship where the `ecdsa` crate depended on the `k256`/`p256`/`p384` crates, and instead have the curve implementation crates consume the `ecdsa` crate as an (optional) dependency. It makes each curve implementation a one-stop-shop for everything related to that curve, while allowing the ECDSA crate to provide some common functionality like ASN.1 (de)serialization, in addition to allowing it to export "primitive" traits which can be used with the goal of a reusable high-level ECDSA implementation which is generic over elliptic curves. This commit ports over equivalent types that were removed in `RustCrypto/signatures#96`, but also incorporates these changes: RustCrypto/signatures#98 Where the `ecdsa` crate previously had `Asn1Signature` and `FixedSignature` types generic over a curve, the PR above refactored it to make the "fixed" form the preferred `Signature` type, and refactoring ASN.1 DER support into an `ecdsa::asn1::Document` type. The nice advantage of that approach is it means the curve implementations no longer need to worry about an `Asn1Signature` type and can focus on `ecdsa::Signature` as the type they need to support.
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The previous implementation had
Asn1SignatureandFixedSignaturetypes which sat side-by-side as equals.However, that's annoying, because it means we need to do various work in duplicate for both signature types.
It's also annoying because there's no "one true signature type" to reach for.
The original motivations for doing this were a few different things:
Now that we have bidirectional transcoding between the formats, and particularly one which should always serialize to "strict DER", it seems like it's probably worth it to pay the transcoding costs and "standardize" on the previous
FixedSignatureformat as the blessedecdsa::Signaturetype.This allows factoring everything ASN.1 related (besides a few helper methods and a From-impl on Signature) into the
ecdsa::asn1module which everything else aside just feels cleaner than before.This also means downstream ECDSA provider crates don't need to worry about ASN.1 at all (unless they're e.g. parsing it from HSM/KMS output) and can focus exclusively on the
ecdsa::Signaturetype.