I think it would be interesting to offer a type-safe signing interface that supported pre-hashed messages in a type-safe way. This seems to be the way most cloud KMS offer signing, and so far RustCrypto and SymCrypt seems to be the only rust APIs I found that provide prehash functionality.
A pre-hashed API is quite an error prone one, so I was considering if it could be strongly typed.
let prehash: Sha256Digest = Sha256::digest(msg);
// inspect the bytes
let bytes: &[u8; 32] = prehash.as_ref();
let mut signature = [0; 2048];
signing_key.sign_pkcs1_sha256_prehash(&mut signature, &prehash)?;
verifying_key.verify_pkcs1_sha256_prehash(&signature, &prehash)?;
// compile error
verifying_key.verify_pkcs1_sha512_prehash(&signature, &prehash)?;
And to support cases where the hash is provided externally,
// caller ensures that the digest came from a sha256.
let prehash = Sha256Digest::assert_digest(digest);
Context
I was looking into building a signature verification caching system. The idea I came up with had the following shape:
let (payload, signature) = input.rsplit_once('.')?;
let prehash = Sha256::digest(payload);
// since this is already using a strong hash, we can use a very cheap hasher for the hashtable.
if let Some(valid_signature) = cache.lookup(&prehash) {
if signature != valid_signature {
return Err(());
}
} else {
verifying_key.verify(signature, &prehash)?;
cache.insert(prehash, signature);
}
I think it would be interesting to offer a type-safe signing interface that supported pre-hashed messages in a type-safe way. This seems to be the way most cloud KMS offer signing, and so far RustCrypto and SymCrypt seems to be the only rust APIs I found that provide prehash functionality.
A pre-hashed API is quite an error prone one, so I was considering if it could be strongly typed.
And to support cases where the hash is provided externally,
Context
I was looking into building a signature verification caching system. The idea I came up with had the following shape: