A pure Rust multi-provider digital signature library with support for elliptic curve digital signature algorithms, namely ECDSA (described in [FIPS 186‑4]) and Ed25519 (described in [RFC 8032]).
Signatory provides a thread-safe and object-safe API and implements providers for many popular Rust crates, including [ed25519‑dalek], [ring], [secp256k1], and [sodiumoxide].
Signatory exposes a thread-and-object-safe API for creating digital signatures which allows several signature providers to be compiled-in and available with specific providers selected at runtime.
All Signatory providers require Rust 1.36+
Signatory includes the following providers, which are each packaged into their own respective crates (except for the [yubihsm] provider, which is included [directly in the yubihsm crate]).
| Provider Crate | Backend Crate | Type | P‑256 | P‑384 | secp256k1 | | --------------------- | -------------- | ---- | ------ | ------ | ---------- | | [signatory‑ring] | [ring] | Soft | ✅ | ✅ | ⛔ | | [signatory‑secp256k1] | [secp256k1] | Soft | ⛔ | ⛔ | ✅ | | [yubihsm] | [yubihsm] | Hard | ✅ | ✅ | ✅ |
| Provider Crate | Backend Crate | Type | Signing | Verification | | ----------------------- | --------------- | ---- | ------- | ------------ | | [signatory‑dalek] | [ed25519‑dalek] | Soft | 51 k/s | 18 k/s | | [signatory‑ring] | [ring] | Soft | 47 k/s | 16 k/s | | [signatory‑sodiumoxide] | [sodiumoxide] | Soft | 38 k/s | 15 k/s | | [yubihsm] | [yubihsm] | Hard | ~8/s | N/A |
| Provider Crate | Backend Crate | Type | Signing | Verification | | --------------------- | --------------- | ---- | ------- | ------------ | | [signatory‑ledger-tm] | [ledger-tendermint] | Hard | N/A | N/A |
Above benchmarks performed using cargo bench on an Intel Xeon E3-1225 v5 @ 3.30GHz.
Signatory is distributed under the terms of either the MIT license or the Apache License (Version 2.0), at your option.
See LICENSE-APACHE and LICENSE-MIT for details.