A pure Rust multi-provider digital signature library with support for elliptic curve digital signature algorithms, namely ECDSA (described in [FIPS 186-4]) and Ed25519 (described in [RFC 8032]).
Signatory provides a thread-safe and object-safe API and implements providers for many popular Rust crates, including [ed25519-dalek], [secp256k1-rs], [ring], and [sodiumoxide].
Signatory exposes a thread-and-object-safe API for creating digital signatures which allows several signature providers to be compiled-in and available with specific providers selected at runtime.
Signatory includes the following providers, which can be enabled by selecting the corresponding [cargo feature] for a given crate:
| [Cargo Feature] | Crate | Type | NIST P-256 | secp256k1 |
|----------------------|----------------|------|------------|-----------|
| ring-provider | [ring] | Soft | ✅ | ⛔ |
| secp256k1-provider | [secp256k1-rs] | Soft | ⛔ | ✅ |
| yubihsm-provider | [yubihsm-rs] | Hard | ✅ | ✅ |
| [Cargo Feature] | Crate | Type | Signing | Verification |
|------------------------|-----------------|------|---------|--------------|
| dalek-provider | [ed25519-dalek] | Soft | 51 k/s | 18 k/s |
| ring-provider | [ring] | Soft | 47 k/s | 16 k/s |
| sodiumoxide-provider | [sodiumoxide] | Soft | 38 k/s | 15 k/s |
| yubihsm-provider | [yubihsm-rs] | Hard | ~8/s | N/A |
Above benchmarks performed using cargo bench on an Intel Xeon E3-1225 v5 @
3.30GHz with the nightly cargo feature enabled.
The [yubihsm-rs] crate depends on the aesni crate, which uses the new "stdsimd"
API (coming soon to stable!) to invoke hardware AES instructions via core::arch.
To access these features, you will need both a relatively recent Rust nightly and to pass the following as RUSTFLAGS:
RUSTFLAGS=-Ctarget-feature=+aes`
You can configure your ~/.cargo/config to always pass these flags:
toml
[build]
rustflags = ["-Ctarget-feature=+aes"]
Signatory is distributed under the terms of both the MIT license and the Apache License (Version 2.0).
See LICENSE-APACHE and LICENSE-MIT for details.