A pure Rust multi-provider digital signature library which provides a thread-safe and object-safe API.
Presently implements the Ed25519 elliptic curve public-key signature system described in RFC 8032 with software (ed25519-dalek, ring) and hardware (yubihsm-rs) providers available.
Signatory exposes a thread-and-object-safe API for creating digital signatures which allows several signature providers to be compiled-in and available with specific providers selected at runtime.
| Cargo Feature | Crate | Type | Signer | Verifier | Default | Speed |
|---|---|---|---|---|---|---|
dalek-provider |
ed25519-dalek | Soft | ✅ | ✅ | ✅ | 💚 |
ring-provider |
ring | Soft | ✅ | ✅ | ⛔️ | 💚 |
yubihsm-provider |
yubihsm-rs | Hard | ✅ | ⛔️ | ⛔️ | 💔 |
The yubihsm-rs crate depends on the aesni crate, which uses the new "stdsimd" API
(which recently landed in nightly) to invoke hardware AES instructions via
core::arch.
To access these features, you will need both a relatively recent Rust nightly and to pass the following as RUSTFLAGS:
RUSTFLAGS=-Ctarget-feature=+aes`
You can configure your ~/.cargo/config to always pass these flags:
[build]
rustflags = ["-Ctarget-feature=+aes"]Signatory is distributed under the terms of both the MIT license and the Apache License (Version 2.0).
See LICENSE-APACHE and LICENSE-MIT for details.