RustCrypto · tarcieri · Oct 22, 2022 · Oct 20, 2022 · Oct 21, 2022 · Oct 21, 2022
diff --git a/dsa/Cargo.toml b/dsa/Cargo.toml
@@ -22,12 +22,12 @@ opaque-debug = "0.3"
 pkcs8 = { version = "0.9", default-features = false, features = ["alloc"] }
 rand = { version = "0.8", default-features = false }
 rfc6979 = { version = "0.3", path = "../rfc6979" }
-signature = { version = ">= 1.5, < 1.7", default-features = false, features = ["digest-preview", "rand-preview"] }
+sha2 = { version = "0.10", default-features = false }
+signature = { version = ">= 1.6.4, < 1.7", default-features = false, features = ["digest-preview", "rand-preview", "hazmat-preview"] }
 zeroize = { version = "1.5", default-features = false }
 
 [dev-dependencies]
 pkcs8 = { version = "0.9", default-features = false, features = ["pem"] }
 rand = "0.8"
 rand_chacha = "0.3"
 sha1 = "0.10"
-sha2 = "0.10"
diff --git a/dsa/src/signing_key.rs b/dsa/src/signing_key.rs
@@ -12,7 +12,10 @@ use pkcs8::{
     AlgorithmIdentifier, DecodePrivateKey, EncodePrivateKey, PrivateKeyInfo, SecretDocument,
 };
 use rand::{CryptoRng, RngCore};
-use signature::{DigestSigner, RandomizedDigestSigner};
+use signature::{
+    hazmat::{PrehashSigner, RandomizedPrehashSigner},
+    DigestSigner, RandomizedDigestSigner,
+};
 use zeroize::{Zeroize, Zeroizing};
 
 /// DSA private key.
@@ -74,7 +77,7 @@ impl SigningKey {
 
         let r = g.modpow(&k, p) % q;
 
-        let n = (q.bits() / 8) as usize;
+        let n = q.bits() / 8;
         let block_size = hash.len(); // Hash function output size
 
         let z_len = min(n, block_size);
@@ -92,6 +95,30 @@ impl SigningKey {
     }
 }
 
+impl PrehashSigner<Signature> for SigningKey {
+    fn sign_prehash(&self, prehash: &[u8]) -> Result<Signature, signature::Error> {
+        let k_kinv = crate::generate::secret_number_rfc6979::<sha2::Sha256>(self, prehash);
+        self.sign_prehashed(k_kinv, prehash)
+            .ok_or_else(signature::Error::new)
+    }
+}
+
+impl RandomizedPrehashSigner<Signature> for SigningKey {
+    fn sign_prehash_with_rng(
+        &self,
+        mut rng: impl CryptoRng + RngCore,
+        prehash: &[u8],
+    ) -> Result<Signature, signature::Error> {
+        let components = self.verifying_key.components();
+        if let Some(k_kinv) = crate::generate::secret_number(&mut rng, components) {
+            self.sign_prehashed(k_kinv, prehash)
+                .ok_or_else(signature::Error::new)
+        } else {
+            Err(signature::Error::new())
+        }
+    }
+}
+
 impl<D> DigestSigner<D, Signature> for SigningKey
 where
     D: Digest + BlockSizeUser + FixedOutputReset,

diff --git a/dsa/src/verifying_key.rs b/dsa/src/verifying_key.rs
@@ -11,7 +11,7 @@ use pkcs8::{
     der::{asn1::UIntRef, AnyRef, Decode, Encode},
     spki, AlgorithmIdentifier, DecodePublicKey, EncodePublicKey, SubjectPublicKeyInfo,
 };
-use signature::DigestVerifier;
+use signature::{hazmat::PrehashVerifier, DigestVerifier};
 
 /// DSA public key.
 #[derive(Clone, PartialEq, PartialOrd)]
@@ -75,6 +75,20 @@ impl VerifyingKey {
     }
 }
 
+impl PrehashVerifier<Signature> for VerifyingKey {
+    fn verify_prehash(
+        &self,
+        prehash: &[u8],
+        signature: &Signature,
+    ) -> Result<(), signature::Error> {
+        if let Some(true) = self.verify_prehashed(prehash, signature) {
+            Ok(())
+        } else {
+            Err(signature::Error::new())
+        }
+    }
+}
+
 impl<D> DigestVerifier<D, Signature> for VerifyingKey
 where
     D: Digest,