signature: Deprecate VerificationAlgorithm::verify.

Author: briansmith

src/ec/curve25519/ed25519/verification.rs

@@ -33,8 +33,9 @@ impl core::fmt::Debug for EdDSAParameters {
 /// [Ed25519]: https://ed25519.cr.yp.to/
 pub static ED25519: EdDSAParameters = EdDSAParameters {};
 
-impl signature::VerificationAlgorithm for EdDSAParameters {
-    fn verify(
+impl signature::VerificationAlgorithm for EdDSAParameters {}
+impl signature::VerificationAlgorithm_ for EdDSAParameters {
+    fn verify_(
         &self,
         public_key: untrusted::Input,
         msg: untrusted::Input,

src/ec/suite_b/ecdsa/verification.rs

@@ -49,8 +49,9 @@ enum AlgorithmID {
 
 derive_debug_via_id!(EcdsaVerificationAlgorithm);
 
-impl signature::VerificationAlgorithm for EcdsaVerificationAlgorithm {
-    fn verify(
+impl signature::VerificationAlgorithm for EcdsaVerificationAlgorithm {}
+impl signature::VerificationAlgorithm_ for EcdsaVerificationAlgorithm {
+    fn verify_(
         &self,
         public_key: untrusted::Input,
         msg: untrusted::Input,

src/rsa/verification.rs

@@ -24,8 +24,9 @@ use crate::{
     sealed, signature,
 };
 
-impl signature::VerificationAlgorithm for RsaParameters {
-    fn verify(
+impl signature::VerificationAlgorithm for RsaParameters {}
+impl signature::VerificationAlgorithm_ for RsaParameters {
+    fn verify_(
         &self,
         public_key: untrusted::Input,
         msg: untrusted::Input,

src/signature.rs

@@ -342,16 +342,31 @@ pub trait KeyPair: core::fmt::Debug + Send + Sized + Sync {
 pub(crate) const MAX_LEN: usize = 1/*tag:SEQUENCE*/ + 2/*len*/ +
     (2 * (1/*tag:INTEGER*/ + 1/*len*/ + 1/*zero*/ + ec::SCALAR_MAX_BYTES));
 
+pub(super) trait VerificationAlgorithm_: core::fmt::Debug + Sync + sealed::Sealed {
+    fn verify_(
+        &self,
+        public_key: untrusted::Input,
+        msg: untrusted::Input,
+        signature: untrusted::Input,
+    ) -> Result<(), error::Unspecified>;
+}
+
 /// A signature verification algorithm.
-pub trait VerificationAlgorithm: core::fmt::Debug + Sync + sealed::Sealed {
+#[allow(private_bounds)]
+pub trait VerificationAlgorithm:
+    VerificationAlgorithm_ + core::fmt::Debug + Sync + sealed::Sealed
+{
     /// Verify the signature `signature` of message `msg` with the public key
     /// `public_key`.
+    #[deprecated(note = "Internal API not intended for external use.")]
     fn verify(
         &self,
         public_key: untrusted::Input,
         msg: untrusted::Input,
         signature: untrusted::Input,
-    ) -> Result<(), error::Unspecified>;
+    ) -> Result<(), error::Unspecified> {
+        self.verify_(public_key, msg, signature)
+    }
 }
 
 /// An unparsed, possibly malformed, public key for signature verification.
@@ -400,7 +415,7 @@ impl<B> UnparsedPublicKey<B> {
         B: AsRef<[u8]>,
     {
         let _ = cpu::features();
-        self.algorithm.verify(
+        self.algorithm.verify_(
             untrusted::Input::from(self.bytes.as_ref()),
             untrusted::Input::from(message),
             untrusted::Input::from(signature),