PKCS#1 v1.5 signatures example on docs.rs doesn't work

[rster2002]

I've been trying to get signing to work, but did not have any luck trying. One of my trouble shooting steps is to create a new rust binary package and try to run this example but it doesn't seem to compile due to an unsatisfied trait bound.

main.rs:

use rsa::RsaPrivateKey;
use rsa::pkcs1v15::{SigningKey, VerifyingKey};
use rsa::signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
use sha2::{Digest, Sha256};

fn main() {
    let mut rng = rand::thread_rng();

    let bits = 2048;
    let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
    let signing_key = SigningKey::<Sha256>::new_with_prefix(private_key);
    let verifying_key = signing_key.verifying_key();

    // Sign
    let data = b"hello world";
    let signature = signing_key.sign_with_rng(&mut rng, data);
    assert_ne!(signature.to_bytes().as_ref(), data.as_slice());

    // Verify
    verifying_key.verify(data, &signature).expect("failed to verify");
}

cargo.toml:

[package]
name = "rsa-test"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
rand = "0.8.5"
rsa = "0.8.0"
sha2 = "0.10.6"

Environment:

• Windows 10: Version 10.0.19045 Build 19045
• cargo --version: cargo 1.65.0 (4bc8f24d3 2022-10-20)

Is there something I'm missing here or is the example on docs.rs outdated? Thanks in advance!

[tarcieri]

Note that all of the docs on https://docs.rs are doctested in CI, so in general they will not ever be out-of-date for a given version.

The problem is you need the oid feature of the sha2 crate enabled:

sha2 = { version = "0.10.6", features = ["oid"] }

We should probably add an explicit dependency on sha2 with the oid feature to alleviate this problem.

[rster2002]

I couldn't find that in the docs. Thanks for the help.