ECDSA can be used to generate a digital signature that can be authenticated.
There are two processes involved:
A valid signature indicates that:
From a technical point of view, a signature is a pair of big integers of size equal to the size of a private key used to generate the signature. Meaning of the integers depends on the selected digital signature scheme.
For information about public-private key management and general concepts regarding ECC, see ECC - Elliptic Curve Cryptography.
For detailed API documentation of this module, see Elliptic Curve Digital Signature (ECDSA).
The library provides two functions to perform ECDSA: nrf_crypto_ecdsa_sign and nrf_crypto_ecdsa_verify. Not all of these functions are implemented by the backends. See the table at Backends and nrf_crypto backend modules.
This library represents a signature as an array of bytes containing two big integers in big-endian order. Use nrf_crypto_ecc_byte_order_invert if little-endian order is required. Signature size depends on the curve type. Array type nrf_crypto_ecdsa_signature_t is big enough to hold a signature from any of the enabled curve types. There are also curve specific types, such as nrf_crypto_ecdsa_secp256r1_signature_t that can be used to reduce memory consumption. See Memory saving for more details.
Random number generator is required to perform signing in a secure way, see Dependencies.
Signing a hash of the message:
Verifying a signature:
ECDSA functionality depends on the selected backend. See Backends for more details about backends. The following table summarizes the function availability:
API function | CC310 1 | mbed TLS | Oberon 1 | µECC | CC310_BL |
---|---|---|---|---|---|
nrf_crypto_ecdsa_sign | | | | | |
nrf_crypto_ecdsa_verify | | | | | |
1 Hash size can only be 160, 224, 256, 384, or 512-bit long.
2 Only hash of length 256 bit or longer.
RNG - Random Number Generator is required for nrf_crypto_ecdsa_sign. It must be correctly configured and initialized before calling the function.
See ECDSA Example for an example that shows the ECDSA procedure.
For an example showing the verification procedure of ECDSA, see Test Example.