nRF5 SDK v17.1.0
ECDSA - Elliptic Curve Digital Signature Algorithm

ECDSA can be used to generate a digital signature that can be authenticated.

There are two processes involved:

A valid signature indicates that:

From a technical point of view, a signature is a pair of big integers of size equal to the size of a private key used to generate the signature. Meaning of the integers depends on the selected digital signature scheme.

For information about public-private key management and general concepts regarding ECC, see ECC - Elliptic Curve Cryptography.

For detailed API documentation of this module, see Elliptic Curve Digital Signature (ECDSA).


The library provides two functions to perform ECDSA: nrf_crypto_ecdsa_sign and nrf_crypto_ecdsa_verify. Not all of these functions are implemented by the backends. See the table at Backends and nrf_crypto backend modules.

This library represents a signature as an array of bytes containing two big integers in big-endian order. Use nrf_crypto_ecc_byte_order_invert if little-endian order is required. Signature size depends on the curve type. Array type nrf_crypto_ecdsa_signature_t is big enough to hold a signature from any of the enabled curve types. There are also curve specific types, such as nrf_crypto_ecdsa_secp256r1_signature_t that can be used to reduce memory consumption. See Memory saving for more details.

Random number generator is required to perform signing in a secure way, see Dependencies.

Code examples

Signing a hash of the message:

size_t signature_size = sizeof(signature);
// ...
// Prepare my_private_key.
// ...
err_code = nrf_crypto_ecdsa_sign(&sign_context, // Context
&my_private_key, // Private key
p_hash, // Message hash
hash_size, // Hash size
signature, // signature
&signature_size); // Signature size

Verifying a signature:

size_t signature_size = sizeof(signature);
// ...
// Prepare some_public_key.
// Receive signature and size_of_signature.
// ...
err_code = nrf_crypto_ecdsa_verify(&verify_context, // Context
&some_public_key, // Public key
p_hash, // Message hash
hash_size, // Hash size
signature, // Signature
signature_size); // Signature size
if (err_code == NRF_SUCCESS)
// Signature is valid
// Signature is invalid
// Some error occurred during signature verification


ECDSA functionality depends on the selected backend. See Backends for more details about backends. The following table summarizes the function availability:

API function CC310 1 mbed TLS Oberon 1 µECC CC310_BL

1 Hash size can only be 160, 224, 256, 384, or 512-bit long.
2 Only hash of length 256 bit or longer.


RNG - Random Number Generator is required for nrf_crypto_ecdsa_sign. It must be correctly configured and initialized before calling the function.

ECDH Example

See ECDSA Example for an example that shows the ECDSA procedure.

For an example showing the verification procedure of ECDSA, see Test Example.

Documentation feedback | Developer Zone | Subscribe | Updated