The ECDSA example demonstrates basic ECDSA usage. The example shows the communication between two parties - Alice and Bob. Alice wants to send a "Hello Bob!" message with a digital signature. Bob receives the signature of the message and verifies it with Alice's public key that both parties previously agreed on. Curve secp256r1 was selected for this example as it is implemented by all backends.
Example is divided into two steps:
- Alice's signature generation
In this step Alice converts her private key from raw format to library's internal representation. Alice signs a "Hello Bob!" message using the converted key and hash of the message. The digital signature is provided to Bob.
- Bob's message verification
In this step, Bob converts Alice's public key that both parties previously agreed on (outside the scope of this example) to library's internal representation. Then, ECDSA is used to verify the authenticity of this message.
- Note
- This example can run in software or hardware, depending on the supported features of your SoC. It uses the default backend for the specific platform, but you can test it using different backends. For more details on how to change backends, see Backends and Enabling the curves.
You can find the source code and the project file of the example in the following folder: <InstallFolder>\examples\crypto\nrf_crypto\ecdsa
Testing
Test the ECDSA Example application by performing the following steps:
- Skip this step if you are using an RTT viewer.
Start a terminal emulator like PuTTY and connect to the used COM port with the following UART settings:
-
Baud rate: 115.200
-
8 data bits
-
1 stop bit
-
No parity
-
HW flow control: None
- Compile and program the application.
- Observe the terminal output showing each step of the example using an RTT viewer or a terminal emulator.
- Check whether signature verification was successful. Search for the following output in the final lines of the example:
<info> app: Signature is valid. Message is authentic.