Module k256::ecdsa

source ·
Expand description

Elliptic Curve Digital Signature Algorithm (ECDSA).

This module contains support for computing and verifying ECDSA signatures. To use it, you will need to enable one of the two following Cargo features:

  • ecdsa-core: provides only the Signature type (which represents an ECDSA/secp256k1 signature). Does not require the arithmetic feature. This is useful for 3rd-party crates which wish to use the Signature type for interoperability purposes (particularly in conjunction with the signature::Signer trait). Example use cases for this include other software implementations of ECDSA/secp256k1 and wrappers for cloud KMS services or hardware devices (HSM or crypto hardware wallet).
  • ecdsa: provides ecdsa-core features plus the SigningKey and VerifyingKey types which natively implement ECDSA/secp256k1 signing and verification.

Additionally, this crate contains support for computing ECDSA signatures using either the SHA-256 (standard) or Keccak-256 (Ethereum) digest functions, which are gated under the following Cargo features:

  • sha256: compute signatures using NIST’s standard SHA-256 digest function. Unless you are computing signatures for Ethereum, this is almost certainly what you want.
  • keccak256: compute signatures using the Keccak-256 digest function, an incompatible variant of the SHA-3 algorithm used exclusively by Ethereum.

Most users of this library who want to sign/verify signatures will want to enable the ecdsa and sha256 Cargo features.

Ethereum Support

This crate natively supports Ethereum-style recoverable signatures. Please see the toplevel documentation of the recoverable module for more information.

Signing/Verification Example

This example requires the ecdsa and sha256 Cargo features are enabled:

use k256::{
    ecdsa::{SigningKey, Signature, signature::Signer},
    SecretKey,
};
use rand_core::OsRng; // requires 'getrandom' feature

// Signing
let signing_key = SigningKey::random(&mut OsRng); // Serialize with `::to_bytes()`
let message = b"ECDSA proves knowledge of a secret number in the context of a single message";

// Note: the signature type must be annotated or otherwise inferrable as
// `Signer` has many impls of the `Signer` trait (for both regular and
// recoverable signature types).
let signature: Signature = signing_key.sign(message);

// Verification
use k256::{EncodedPoint, ecdsa::{VerifyingKey, signature::Verifier}};

let verify_key = VerifyingKey::from(&signing_key); // Serialize with `::to_encoded_point()`
assert!(verify_key.verify(message, &signature).is_ok());

Re-exports

pub use ecdsa_core::signature;
pub use ecdsa_core::signature::digest;

Modules

recoverable
Ethereum-style “recoverable signatures”.

Structs

Error
Signature errors.
SigningKey
ECDSA/secp256k1 signing key
VerifyingKey
ECDSA/secp256k1 verification key (i.e. public key)

Type Definitions

DerSignature
ECDSA/secp256k1 signature (ASN.1 DER encoded)
Signature
ECDSA/secp256k1 signature (fixed-size)