Expand description

Elliptic Curve Digital Signature Algorithm (ECDSA).

This module contains support for computing and verifying ECDSA signatures. To use it, you will need to enable one of the two following Cargo features:

  • ecdsa-core: provides only the Signature type (which represents an ECDSA/secp256k1 signature). Does not require the arithmetic feature. This is useful for 3rd-party crates which wish to use the Signature type for interoperability purposes (particularly in conjunction with the signature::Signer trait). Example use cases for this include other software implementations of ECDSA/secp256k1 and wrappers for cloud KMS services or hardware devices (HSM or crypto hardware wallet).
  • ecdsa: provides ecdsa-core features plus the SigningKey and VerifyingKey types which natively implement ECDSA/secp256k1 signing and verification.

Additionally, this crate contains support for computing ECDSA signatures using either the SHA-256 (standard) or Keccak-256 (Ethereum) digest functions, which are gated under the following Cargo features:

  • sha256: compute signatures using NIST’s standard SHA-256 digest function. Unless you are computing signatures for Ethereum, this is almost certainly what you want.
  • keccak256: compute signatures using the Keccak-256 digest function, an incompatible variant of the SHA-3 algorithm used exclusively by Ethereum.

Most users of this library who want to sign/verify signatures will want to enable the ecdsa and sha256 Cargo features.

Ethereum Support

This crate natively supports Ethereum-style recoverable signatures. Please see the toplevel documentation of the recoverable module for more information.

Signing/Verification Example

This example requires the ecdsa and sha256 Cargo features are enabled:

use k256::{
    ecdsa::{SigningKey, Signature, signature::Signer},
    SecretKey,
};
use rand_core::OsRng; // requires 'getrandom' feature

// Signing
let signing_key = SigningKey::random(&mut OsRng); // Serialize with `::to_bytes()`
let message = b"ECDSA proves knowledge of a secret number in the context of a single message";

// Note: the signature type must be annotated or otherwise inferrable as
// `Signer` has many impls of the `Signer` trait (for both regular and
// recoverable signature types).
let signature: Signature = signing_key.sign(message);

// Verification
use k256::{EncodedPoint, ecdsa::{VerifyingKey, signature::Verifier}};

let verifying_key = VerifyingKey::from(&signing_key); // Serialize with `::to_encoded_point()`
assert!(verifying_key.verify(message, &signature).is_ok());

Modules

Ethereum-style “recoverable signatures”.

RustCrypto: signature crate.

Structs

Signature errors.

ECDSA/secp256k1 signing key

ECDSA/secp256k1 verification key (i.e. public key)

Type Definitions

ECDSA/secp256k1 signature (ASN.1 DER encoded)

ECDSA/secp256k1 signature (fixed-size)