Crate ecdsa

source ·
Expand description

RustCrypto: ECDSA

crate Docs Build Status Apache2/MIT licensed MSRV Project Chat

Elliptic Curve Digital Signature Algorithm (ECDSA) as specified in FIPS 186-4 (Digital Signature Standard).



This crate provides generic ECDSA support which can be used in the following ways:

  • Generic implementation of ECDSA usable with the following crates:
  • Other crates which provide their own complete implementations of ECDSA can also leverage the types from this crate to export ECDSA functionality in a generic, interoperable way by leveraging ecdsa::Signature with the signature::Signer and signature::Verifier traits.

⚠️ Security Warning

The ECDSA implementation contained in this crate has never been independently audited for security!

This crate contains a generic implementation of ECDSA which must be instantiated using a separate crate providing a concrete implementation of arithmetic for a particular curve. It’s possible timing variability can exist in concrete curve implementations, and thus this crate’s security can only be properly assessed for a specific elliptic curve.


Minimum Supported Rust Version

This crate requires Rust 1.65 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.


All crates licensed under either of

at your option.


Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

serde support

When the serde feature of this crate is enabled, Serialize and Deserialize impls are provided for the Signature and VerifyingKey types.

Please see type-specific documentation for more information.


Any crates which provide an implementation of ECDSA for a particular elliptic curve can leverage the types from this crate, along with the k256, p256, and/or p384 crates to expose ECDSA functionality in a generic, interoperable way by leveraging the Signature type with in conjunction with the signature::Signer and signature::Verifier traits.

For example, the ring-compat crate implements the signature::Signer and signature::Verifier traits in conjunction with the p256::ecdsa::Signature and p384::ecdsa::Signature types to wrap the ECDSA implementations from ring in a generic, interoperable API.



  • derder
    Support for ASN.1 DER-encoded ECDSA signatures as specified in RFC5912 Appendix A.
  • devdev
    Development-related functionality.
  • hazmathazmat
    Low-level ECDSA primitives.



  • Signature errors.
  • ECDSA signature with low-S normalization applied.
  • Recovery IDs, a.k.a. “recid”.
  • ECDSA signature (fixed-size). Generic over elliptic curve types.
  • An extended Signature type which is parameterized by an ObjectIdentifier which identifies the ECDSA variant used by a particular signature.
  • SigningKeysigning
    ECDSA secret key used for signing. Generic over prime order elliptic curves (e.g. NIST P-curves)
  • VerifyingKeyverifying
    ECDSA public key used for verifying signatures. Generic over prime order elliptic curves (e.g. NIST P-curves)



Type Aliases

  • Encoded elliptic curve point sized appropriately for a given curve.
  • Result type.
  • Fixed-size byte array containing an ECDSA signature
  • Size of a fixed sized signature for the given elliptic curve.