https://devzone.nordicsemi.com/f/nordic-q-a/49032/ecdsa-signature-reproducibilityOur device is based on nRF52840 with SDK 15.0.0 The device communicates over BLE with PC application (aka client) via &quot;uart&quot; service. PC (client) messages are signed using ECDSA with secp265r1 curve and the device verifies the signature of receiveden-USTelligent Community 13Thu, 27 Jun 2019 11:41:17 GMThttps://devzone.nordicsemi.com/thread/195119?ContentTypeID=1Thu, 27 Jun 2019 11:41:17 GMT137ad170-7792-4731-bb38-c0d22fbe4515:64d61b96-6346-4a64-b301-6422d98e008ayes<p>Regarding curve both sides is configured to secp256r1 curve</p> <p></p> <p>PC side:</p> <p>private static ECDsa LoadPrivateKey(byte[] key)<br /> {<br /> var privKeyInt = new Org.BouncyCastle.Math.BigInteger(+1, key);<br /> var parameters = SecNamedCurves.GetByName(&quot;<strong>secp256r1</strong>&quot;);<br /> var ecPoint = parameters.G.Multiply(privKeyInt);<br /> var privKeyX = ecPoint.Normalize().XCoord.ToBigInteger().ToByteArrayUnsigned();<br /> var privKeyY = ecPoint.Normalize().YCoord.ToBigInteger().ToByteArrayUnsigned();</p> <p>var d = privKeyInt.ToByteArrayUnsigned();<br /> return ECDsa.Create(new ECParameters<br /> {<br /> Curve = ECCurve.NamedCurves.nistP256,<br /> D = privKeyInt.ToByteArrayUnsigned(),<br /> Q = new ECPoint<br /> {<br /> X = privKeyX,<br /> Y = privKeyY<br /> }<br /> });<br /> }</p> <p></p> <p>for device side:</p> <p>/*static*/ bool<br />bIsValidSignature(const uint8_t* a_ipHashMessage, const uint8_t* a_ipSignature, uint8_t* a_ipEcdsaPublicKey)<br />// Brief: verify signature<br />// Get: a_ipHashMessage - message<br />// a_ipSignature - signature<br />// a_ipEcdsaPublicKey - public key<br />// Return: true if successful, false otherwise<br />// Pre: -<br />// Post: signature verified<br />// Method: Trivial<br />{<br /> // swap endian<br /> // ~~~~~~~~~~~<br /> uint8_t l_iaPkCopy[d_iAuthPubKeySize];<br /> <strong>nrf_crypto_internal_double_swap_endian(l_iaPkCopy, a_ipEcdsaPublicKey, d_iAuthPubKeySize / 2);</strong></p> <p>// ecc public key from raw<br /> // ~~~~~~~~~~~~~~~~~~~~~~~<br /> nrf_crypto_ecc_public_key_t l_uPublicKey;<br /> if (NRF_SUCCESS != nrf_crypto_ecc_public_key_from_raw(&amp;<strong>g_nrf_crypto_ecc_secp256r1_curve_info</strong>, &amp;l_uPublicKey, l_iaPkCopy, d_iAuthPubKeySize))<br /> {<br /> LOG_WARNING(LOG_PRINT_CRYPTO, &quot;Crypto - verify signature - failed - ecc public key from raw&quot;);<br /> return false;<br /> }</p> <p>// verify the message using ECDSA and SHA-256<br /> // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br /> if (NRF_SUCCESS != nrf_crypto_ecdsa_verify(NULL, &amp;l_uPublicKey, a_ipHashMessage, d_iAuthHashSize, a_ipSignature, d_iAuthSigLen))<br /> {<br /> LOG_WARNING(LOG_PRINT_CRYPTO, &quot;Crypto - verify signature - failed - ECDSA verify&quot;);<br /> return false;<br /> }</p> <p>return true;<br />}</p> <p></p> <p></p> <p>Regarding endianness:</p> <p>Device code swaps it before verifying</p> <p>PC run on Win 10 which is little endian</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/195111?ContentTypeID=1Thu, 27 Jun 2019 11:28:16 GMT137ad170-7792-4731-bb38-c0d22fbe4515:f103cd56-af5f-4211-b3e8-080d05d7f2d7tesc<p>Hi,</p> <p>Have you double checked that you use the correct curve in both ends, and that you have not introduced any errors when copying the keys e.g. due to endianness or how they are otherwise encoded?</p> <p>Regards,<br />Terje</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/195068?ContentTypeID=1Thu, 27 Jun 2019 09:24:50 GMT137ad170-7792-4731-bb38-c0d22fbe4515:ae8cd9b2-11ad-4e8a-878b-e576f37ad143yes<p>The reason for different signatures is the random number which is generated for each cycle as part of the Alice&#39;s signing process</p><div style="clear:both;"></div>