ECDSA with SHA-1

The ECDSA with SHA-1 mechanism, denoted CKM_ECDSA_SHA1, is a mechanism for single- and multiple-part signatures and verification for ECDSA. This mechanism computes the entire ECDSA specification, including the hashing with SHA-1.

For the purposes of this mechanism, an ECDSA signature is a 40-byte string, corresponding to the concatenation of the ECDSA values r and s, each represented most-significant byte first.

This mechanism does not have a parameter.

Constraints on key types and the length of data are summarized in the following table:

Table 67, ECDSA with SHA-1: Key And Data Length
Function Key type Input length Output length

C_Sign ECDSA private key any 40

C_Verify ECDSA public key any, 40² N/A

² Data length, signature length.

For this mechanism, the ulMinKeySize and ulMaxKeySize fields of the CK_MECHANISM_INFO structure specify the minimum and maximum supported number of bits in the field sizes, respectively. For example, if a Cryptoki library supports only ECDSA using a field of characteristic 2 which has between 2²⁰⁰ and 2³⁰⁰ elements, then ulMinKeySize = 201 and ulMaxKeySize = 301 (when written in binary notation, the number 2²⁰⁰ consists of a 1 bit followed by 200 0 bits. It is therefore a 201-bit number. Similarly, 2³⁰⁰ is a 301-bit number).

RSA Security Inc. Public-Key Cryptography Standards - PKCS#11 - v210

Function	Key type	Input length	Output length
C_Sign	ECDSA private key	any	40
C_Verify	ECDSA public key	any, 40²	N/A