Fast Elliptic Curve Digital Signatures (fastecdsa)

3.0.1 · active · verified Thu Apr 16

fastecdsa is a Python library designed for fast elliptic curve digital signatures. It provides an efficient implementation of ECDSA for various standard curves and hash functions, outperforming some other pure Python alternatives. The library is currently at version 3.0.1, with its latest major release in January 2025, and continues to be actively maintained.

Common errors

```
error: Microsoft Visual C++ 14.0 or greater is required.
```
cause During installation on Windows, the C extensions fail to compile because the necessary Microsoft Visual C++ Build Tools are not found.

fix Install 'Microsoft C++ Build Tools' for Visual Studio (available as a standalone installer or part of Visual Studio).
```
fatal error: 'gmp.h' file not found #include "gmp.h" OR ld: library not found for -lgmp
```
cause The C compiler cannot find the GMP library headers or the linker cannot find the GMP library itself during compilation of fastecdsa's C extensions.

fix Install the GMP development packages for your system: - Debian/Ubuntu: `sudo apt-get install libgmp3-dev` - RHEL/CentOS: `sudo yum install gmp-devel` - macOS (Homebrew): `brew install gmp`. If this doesn't resolve it, try installing with `CFLAGS="-I$(brew --prefix gmp)/include" LDFLAGS="-L$(brew --prefix gmp)/lib" pip install fastecdsa`.
```
TypeError: Cannot convert int to bits OR TypeError: an integer is required (got type bytes)
```
cause Incorrect argument order or type for the `ecdsa.sign()` or `ecdsa.verify()` functions. A common mistake is swapping the message and private key arguments.

fix Ensure the correct signature `ecdsa.sign(message, private_key, curve, hashfunc=...)` is used, where `message` is `str`, `bytes`, or `bytearray`, and `private_key` is an `int`. Similarly for `ecdsa.verify((r, s), message, public_key, curve, hashfunc=...)`.

Warnings

breaking fastecdsa versions 2.x and above exclusively support Python 3.5+. Earlier versions (pre-1.2.1) were compatible with Python 2.7, requiring a Python version upgrade for users migrating from older codebases.
Fix: Upgrade your Python environment to 3.9+ and install the latest fastecdsa version.
gotcha The library author recommends using more established and thoroughly reviewed cryptographic libraries for security-critical applications, despite fastecdsa's internal security considerations.
Fix: Assess the security requirements of your application carefully. For high-stakes security, consider alternatives like `cryptography`.
gotcha Installation on Windows and macOS (especially M1/Apple Silicon) can be complex due to the requirement for a C compiler and the `gmp` library. Users often encounter build errors if these dependencies are not correctly set up and discoverable by the Python build process.
Fix: Ensure you have a C compiler (e.g., Visual Studio Build Tools on Windows, Xcode Command Line Tools on macOS) and the `gmp` library installed on your system, with their headers and libraries accessible via system paths or environment variables (CFLAGS, LDFLAGS).
breaking Older versions of fastecdsa (prior to 2.3.2) contained several security vulnerabilities, including timing attacks and use of uninitialized variables, which could lead to information leakage or denial of service.
Fix: Upgrade to fastecdsa version 3.0.1 or at least 2.3.2 to mitigate known vulnerabilities.

Install

pip install fastecdsa Install with pip
sudo apt-get install gcc python3-dev libgmp3-dev pip install fastecdsa Debian/Ubuntu with GMP
brew install gmp CFLAGS="-I$(brew --prefix gmp)/include" LDFLAGS="-L$(brew --prefix gmp)/lib" pip install fastecdsa macOS with Homebrew GMP

Imports

keys
```
from fastecdsa import keys
```
curve
```
from fastecdsa import curve
```
ecdsa
```
from fastecdsa import ecdsa
```
P256
```
from fastecdsa.curve import P256
```
Point
```
from fastecdsa.point import Point
```

Quickstart

Generates an ECDSA keypair using the P256 curve, signs a sample message with the private key, and then verifies the signature using the public key and the same curve and hash function.

from fastecdsa import keys, curve, ecdsa
from hashlib import sha256

# 1. Generate a keypair
private_key, public_key = keys.gen_keypair(curve.P256)

# 2. Message to sign (can be string, bytes, or bytearray)
message = "This is a test message to be signed."

# 3. Sign the message
r, s = ecdsa.sign(message, private_key, curve.P256, hashfunc=sha256)

# 4. Verify the signature
valid = ecdsa.verify((r, s), message, public_key, curve.P256, hashfunc=sha256)

print(f"Private Key: {hex(private_key)}")
print(f"Public Key (x, y): ({hex(public_key.x)}, {hex(public_key.y)})")
print(f"Signature (r, s): ({hex(r)}, {hex(s)})")
print(f"Signature Valid: {valid}")

view raw JSON →