ECDSA account key

i tried to test the new account key but ran into an problem.

{“type”:“urn:acme:error:malformed”,“detail”:“algorithm ‘ES256’ in JWS header not acceptable”,“status”:400}

It looks like there’s a mismatch between the key you’re using and the signature algorithm you’re specifying. A JWS header specifying an algorithm of “ES256” must correspond to a JWK with an algorithm of “ES256”. Are you perhaps using a different type of key?

I should use the correct key type. But i can understand the question since this is an new account key type.

{"header": {"alg": "ES256", "jwk": {"crv": "P-384", "kty": "EC", "x": "zMIk-N--JuN8vNVPGogS1T0iy7oZDIbaCrZUjA5b-T35XWBp5AcmL8JIxJPDRmQi", "y": "Nt8xva5rZJ-0uWJgO-0aR0OS8PywgFH4HjD6f0a70JbqEy4XPvsZjRgH5d6WLCMO"}}, "protected": "eyJub25jZSI6ICJmS1NzZmM5NVBlU3VuZXFpdDJuTXpfM0dQSUJKMVpqbmZZMk9vY0lXNmVrIn0", "payload": "eyJhZ3JlZW1lbnQiOiAiaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvZG9jdW1lbnRzL0xFLVNBLXYxLjAuMS1KdWx5LTI3LTIwMTUucGRmIiwgImNvbnRhY3QiOiBbIm1haWx0bzp0ZXN0MUBzdWNoZS5vcmciXSwgInJlc291cmNlIjogIm5ldy1yZWcifQ", "signature": "MGUCMG00hYQmp87EYGhZh-DK07QYAdVldLrspWyKebqis2poHJ4bF-yNhSQXCRD9JUZO-wIxALioMdMwuMhg4CmGo3Hig8rRoBd5HxDZpIbJsJFgp6LTinupJsbx6ayv4VNmSwmVTg"}
206 ms POST HTTP-400 Bad Request {"type":"urn:acme:error:malformed","detail":"algorithm 'ES256' in JWS header not acceptable","status":400}

You’re trying to use the ES256 algorithm with a P-384 key. You need to specify the ES384 algorithm for a P-384 key.

My mistake i thought that the hash length isl like RSA independent from the key length.

The ECC key length and SHA-2 hash type is “coupled” apparently:

From RFC 7518:

| "alg" Param  | Digital Signature or MAC      | Implementation     |
| Value        | Algorithm                     | Requirements       |
| HS256        | HMAC using SHA-256            | Required           |
| HS384        | HMAC using SHA-384            | Optional           |
| HS512        | HMAC using SHA-512            | Optional           |
| RS256        | RSASSA-PKCS1-v1_5 using       | Recommended        |
|              | SHA-256                       |                    |
| RS384        | RSASSA-PKCS1-v1_5 using       | Optional           |
|              | SHA-384                       |                    |
| RS512        | RSASSA-PKCS1-v1_5 using       | Optional           |
|              | SHA-512                       |                    |
| ES256        | ECDSA using P-256 and SHA-256 | Recommended+       |
| ES384        | ECDSA using P-384 and SHA-384 | Optional           |
| ES512        | ECDSA using P-521 and SHA-512 | Optional           |
| PS256        | RSASSA-PSS using SHA-256 and  | Optional           |
|              | MGF1 with SHA-256             |                    |
| PS384        | RSASSA-PSS using SHA-384 and  | Optional           |
|              | MGF1 with SHA-384             |                    |
| PS512        | RSASSA-PSS using SHA-512 and  | Optional           |
|              | MGF1 with SHA-512             |                    |
| none         | No digital signature or MAC   | Optional           |
|              | performed                     |                    |
1 Like

The table i already found. The last point that did make trouble was the DER(r,s) vs. CONCAT(r,s) encoding.
Now i can also work with account keys in EC format.

So again the question is there any date known when this will go productive ?

@tlussnig, the other developers advised me that there was a pull request merged on Boulder to add ECDSA account key support:

Edit: they also told me that the ECDSA account key support should be activated in production at the same time as ECDSA subject keys are, so that is a milestone you can keep an eye out for.

For the milestone there is one issue open “” and this should be in place right now since it is in staging.So even this point can be closed and the milestone would have 100%.