smithy-lang · xinsong-cui · Nov 6, 2025 · Nov 4, 2025 · Nov 4, 2025 · Nov 4, 2025
@@ -726,7 +726,16 @@ public final class aws/smithy/kotlin/runtime/hashing/Crc32cKt {
 }
 
 public final class aws/smithy/kotlin/runtime/hashing/EcdsaJVMKt {
-	public static final fun ecdsaSecp256r1 ([B[B)[B
+	public static final fun ecdsaSecp256r1 ([B[BLaws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;)[B
+	public static synthetic fun ecdsaSecp256r1$default ([B[BLaws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;ILjava/lang/Object;)[B
+}
+
+public final class aws/smithy/kotlin/runtime/hashing/EcdsaSignatureType : java/lang/Enum {
+	public static final field ASN1_DER Laws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;
+	public static final field RAW_RS Laws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;
+	public static fun getEntries ()Lkotlin/enums/EnumEntries;
+	public static fun valueOf (Ljava/lang/String;)Laws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;
+	public static fun values ()[Laws/smithy/kotlin/runtime/hashing/EcdsaSignatureType;
 }
 
 public abstract interface class aws/smithy/kotlin/runtime/hashing/HashFunction {

@@ -4,7 +4,16 @@
  */
 package aws.smithy.kotlin.runtime.hashing
 
+public enum class EcdsaSignatureType {
+    ASN1_DER,
+    RAW_RS,
+}
+
 /**
  * ECDSA on the SECP256R1 curve.
  */
-public expect fun ecdsaSecp256r1(key: ByteArray, message: ByteArray): ByteArray
+public expect fun ecdsaSecp256r1(
+    key: ByteArray,
+    message: ByteArray,
+    signatureType: EcdsaSignatureType = EcdsaSignatureType.ASN1_DER,
+): ByteArray
diff --git a/runtime/runtime-core/jvm/src/aws/smithy/kotlin/runtime/hashing/EcdsaJVM.kt b/runtime/runtime-core/jvm/src/aws/smithy/kotlin/runtime/hashing/EcdsaJVM.kt
@@ -12,7 +12,11 @@ import java.security.spec.*
 /**
  * ECDSA on the SECP256R1 curve.
  */
-public actual fun ecdsaSecp256r1(key: ByteArray, message: ByteArray): ByteArray {
+public actual fun ecdsaSecp256r1(
+    key: ByteArray,
+    message: ByteArray,
+    signatureType: EcdsaSignatureType,
+): ByteArray {
     // Convert private key to BigInteger
     val d = BigInteger(key)
 
@@ -28,10 +32,42 @@ public actual fun ecdsaSecp256r1(key: ByteArray, message: ByteArray): ByteArray
     val privateKey = keyFactory.generatePrivate(privateKeySpec)
 
     // Sign the message
-    return Signature.getInstance("SHA256withECDSA").apply {
+    val derSignature = Signature.getInstance("SHA256withECDSA").apply {
         initSign(privateKey)
         update(message)
     }.sign()
+
+    return when (signatureType) {
+        EcdsaSignatureType.ASN1_DER -> derSignature
+        EcdsaSignatureType.RAW_RS -> parseDerSignature(derSignature)
+    }
 }
 
 private fun BigInteger.toJvm(): java.math.BigInteger = java.math.BigInteger(1, toByteArray())
+
+/**
+ * Parses an ASN.1 DER encoded ECDSA signature and converts it to raw r||s format.
+ */
+private fun parseDerSignature(derSignature: ByteArray): ByteArray {
+    var index = 2 // Skip SEQUENCE tag and length
+
+    // Read r
+    index++ // Skip INTEGER tag
+    val rLength = derSignature[index++].toInt() and 0xFF
+    val r = derSignature.sliceArray(index until index + rLength)
+    index += rLength
+
+    // Read s
+    index++ // Skip INTEGER tag
+    val sLength = derSignature[index++].toInt() and 0xFF
+    val s = derSignature.sliceArray(index until index + sLength)
+
+    // Remove leading zero bytes and pad to 32 bytes
+    val rFixed = r.dropWhile { it == 0.toByte() }.toByteArray()
+    val sFixed = s.dropWhile { it == 0.toByte() }.toByteArray()
+
+    val rPadded = if (rFixed.size < 32) ByteArray(32 - rFixed.size) + rFixed else rFixed
+    val sPadded = if (sFixed.size < 32) ByteArray(32 - sFixed.size) + sFixed else sFixed
+
+    return rPadded + sPadded
+}
@@ -4,6 +4,7 @@
  */
 package aws.smithy.kotlin.runtime.hashing
 
+import org.junit.jupiter.api.Assertions.assertEquals
 import org.junit.jupiter.api.Assertions.assertFalse
 import org.junit.jupiter.api.Assertions.assertTrue
 import java.security.*
@@ -30,6 +31,11 @@ class EcdsaJVMTest {
 
         assertTrue(signature.isNotEmpty())
         assertTrue(signature.size >= 64) // ECDSA signatures are typically 70-72 bytes in DER format
+
+        val rawSignature = ecdsaSecp256r1(privateKey, message, EcdsaSignatureType.RAW_RS)
+
+        assertTrue(rawSignature.isNotEmpty())
+        assertEquals(64, rawSignature.size) // Raw signature should be exactly 64 bytes (32 bytes r + 32 bytes s)
     }
 
     @Test
@@ -44,6 +50,13 @@ class EcdsaJVMTest {
         assertTrue(signature1.isNotEmpty())
         assertTrue(signature2.isNotEmpty())
         assertFalse(signature1.contentEquals(signature2))
+
+        val rawSignature1 = ecdsaSecp256r1(privateKey, message1, EcdsaSignatureType.RAW_RS)
+        val rawSignature2 = ecdsaSecp256r1(privateKey, message2, EcdsaSignatureType.RAW_RS)
+
+        assertTrue(rawSignature1.isNotEmpty())
+        assertTrue(rawSignature2.isNotEmpty())
+        assertFalse(rawSignature1.contentEquals(rawSignature2))
     }
 
     @Test
@@ -53,6 +66,9 @@ class EcdsaJVMTest {
 
         val signature = ecdsaSecp256r1(privateKey, message)
         assertTrue(signature.isNotEmpty())
+
+        val rawSignature = ecdsaSecp256r1(privateKey, message, EcdsaSignatureType.RAW_RS)
+        assertTrue(rawSignature.isNotEmpty())
     }
 
     @Test
@@ -62,6 +78,9 @@ class EcdsaJVMTest {
 
         val signature = ecdsaSecp256r1(privateKey, largeMessage)
         assertTrue(signature.isNotEmpty())
+
+        val rawSignature = ecdsaSecp256r1(privateKey, largeMessage, EcdsaSignatureType.RAW_RS)
+        assertTrue(rawSignature.isNotEmpty())
     }
 
     @Test