nrfconnect
diff --git a/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/cracenpsa.cmake
+10 b/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/cracenpsa.cmake
+10
diff --git a/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h
+44 b/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa.h
+44
diff --git a/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_primitives.h
+23 b/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_primitives.h
+23
diff --git a/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ecc.c
+90 b/‎subsys/nrf_security/src/drivers/cracen/cracenpsa/src/ecc.c
+90
@@ -15,6 +15,9 @@ list(APPEND cracen_driver_sources
   ${CMAKE_CURRENT_LIST_DIR}/src/common.c
   ${CMAKE_CURRENT_LIST_DIR}/src/mem_helpers.c
   ${CMAKE_CURRENT_LIST_DIR}/src/ec_helpers.c
+  ${CMAKE_CURRENT_LIST_DIR}/src/ecc.c
+  ${CMAKE_CURRENT_LIST_DIR}/src/rndinrange.c
+  ${CMAKE_CURRENT_LIST_DIR}/src/util.c
 
   # Note: We always need to have blkcipher.c and ctr_drbg.c since it
   # is used directly by many Cracen drivers.
@@ -44,7 +47,11 @@ endif()
 if(CONFIG_PSA_NEED_CRACEN_ASYMMETRIC_SIGNATURE_DRIVER)
   list(APPEND cracen_driver_sources
     ${CMAKE_CURRENT_LIST_DIR}/src/sign.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/ecdsa.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/ecc.c
     ${CMAKE_CURRENT_LIST_DIR}/src/ed25519.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/util.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/hmac.c
   )
 endif()
 
@@ -62,7 +69,10 @@ endif()
 
 if(CONFIG_PSA_NEED_CRACEN_KEY_MANAGEMENT_DRIVER OR CONFIG_PSA_NEED_CRACEN_KMU_DRIVER OR CONFIG_MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS)
   list(APPEND cracen_driver_sources
+    ${CMAKE_CURRENT_LIST_DIR}/src/ed25519.c
     ${CMAKE_CURRENT_LIST_DIR}/src/key_management.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/ecdsa.c
+    ${CMAKE_CURRENT_LIST_DIR}/src/ecc.c
   )
 endif()
 
 
@@ -375,4 +375,48 @@ int cracen_ed25519ph_verify(const uint8_t *pub_key, const char *message, size_t
 
 int cracen_ed25519_create_pubkey(const uint8_t *priv_key, uint8_t *pub_key);
 
+int be_cmp(const unsigned char *a, const unsigned char *b, size_t sz, int carry);
+
+int ecc_create_genpubkey(const char *priv_key, char *pub_key, const struct sx_pk_ecurve *curve);
+
+int ecc_create_genprivkey(const struct sx_pk_ecurve *curve, char *priv_key, size_t priv_key_size);
+
+int cracen_ecdsa_verify_message(char *pubkey, const struct sxhashalg *hashalg,
+				const uint8_t *message, size_t message_length,
+				const struct sx_pk_ecurve *curve, const uint8_t *signature);
+
+int cracen_ecdsa_verify_digest(char *pubkey, const struct sxhashalg *hashalg, const uint8_t *digest,
+			       size_t digestsz, const struct sx_pk_ecurve *curve,
+			       const uint8_t *signature);
+
+int cracen_ecdsa_sign_message(const struct eccsk *privkey, size_t privkey_size,
+			      const struct sxhashalg *hashalg, const struct sx_pk_ecurve *curve,
+			      const uint8_t *message, size_t message_length, uint8_t *signature,
+			      size_t signature_size, size_t *signature_length);
+
+int cracen_ecdsa_sign_digest(const struct eccsk *privkey, size_t privkey_size,
+			     const struct sxhashalg *hashalg, const struct sx_pk_ecurve *curve,
+			     const uint8_t *message, size_t message_length, uint8_t *signature,
+			     size_t signature_size, size_t *signature_length);
+
+int cracen_ecdsa_sign_message_deterministic(const struct eccsk *privkey, size_t privkey_size,
+					    const struct sxhashalg *hashalg,
+					    const struct sx_pk_ecurve *curve, const uint8_t *digest,
+					    size_t digest_length, uint8_t *signature,
+					    size_t signature_size, size_t *signature_length);
+
+int cracen_ecdsa_sign_digest_deterministic(const struct eccsk *privkey, size_t privkey_size,
+					   const struct sxhashalg *hashalg,
+					   const struct sx_pk_ecurve *curve, const uint8_t *digest,
+					   size_t digest_length, uint8_t *signature,
+					   size_t signature_size, size_t *signature_length);
+
+int rndinrange_create(const unsigned char *n, size_t nsz, unsigned char *out);
+
+int mac_create_hmac(const struct sxhashalg *hashalg, struct sxhash *hashopctx, const char *key,
+		    size_t keysz, char *workmem, size_t workmemsz);
+
+int hmac_produce(struct sxhash *hashctx, const struct sxhashalg *hashalg, char *out, size_t sz,
+		 char *workmem);
+
 #endif /* CRACEN_PSA_H */
@@ -371,4 +371,27 @@ struct cracen_pake_operation {
 	};
 };
 typedef struct cracen_pake_operation cracen_pake_operation_t;
+
+struct sx_pk_ecurve;
+
+struct ecdsa_signature {
+	size_t sz; /**< Total signature size, in bytes. */
+	char *r;   /**< Signature element "r". */
+	char *s;   /**< Signature element "s". */
+};
+struct eccsk {
+	const struct sx_pk_ecurve *curve;
+	char *d;
+};
+
+struct eccpk {
+	const struct sx_pk_ecurve *curve;
+	char *qx;
+	char *qy;
+};
+
+struct ecc_keypair {
+	struct eccsk sk;
+	struct eccpk pk;
+};
 #endif /* CRACEN_PSA_PRIMITIVES_H */
@@ -0,0 +1,90 @@
+/* ECC key pair generation.
+ * Based on FIPS 186-4, section B.4.2 "Key Pair Generation by Testing
+ * Candidates".
+ *
+ * Copyright (c) 2023 Nordic Semiconductor ASA
+ *
+ * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
+ */
+
+#include <string.h>
+#include <silexpk/core.h>
+#include <silexpk/iomem.h>
+#include <silexpk/cmddefs/ecc.h>
+#include <cracen/statuscodes.h>
+#include "cracen_psa.h"
+
+#define MAX_ECC_ATTEMPTS 10
+
+int ecc_create_genpubkey(const char *priv_key, char *pub_key, const struct sx_pk_ecurve *curve)
+{
+	const char **outputs;
+	struct sx_pk_acq_req pkreq;
+	struct sx_pk_inops_ecp_mult inputs;
+	int opsz;
+	int status;
+
+	for (int i = 0; i <= MAX_ECC_ATTEMPTS; i++) {
+		pkreq = sx_pk_acquire_req(SX_PK_CMD_ECC_PTMUL);
+		if (pkreq.status) {
+			return pkreq.status;
+		}
+		pkreq.status =
+			sx_pk_list_ecc_inslots(pkreq.req, curve, 0, (struct sx_pk_slot *)&inputs);
+		if (pkreq.status) {
+			return pkreq.status;
+		}
+
+		opsz = sx_pk_curve_opsize(curve);
+
+		/* Write the private key (random) into ba414ep device memory */
+		sx_wrpkmem(inputs.k.addr, priv_key, opsz);
+		sx_pk_write_curve_gen(pkreq.req, curve, inputs.px, inputs.py);
+
+		sx_pk_run(pkreq.req);
+
+		status = sx_pk_has_finished(pkreq.req);
+
+		status = sx_pk_wait(pkreq.req);
+		if (status != SX_OK) {
+			return status;
+		}
+		/*  static int on_generated_public(struct sitask *t, struct siwq *wq) */
+		outputs = sx_pk_get_output_ops(pkreq.req);
+
+		/* When countermeasures are used, the operation may fail with error code
+		 * SX_ERR_NOT_INVERTIBLE. In this case we can try again.
+		 */
+		if (status == SX_ERR_NOT_INVERTIBLE) {
+			sx_pk_release_req(pkreq.req);
+			if (i == MAX_ECC_ATTEMPTS) {
+				return SX_ERR_TOO_MANY_ATTEMPTS;
+			}
+		} else {
+			break;
+		}
+	}
+	sx_rdpkmem(pub_key, outputs[0], opsz);
+	sx_rdpkmem(pub_key + opsz, outputs[1], opsz);
+	sx_pk_release_req(pkreq.req);
+	return status;
+}
+
+int ecc_create_genprivkey(const struct sx_pk_ecurve *curve, char *priv_key, size_t priv_key_size)
+{
+	size_t keysz = (size_t)sx_pk_curve_opsize(curve);
+	int status;
+	int opsz = sx_pk_curve_opsize(curve);
+	const char *curve_n = sx_pk_curve_order(curve);
+
+	if (priv_key_size < keysz) {
+		return SX_ERR_OUTPUT_BUFFER_TOO_SMALL;
+	}
+
+	/* generate private key, a random in [1, n-1], where n is the curve
+	 * order
+	 */
+	status = rndinrange_create((const unsigned char *)curve_n, opsz, priv_key);
+
+	return status;
+}