Keygen is Fair SourceStar us on GitHub

Pricing
Use Cases
- Software Application LicensingUse Keygen's flagship software licensing API to add license key validation, device activation and entitlements to any software product.
- Software Artifact DistributionUse Keygen's supplementary software distribution API to securely deliver artifacts and offer automatic updates to licensed users.
- No-code Licensing AutomationUse Zapier to integrate Keygen with your favorite tools, such as Stripe for payments, and Postmark for transactional emails. No code required.
- For On-Premise/Multi-Prem
- For Go Programs
- For iOS Apps
- For Mac Applications
- For Android Apps
- For Windows Programs
- For Container Images
- For Electron Apps
- For WordPress Plugins
- For Tauri Apps
- For Python Packages
- For PHP Packages
- For Node Packages
- For RubyGems
Demos
Developers
- Self-Host KeygenLearn how to self-host Keygen's Community Edition for free, or self-host our Enterprise Edition for your business.
- Keygen Relay NEWUse Keygen Relay to securely distribute node-locked licenses in offline and air-gapped environments.
- Developer CLIUse Keygen's official CLI to sign and publish software releases. Integrate with our SDKs for secure automatic upgrades.
- Documentation
- API Reference
- Changelog
- Security
- Source Code
Company
- Read the Source CodeKeygen is an Fair Source software licensing and distribution API. View the source code on GitHub to learn more. Build vs BuyBusinesses of all sizes face the question of whether to build or buy a licensing solution.
- Open Source
- Fair Source
- Affiliate Program
- About
- Careers
- Blog
- Get Support
Log in
Sign Up

Announcing ECDSA P-256 support

Wednesday, September 24th 2025

We're excited to announce support for ECDSA over P-256 (also known as secp256r1 or prime256v1) across response, webhook, and license and machine file signatures. This introduces a new ecdsa-p256 signing algorithm, alongside a ECDSA_P256_SIGN scheme for signed keys. ECDSA P-256 is a widely adopted NIST standard, approved for use in systems validated under FIPS 140-3. See the documentation for license file signing algorithms here, and on supported schemes for signed license keys here.

Compared to RSA 2048, also NIST-approved, ECDSA P-256 provides stronger security with far greater efficiency. It produces smaller signatures, reduces bandwidth costs, and verifies more quickly on constrained devices. These advantages add up in systems that process large numbers of signed messages — license verifications, webhook deliveries, and API responses — where performance and overhead matter.

We still recommend Ed25519 as the best option for most cases because of its speed, simplicity, and strong security guarantees. But Ed25519 is not NIST-approved yet, so this recommendation falls short in those situations, historically leaving RSA 2048 as the alternative — which NIST recommends phasing out by 2030.

For organizations that need to check that NIST/FIPS box, ECDSA P-256 is the right fit for signatures: modern, secure, and compliant.

For a full comparison of supported algorithms, see our signing algorithms docs.

© 2016–2025 Keygen LLC – All Rights Reserved – Reach out <[email protected]>
The Keygen name, logo, and mark are trademarks of Keygen LLC in the United States