diff --git a/cr_device_cert.c b/cr_device_cert.c
index a6f6568..cd52fa4 100644
--- a/cr_device_cert.c
+++ b/cr_device_cert.c
@@ -225,20 +225,17 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 	// TODO: HSMä½¿ç”¨æ™‚ã®å‡¦ç†ã‚’å®Ÿè£…
 	
 	// ECDSAç½²åä»˜åŠ 
-	u8 sha256buf[ SHA256_DIGEST_LENGTH ];
+	u8 sha256Buf[ SHA256_DIGEST_LENGTH ];
 
 	// CR_DeviceCertã®SHA256è¨ˆç®—
-	SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256buf );
+	SHA256( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha256Buf );
+	DEBUG_PRINT_ARRAY( "sha256(HSM)", (const char *)sha256Buf, 32 );
 	
-	u8 signBuf[ 70 ];
-	int signLen = 0;
-	u8 sha1Buf[ 20 ];
-	memset( signBuf, 0, sizeof( signBuf ) );
-		
+	u8 sha1Buf[ 20 ];	
 	SHA1( deviceCert.issuerName, (int)&deviceCert + sizeof(CR_DeviceCert) - (int)deviceCert.issuerName, sha1Buf );
 	//DEBUG_PRINT_ARRAY( "sha1(HSM)", (const char *)sha1buf, 20 );
 						
-	ret_code = hsm_ecdsa_sign( signBuf, &signLen, sha1Buf, 20, bonding_option );
+	ret_code = hsm_ecdsa_sign( deviceCert.eccSignature, sha256Buf, bonding_option );
 	if ( ret_code != CR_GENID_SUCCESS )
 	{
 		SetErrorInfo( __FUNCTION__, __LINE__ );
@@ -346,11 +343,35 @@ int GenerateCTRDeviceCert( EC_KEY *pECkey, u32 device_id, u8 bonding_option, u8
 			ret_code = CR_GENID_ERROR_ECC_READ_PUBLIC_KEY;
 			goto end;
 		}
-#if 0
+#if 1
 		// TODO: ãƒãƒƒã‚·ãƒ¥å‡¦ç†
+		int i;
+		u8 verifyHash[30];
+		memset( verifyHash, 0, sizeof( verifyHash ) );
+		
+		verifyHash[0] = sha256Buf[0] >> 7;
+		for ( i = 1; i < 30; i++ )
+		{
+			verifyHash[i] = (sha256Buf[i-1] << 1) | (sha256Buf[i] >> 7);
+		}
+		DEBUG_PRINT_ARRAY( (char*)"verifyHash(HSM)", (const char *)verifyHash, 30 );
+		
 		// TODO: ECDSAç½²åï¼ˆDERï¼‰ã‚’å†æ§‹ç¯‰
+		u8 signBuf[70];
+		int signLen = 66;
+		memset( signBuf, 0, sizeof( signBuf ) );
+		signBuf[0] = 0x30;
+		signBuf[1] = 0x40;
+		signBuf[2] = 0x02;
+		signBuf[3] = 0x1E;
+		memcpy( &signBuf[4], &deviceCert.eccSignature[0], 0x1E );
+		signBuf[0x22] = 0x02;
+		signBuf[0x23] = 0x1E;
+		memcpy( &signBuf[0x24], &deviceCert.eccSignature[30], 0x1E );	
+		DEBUG_PRINT_ARRAY( (char*)"sign(HSM)", (const char *)signBuf, signLen );
+		
 		// ç½²åãƒ™ãƒªãƒ•ã‚¡ã‚¤
-		ret_code = ECDSA_verify( 0, sha1Buf, 20, signBuf, signLen, NCT2 );
+		ret_code = ECDSA_verify( 0, &verifyHash[1], 233/8, signBuf, signLen, NintendoCTR2 );
 		if( ret_code != 1) {
 			ret_code = CR_GENID_ERROR_ECDSA_VERIFY;
 			SetErrorInfo( __FUNCTION__, __LINE__ );
diff --git a/cr_hsm_code.c b/cr_hsm_code.c
index ad3dec4..a285923 100644
--- a/cr_hsm_code.c
+++ b/cr_hsm_code.c
@@ -812,14 +812,13 @@ end:
 	return ret_code;
 }	// hsm_ecdsa_load_keypair
 
-int hsm_ecdsa_sign( unsigned char *sign_buf, int *sign_size, unsigned char *data_buf, int data_size, unsigned char bonding_option )
+int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned char bonding_option )
 {
 	int ret_code = CR_GENID_SUCCESS;
 	
 	M_KeyID privKeyid, pubKeyid;
 	M_Command cmd;
 	M_Reply reply;
-	struct NFast_Bignum *rBn, *sBn;
 	unsigned char *rPtr, *sPtr;
 	int rLen, sLen;
 
@@ -835,14 +834,10 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, int *sign_size, unsigned char *data
 	cmd.args.sign.flags = 0;	// Cmd_Sign_Args_flags_given_iv_present;
 	cmd.args.sign.key = privKeyid;
 	cmd.args.sign.mech = HSM_SIGN_MECH;
-
-#if 0
-	M_Hash32 *hash = (M_Hash32*)data_buf;
-	cmd.args.sign.plain.type = PlainTextType_Hash32;
-	cmd.args.sign.plain.data.hash32.data = *hash;
-#endif
-
 #if 1
+	cmd.args.sign.plain.type = PlainTextType_Hash32;
+	cmd.args.sign.plain.data.hash32.data = *(M_Hash32*)data_buf;
+#else
 	cmd.args.sign.plain.type = PlainTextType_Hash;
 	cmd.args.sign.plain.data.hash.data = *(M_Hash*)data_buf;
 #endif
@@ -870,27 +865,36 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, int *sign_size, unsigned char *data
 	sPtr = (unsigned char*)malloc( sLen );
 	my_bignum2bin ( sPtr, sLen, hsmHandle, reply.reply.sign.sig.data.ecdsa.s );
 #endif
-	my_bignumCopy( &rBn, reply.reply.sign.sig.data.ecdsa.r, hsmHandle );
-	my_bignumCopy( &sBn, reply.reply.sign.sig.data.ecdsa.s, hsmHandle );
 		
-#if 1
+#if 0
 	DEBUG_PRINT_ARRAY( (char*)"sig r(HSM)", (const char *)rPtr, rLen );
 	DEBUG_PRINT_ARRAY( (char*)"sig s(HSM)", (const char *)sPtr, sLen );
 #endif
 																												
+	
+	// verify
+#if 1
+	struct NFast_Bignum *rBn, *sBn;
+	my_bignumCopy( &rBn, reply.reply.sign.sig.data.ecdsa.r, hsmHandle );
+	my_bignumCopy( &sBn, reply.reply.sign.sig.data.ecdsa.s, hsmHandle );
+
 	//NFastApp_Free_Command( handle, NULL, NULL, &cmd );
 	NFastApp_Free_Reply( hsmHandle, NULL, NULL, &reply );
 	memset( &cmd, 0, sizeof( cmd ) );
 	memset( &reply, 0, sizeof( reply ) );
 
-#if 0
-	// verify transact
 	cmd.cmd = Cmd_Verify;
 	cmd.args.verify.flags = 0;
 	cmd.args.verify.key = pubKeyid;
 	cmd.args.verify.mech = HSM_SIGN_MECH;
+#if 1
+	cmd.args.verify.plain.type = PlainTextType_Hash32;
+	cmd.args.verify.plain.data.hash32.data = *(M_Hash32*)data_buf;
+#else
 	cmd.args.verify.plain.type = PlainTextType_Hash;
 	cmd.args.verify.plain.data.hash.data = *(M_Hash*)data_buf;
+#endif
+
 	cmd.args.verify.sig.mech = HSM_SIGN_MECH;
 	cmd.args.verify.sig.data.ecdsa.r = rBn;
 	cmd.args.verify.sig.data.ecdsa.s = sBn;
@@ -906,24 +910,34 @@ int hsm_ecdsa_sign( unsigned char *sign_buf, int *sign_size, unsigned char *data
 		SetErrorInfo( __FUNCTION__, __LINE__ );
 		return ret_code;
 	}
-#endif
+	
+	NFastApp_Free( hsmHandle, rBn, NULL, NULL );
+	NFastApp_Free( hsmHandle, sBn, NULL, NULL );
+#endif	// verify
 		
 	// copy sign
-	sign_buf[0] = 0x30;
-	sign_buf[1] = 0x40;
-	sign_buf[2] = 0x02;
-	sign_buf[3] = 0x1E;
-	memcpy( &sign_buf[4], &rPtr[2], 0x1E );
-	sign_buf[0x22] = 0x02;
-	sign_buf[0x23] = 0x1E;
-	memcpy( &sign_buf[0x24], &sPtr[2], 0x1E );	
-	*sign_size = 0x40 + 2;
-	DEBUG_PRINT_ARRAY( (char*)"sign(HSM)", (const char *)sign_buf, *sign_size );
+	int i;
+	memset( sign_buf, 0, 60 );
+	if ( rLen == 32 )
+		memcpy( sign_buf, &rPtr[2], 0x1E );
+	else
+	{
+		for ( i = 0; i < rLen; i++ )
+			sign_buf[ 30 - i - 1 ] = rPtr[ rLen - i - 1 ];
+	}
+	
+	if ( sLen == 32 )
+		memcpy( &sign_buf[30], &sPtr[2], 0x1E );
+	else
+	{
+		for ( i = 0; i < sLen; i++ )
+			sign_buf[ 60 - i - 1 ] = sPtr[ sLen - i - 1 ];
+	}
 
 	//NFastApp_Free_Command( hsmHandle, NULL, NULL, &cmd );	// ‰½ŒÌ‚©ƒAƒ{[ƒg‚·‚é
 	NFastApp_Free_Reply( hsmHandle, NULL, NULL, &reply );	
-	NFastApp_Free( hsmHandle, rBn, NULL, NULL );
-	NFastApp_Free( hsmHandle, sBn, NULL, NULL );
+	free( rPtr );
+	free( sPtr );
 
 	return CR_GENID_SUCCESS;
 }	// hsm_ecdsa_sign
diff --git a/cr_hsm_code.h b/cr_hsm_code.h
index b43185c..c00831c 100644
--- a/cr_hsm_code.h
+++ b/cr_hsm_code.h
@@ -119,8 +119,8 @@ extern "C" {
 #endif
 
 #define HSM_MODULE_ID	(  1)
-//#define HSM_SIGN_MECH	Mech_ECDSAhSHA256
-#define HSM_SIGN_MECH	Mech_ECDSA
+#define HSM_SIGN_MECH	Mech_ECDSAhSHA256
+//#define HSM_SIGN_MECH	Mech_ECDSA
 
 // functions
 int hsm_initialize( void );
@@ -132,7 +132,7 @@ int hsm_aes_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u
 int hsm_aes_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option, unsigned char *pIV );
 int hsm_rsa_encrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option );
 int hsm_rsa_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, unsigned char bonding_option );
-int hsm_ecdsa_sign( unsigned char *sign_buf, int *sign_size, unsigned char *data_buf, int data_size, unsigned char bonding_option );
+int hsm_ecdsa_sign( unsigned char *sign_buf, unsigned char *data_buf, unsigned char bonding_option );
 
 #ifdef __cplusplus
 }