diff --git a/Cargo.lock b/Cargo.lock index f4f6c006097afd..fabd5ff62e8b0f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1218,6 +1218,7 @@ dependencies = [ "once_cell", "p256", "p384", + "p521", "rand", "ring", "rsa", @@ -4115,6 +4116,20 @@ dependencies = [ "sha2", ] +[[package]] +name = "p521" +version = "0.13.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fc9e2161f1f215afdfce23677034ae137bbd45016a880c2eb3ba8eb95f085b2" +dependencies = [ + "base16ct", + "ecdsa", + "elliptic-curve", + "primeorder", + "rand_core", + "sha2", +] + [[package]] name = "parking_lot" version = "0.11.2" diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts index 4e1a31eaacc167..829330eba83803 100644 --- a/cli/tests/unit/webcrypto_test.ts +++ b/cli/tests/unit/webcrypto_test.ts @@ -2006,3 +2006,42 @@ Deno.test(async function testHmacJwkImport() { ["sign", "verify"], ); }); + +Deno.test(async function p521Import() { + const jwk = { + "crv": "P-521", + "ext": true, + "key_ops": [ + "verify", + ], + "kty": "EC", + "x": + "AXkSI8nfkc6bu3fifXGuKKbu08g5LKPfxUNQJJYzzPgmN8XLDzx0C9Sdeejl1XoWGrheKPHl0k4tUmHw0cdInpfj", + "y": + "AT4vjsO0bzVRlN3Wthv9DewncDXS2tlTob5QojV8WX1GzOAikRfWFEP3nspoSv88U447acZAsk5IvgGJuVjgMDlx", + }; + const algorithm = { name: "ECDSA", namedCurve: "P-521" }; + + const key = await crypto.subtle.importKey( + "jwk", + jwk, + algorithm, + true, + ["verify"], + ); + + assert(key instanceof CryptoKey); +}); + +Deno.test(async function p521Generate() { + const algorithm = { name: "ECDSA", namedCurve: "P-521" }; + + const key = await crypto.subtle.generateKey( + algorithm, + true, + ["sign", "verify"], + ); + + assert(key.privateKey instanceof CryptoKey); + assert(key.publicKey instanceof CryptoKey); +}); diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index 06dd0f41a66717..d2949eb624a245 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -63,8 +63,7 @@ const { isDataView, } = core; -// P-521 is not yet supported. -const supportedNamedCurves = ["P-256", "P-384"]; +const supportedNamedCurves = ["P-256", "P-384", "P-521"]; const recognisedUsages = [ "encrypt", "decrypt", diff --git a/ext/crypto/Cargo.toml b/ext/crypto/Cargo.toml index 2ac35c4e00bd93..9896bde0b3e5aa 100644 --- a/ext/crypto/Cargo.toml +++ b/ext/crypto/Cargo.toml @@ -30,6 +30,7 @@ num-traits = "0.2.14" once_cell.workspace = true p256 = { version = "0.13.2", features = ["ecdh"] } p384 = "0.13.0" +p521 = "0.13.3" rand.workspace = true ring = { workspace = true, features = ["std"] } rsa.workspace = true diff --git a/ext/crypto/generate_key.rs b/ext/crypto/generate_key.rs index 0745585324d4ef..43aea2c705c214 100644 --- a/ext/crypto/generate_key.rs +++ b/ext/crypto/generate_key.rs @@ -84,11 +84,17 @@ fn generate_key_rsa( Ok(private_key.as_bytes().to_vec()) } +fn generate_key_ec_p521() -> Vec { + let mut rng = OsRng; + let key = p521::SecretKey::random(&mut rng); + key.to_nonzero_scalar().to_bytes().to_vec() +} + fn generate_key_ec(named_curve: EcNamedCurve) -> Result, AnyError> { let curve = match named_curve { EcNamedCurve::P256 => &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING, EcNamedCurve::P384 => &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING, - _ => return Err(not_supported_error("Unsupported named curve")), + EcNamedCurve::P521 => return Ok(generate_key_ec_p521()), }; let rng = ring::rand::SystemRandom::new(); diff --git a/ext/crypto/import_key.rs b/ext/crypto/import_key.rs index 409ffe7beb8506..7b06cae99e4439 100644 --- a/ext/crypto/import_key.rs +++ b/ext/crypto/import_key.rs @@ -520,7 +520,12 @@ fn import_key_ec_jwk_to_point( p384::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes() } - _ => return Err(not_supported_error("Unsupported named curve")), + EcNamedCurve::P521 => { + let x = decode_b64url_to_field_bytes::(&x)?; + let y = decode_b64url_to_field_bytes::(&y)?; + + p521::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes() + } }; Ok(point_bytes.to_vec()) @@ -629,7 +634,15 @@ fn import_key_ec( return Err(data_error("invalid P-384 elliptic curve point")); } } - _ => return Err(not_supported_error("Unsupported named curve")), + EcNamedCurve::P521 => { + // 1-2. + let point = p521::EncodedPoint::from_bytes(&data) + .map_err(|_| data_error("invalid P-521 elliptic curve point"))?; + // 3. + if point.is_identity() { + return Err(data_error("invalid P-521 elliptic curve point")); + } + } }; Ok(ImportKeyResult::Ec { raw_data: RustRawKeyData::Public(data.to_vec().into()), @@ -755,7 +768,18 @@ fn import_key_ec( point.as_bytes().len() } - _ => return Err(not_supported_error("Unsupported named curve")), + EcNamedCurve::P521 => { + let point = + p521::EncodedPoint::from_bytes(&*encoded_key).map_err(|_| { + data_error("invalid P-521 elliptic curve SPKI data") + })?; + + if point.is_identity() { + return Err(data_error("invalid P-521 elliptic curve point")); + } + + point.as_bytes().len() + } }; if bytes_consumed != pk_info.subject_public_key.raw_bytes().len() { diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json index 2c9aa8ceb59310..f473eef2062337 100644 --- a/tools/wpt/expectation.json +++ b/tools/wpt/expectation.json @@ -12,7 +12,6 @@ "P-521 mismatched curves", "P-521 public property of algorithm is not an ECDSA public key", "P-521 no deriveBits usage for base key", - "P-521 base key is not a private key", "P-521 public property value is a private key", "P-521 public property value is a secret key", "P-521 asking for too many bits" @@ -26,7 +25,6 @@ "P-521 mismatched curves", "P-521 public property of algorithm is not an ECDSA public key", "P-521 no deriveBits usage for base key", - "P-521 base key is not a private key", "P-521 public property value is a private key", "P-521 public property value is a secret key", "P-521 asking for too many bits" @@ -37,7 +35,6 @@ "P-521 mismatched curves", "P-521 public property of algorithm is not an ECDSA public key", "P-521 no deriveKey usage for base key", - "P-521 base key is not a private key", "P-521 public property value is a private key", "P-521 public property value is a secret key" ], @@ -47,7 +44,6 @@ "P-521 mismatched curves", "P-521 public property of algorithm is not an ECDSA public key", "P-521 no deriveKey usage for base key", - "P-521 base key is not a private key", "P-521 public property value is a private key", "P-521 public property value is a secret key" ], @@ -699,22 +695,10 @@ "failures_AES-GCM.https.any.worker.html": true, "failures_AES-KW.https.any.html": true, "failures_AES-KW.https.any.worker.html": true, - "failures_ECDH.https.any.html": [ - "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])", - "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])" - ], - "failures_ECDH.https.any.worker.html": [ - "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])", - "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])" - ], - "failures_ECDSA.https.any.html": [ - "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])", - "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])" - ], - "failures_ECDSA.https.any.worker.html": [ - "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])", - "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])" - ], + "failures_ECDH.https.any.html": true, + "failures_ECDH.https.any.worker.html": true, + "failures_ECDSA.https.any.html": true, + "failures_ECDSA.https.any.worker.html": true, "failures_HMAC.https.any.html": true, "failures_HMAC.https.any.worker.html": true, "failures_RSA-OAEP.https.any.html": true, @@ -733,98 +717,10 @@ "successes_AES-KW.https.any.worker.html": true, "successes_HMAC.https.any.html": true, "successes_HMAC.https.any.worker.html": true, - "successes_ECDH.https.any.html": [ - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])" - ], - "successes_ECDH.https.any.worker.html": [ - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])", - "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])" - ], - "successes_ECDSA.https.any.html": [ - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])" - ], - "successes_ECDSA.https.any.worker.html": [ - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])", - "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])" - ], + "successes_ECDH.https.any.html": true, + "successes_ECDH.https.any.worker.html": true, + "successes_ECDSA.https.any.html": true, + "successes_ECDSA.https.any.worker.html": true, "successes_RSA-OAEP.https.any.html?1-10": true, "successes_RSA-OAEP.https.any.html?101-110": true, "successes_RSA-OAEP.https.any.html?11-20": true, @@ -1061,21 +957,6 @@ "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])", "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])", "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])", "Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])", @@ -1109,11 +990,6 @@ "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])", "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])", "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])", @@ -1167,21 +1043,6 @@ "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])", "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])", "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])", "Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])", @@ -1215,11 +1076,6 @@ "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])", "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])", "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])", - "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])", - "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])", "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",