mirror of
https://github.com/denoland/deno.git
synced 2024-12-25 08:39:09 -05:00
feat(ext/crypto): support importing ECSDA and ECDH (#13088)
Co-authored-by: Luca Casonato <hello@lcas.dev>
This commit is contained in:
parent
8efe829fca
commit
60faf7a0ed
11 changed files with 1101 additions and 138 deletions
16
Cargo.lock
generated
16
Cargo.lock
generated
|
@ -226,6 +226,12 @@ version = "0.13.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
|
checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "base64ct"
|
||||||
|
version = "1.1.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "e6b4d9b1225d28d360ec6a231d65af1fd99a2a095154c8040689617290569c5c"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "bencher"
|
name = "bencher"
|
||||||
version = "0.1.5"
|
version = "0.1.5"
|
||||||
|
@ -2490,6 +2496,15 @@ dependencies = [
|
||||||
"winapi 0.3.9",
|
"winapi 0.3.9",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "pem-rfc7468"
|
||||||
|
version = "0.2.4"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "84e93a3b1cc0510b03020f33f21e62acdde3dcaef432edc95bea377fbd4c2cd4"
|
||||||
|
dependencies = [
|
||||||
|
"base64ct",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "percent-encoding"
|
name = "percent-encoding"
|
||||||
version = "2.1.0"
|
version = "2.1.0"
|
||||||
|
@ -2618,6 +2633,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447"
|
checksum = "ee3ef9b64d26bad0536099c816c6734379e45bbd5f14798def6809e5cc350447"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"der",
|
"der",
|
||||||
|
"pem-rfc7468",
|
||||||
"pkcs1",
|
"pkcs1",
|
||||||
"spki",
|
"spki",
|
||||||
"zeroize",
|
"zeroize",
|
||||||
|
|
|
@ -1027,3 +1027,286 @@ Deno.test(async function testImportRsaJwk() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const jwtECKeys = {
|
||||||
|
"256": {
|
||||||
|
size: 256,
|
||||||
|
algo: "ES256",
|
||||||
|
publicJWK: {
|
||||||
|
kty: "EC",
|
||||||
|
crv: "P-256",
|
||||||
|
x: "0hCwpvnZ8BKGgFi0P6T0cQGFQ7ugDJJQ35JXwqyuXdE",
|
||||||
|
y: "zgN1UtSBRQzjm00QlXAbF1v6s0uObAmeGPHBmDWDYeg",
|
||||||
|
},
|
||||||
|
privateJWK: {
|
||||||
|
kty: "EC",
|
||||||
|
crv: "P-256",
|
||||||
|
x: "0hCwpvnZ8BKGgFi0P6T0cQGFQ7ugDJJQ35JXwqyuXdE",
|
||||||
|
y: "zgN1UtSBRQzjm00QlXAbF1v6s0uObAmeGPHBmDWDYeg",
|
||||||
|
d: "E9M6LVq_nPnrsh_4YNSu_m5W53eQ9N7ptAiE69M1ROo",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"384": {
|
||||||
|
size: 384,
|
||||||
|
algo: "ES384",
|
||||||
|
publicJWK: {
|
||||||
|
kty: "EC",
|
||||||
|
crv: "P-384",
|
||||||
|
x: "IZwU1mYXs27G2IVrOFtzp000T9iude8EZDXdpU47RL1fvevR0I3Wni19wdwhjLQ1",
|
||||||
|
y: "vSgTjMd4M3qEL2vWGyQOdCSfJGZ8KlgQp2v8KOAzX4imUB3sAZdtqFr7AIactqzo",
|
||||||
|
},
|
||||||
|
privateJWK: {
|
||||||
|
kty: "EC",
|
||||||
|
crv: "P-384",
|
||||||
|
x: "IZwU1mYXs27G2IVrOFtzp000T9iude8EZDXdpU47RL1fvevR0I3Wni19wdwhjLQ1",
|
||||||
|
y: "vSgTjMd4M3qEL2vWGyQOdCSfJGZ8KlgQp2v8KOAzX4imUB3sAZdtqFr7AIactqzo",
|
||||||
|
d: "RTe1mQeE08LSLpao-S-hqkku6HPldqQVguFEGDyYiNEOa560ztSyzEAS5KxeqEBz",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
type JWK = Record<string, string>;
|
||||||
|
|
||||||
|
function _equalJwk(expected: JWK, got: JWK): boolean {
|
||||||
|
const fields = Object.keys(expected);
|
||||||
|
|
||||||
|
for (let i = 0; i < fields.length; i++) {
|
||||||
|
const fieldName = fields[i];
|
||||||
|
|
||||||
|
if (!(fieldName in got)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (expected[fieldName] !== got[fieldName]) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
Deno.test(async function testImportExportEcDsaJwk() {
|
||||||
|
const subtle = crypto.subtle;
|
||||||
|
assert(subtle);
|
||||||
|
|
||||||
|
for (
|
||||||
|
const [_key, keyData] of Object.entries(jwtECKeys)
|
||||||
|
) {
|
||||||
|
const { size, publicJWK, privateJWK, algo } = keyData;
|
||||||
|
if (size != 256) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 1. Test import EcDsa
|
||||||
|
const privateKeyECDSA = await subtle.importKey(
|
||||||
|
"jwk",
|
||||||
|
{
|
||||||
|
alg: algo,
|
||||||
|
...privateJWK,
|
||||||
|
ext: true,
|
||||||
|
"key_ops": ["sign"],
|
||||||
|
},
|
||||||
|
{ name: "ECDSA", namedCurve: privateJWK.crv },
|
||||||
|
true,
|
||||||
|
["sign"],
|
||||||
|
);
|
||||||
|
/*const expPrivateKeyJWK = await subtle.exportKey(
|
||||||
|
"jwk",
|
||||||
|
privateKeyECDSA,
|
||||||
|
);
|
||||||
|
assert(equalJwk(privateJWK, expPrivateKeyJWK as JWK));*/
|
||||||
|
|
||||||
|
const publicKeyECDSA = await subtle.importKey(
|
||||||
|
"jwk",
|
||||||
|
{
|
||||||
|
alg: algo,
|
||||||
|
...publicJWK,
|
||||||
|
ext: true,
|
||||||
|
"key_ops": ["verify"],
|
||||||
|
},
|
||||||
|
{ name: "ECDSA", namedCurve: publicJWK.crv },
|
||||||
|
true,
|
||||||
|
["verify"],
|
||||||
|
);
|
||||||
|
|
||||||
|
/*const expPublicKeyJWK = await subtle.exportKey(
|
||||||
|
"jwk",
|
||||||
|
publicKeyECDSA,
|
||||||
|
);
|
||||||
|
|
||||||
|
assert(equalJwk(publicJWK, expPublicKeyJWK as JWK));*/
|
||||||
|
|
||||||
|
const signatureECDSA = await subtle.sign(
|
||||||
|
{ name: "ECDSA", hash: "SHA-256" },
|
||||||
|
privateKeyECDSA,
|
||||||
|
new Uint8Array([1, 2, 3, 4]),
|
||||||
|
);
|
||||||
|
|
||||||
|
const verifyECDSA = await subtle.verify(
|
||||||
|
{ name: "ECDSA", hash: "SHA-256" },
|
||||||
|
publicKeyECDSA,
|
||||||
|
signatureECDSA,
|
||||||
|
new Uint8Array([1, 2, 3, 4]),
|
||||||
|
);
|
||||||
|
assert(verifyECDSA);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
Deno.test(async function testImportEcDhJwk() {
|
||||||
|
const subtle = crypto.subtle;
|
||||||
|
assert(subtle);
|
||||||
|
|
||||||
|
for (
|
||||||
|
const [_key, jwkData] of Object.entries(jwtECKeys)
|
||||||
|
) {
|
||||||
|
const { size, publicJWK, privateJWK } = jwkData;
|
||||||
|
if (size != 256) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 1. Test import EcDsa
|
||||||
|
const privateKeyECDH = await subtle.importKey(
|
||||||
|
"jwk",
|
||||||
|
{
|
||||||
|
...privateJWK,
|
||||||
|
ext: true,
|
||||||
|
"key_ops": ["deriveBits"],
|
||||||
|
},
|
||||||
|
{ name: "ECDH", namedCurve: privateJWK.crv },
|
||||||
|
true,
|
||||||
|
["deriveBits"],
|
||||||
|
);
|
||||||
|
|
||||||
|
/* const expPrivateKeyJWK = await subtle.exportKey(
|
||||||
|
"jwk",
|
||||||
|
privateKeyECDH,
|
||||||
|
);
|
||||||
|
assert(equalJwk(privateJWK, expPrivateKeyJWK as JWK));*/
|
||||||
|
|
||||||
|
const publicKeyECDH = await subtle.importKey(
|
||||||
|
"jwk",
|
||||||
|
{
|
||||||
|
...publicJWK,
|
||||||
|
ext: true,
|
||||||
|
"key_ops": [],
|
||||||
|
},
|
||||||
|
{ name: "ECDH", namedCurve: publicJWK.crv },
|
||||||
|
true,
|
||||||
|
[],
|
||||||
|
);
|
||||||
|
/* const expPublicKeyJWK = await subtle.exportKey(
|
||||||
|
"jwk",
|
||||||
|
publicKeyECDH,
|
||||||
|
);
|
||||||
|
assert(equalJwk(publicJWK, expPublicKeyJWK as JWK));*/
|
||||||
|
|
||||||
|
const derivedKey = await subtle.deriveBits(
|
||||||
|
{
|
||||||
|
name: "ECDH",
|
||||||
|
public: publicKeyECDH,
|
||||||
|
},
|
||||||
|
privateKeyECDH,
|
||||||
|
256,
|
||||||
|
);
|
||||||
|
|
||||||
|
assert(derivedKey instanceof ArrayBuffer);
|
||||||
|
assertEquals(derivedKey.byteLength, 256 / 8);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
const ecTestKeys = {
|
||||||
|
"256": {
|
||||||
|
size: 256,
|
||||||
|
namedCurve: "P-256",
|
||||||
|
// deno-fmt-ignore
|
||||||
|
spki: new Uint8Array([
|
||||||
|
48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206,
|
||||||
|
61, 3, 1, 7, 3, 66, 0, 4, 210, 16, 176, 166, 249, 217, 240, 18, 134, 128,
|
||||||
|
88, 180, 63, 164, 244, 113, 1, 133, 67, 187, 160, 12, 146, 80, 223, 146,
|
||||||
|
87, 194, 172, 174, 93, 209, 206, 3, 117, 82, 212, 129, 69, 12, 227, 155,
|
||||||
|
77, 16, 149, 112, 27, 23, 91, 250, 179, 75, 142, 108, 9, 158, 24, 241,
|
||||||
|
193, 152, 53, 131, 97, 232,
|
||||||
|
]),
|
||||||
|
// deno-fmt-ignore
|
||||||
|
pkcs8: new Uint8Array([
|
||||||
|
48, 129, 135, 2, 1, 0, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42,
|
||||||
|
134, 72, 206, 61, 3, 1, 7, 4, 109, 48, 107, 2, 1, 1, 4, 32, 19, 211, 58,
|
||||||
|
45, 90, 191, 156, 249, 235, 178, 31, 248, 96, 212, 174, 254, 110, 86, 231,
|
||||||
|
119, 144, 244, 222, 233, 180, 8, 132, 235, 211, 53, 68, 234, 161, 68, 3,
|
||||||
|
66, 0, 4, 210, 16, 176, 166, 249, 217, 240, 18, 134, 128, 88, 180, 63,
|
||||||
|
164, 244, 113, 1, 133, 67, 187, 160, 12, 146, 80, 223, 146, 87, 194, 172,
|
||||||
|
174, 93, 209, 206, 3, 117, 82, 212, 129, 69, 12, 227, 155, 77, 16, 149,
|
||||||
|
112, 27, 23, 91, 250, 179, 75, 142, 108, 9, 158, 24, 241, 193, 152, 53,
|
||||||
|
131, 97, 232,
|
||||||
|
]),
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
Deno.test(async function testImportEcSpkiPkcs8() {
|
||||||
|
const subtle = window.crypto.subtle;
|
||||||
|
assert(subtle);
|
||||||
|
|
||||||
|
for (
|
||||||
|
const [_key, keyData] of Object.entries(ecTestKeys)
|
||||||
|
) {
|
||||||
|
const { size, namedCurve, spki, pkcs8 } = keyData;
|
||||||
|
if (size != 256) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
const privateKeyECDSA = await subtle.importKey(
|
||||||
|
"pkcs8",
|
||||||
|
pkcs8,
|
||||||
|
{ name: "ECDSA", namedCurve },
|
||||||
|
true,
|
||||||
|
["sign"],
|
||||||
|
);
|
||||||
|
|
||||||
|
/*const expPrivateKeyPKCS8 = await subtle.exportKey(
|
||||||
|
"pkcs8",
|
||||||
|
privateKeyECDSA,
|
||||||
|
);
|
||||||
|
|
||||||
|
assertEquals(new Uint8Array(expPrivateKeyPKCS8), pkcs8);*/
|
||||||
|
|
||||||
|
const publicKeyECDSA = await subtle.importKey(
|
||||||
|
"spki",
|
||||||
|
spki,
|
||||||
|
{ name: "ECDSA", namedCurve },
|
||||||
|
true,
|
||||||
|
["verify"],
|
||||||
|
);
|
||||||
|
|
||||||
|
for (
|
||||||
|
const hash of [/*"SHA-1", */ "SHA-256" /*"SHA-384", "SHA-512"*/]
|
||||||
|
) {
|
||||||
|
console.log(hash);
|
||||||
|
|
||||||
|
const signatureECDSA = await subtle.sign(
|
||||||
|
{ name: "ECDSA", hash },
|
||||||
|
privateKeyECDSA,
|
||||||
|
new Uint8Array([1, 2, 3, 4]),
|
||||||
|
);
|
||||||
|
|
||||||
|
const verifyECDSA = await subtle.verify(
|
||||||
|
{ name: "ECDSA", hash },
|
||||||
|
publicKeyECDSA,
|
||||||
|
signatureECDSA,
|
||||||
|
new Uint8Array([1, 2, 3, 4]),
|
||||||
|
);
|
||||||
|
assert(verifyECDSA);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*const expPublicKeySPKI = await subtle.exportKey(
|
||||||
|
"spki",
|
||||||
|
publicKeyECDSA,
|
||||||
|
);
|
||||||
|
|
||||||
|
assertEquals(new Uint8Array(expPublicKeySPKI), spki);
|
||||||
|
|
||||||
|
/*const expPrivateKeySPKI = await subtle.exportKey(
|
||||||
|
"spki",
|
||||||
|
privateKeyECDSA,
|
||||||
|
);
|
||||||
|
assertEquals(new Uint8Array(expPrivateKeySPKI), spki);*/
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
|
@ -108,6 +108,8 @@
|
||||||
"RSASSA-PKCS1-v1_5": "RsaHashedImportParams",
|
"RSASSA-PKCS1-v1_5": "RsaHashedImportParams",
|
||||||
"RSA-PSS": "RsaHashedImportParams",
|
"RSA-PSS": "RsaHashedImportParams",
|
||||||
"RSA-OAEP": "RsaHashedImportParams",
|
"RSA-OAEP": "RsaHashedImportParams",
|
||||||
|
"ECDSA": "EcImportParams",
|
||||||
|
"ECDH": "EcImportParams",
|
||||||
"HMAC": "HmacImportParams",
|
"HMAC": "HmacImportParams",
|
||||||
"HKDF": null,
|
"HKDF": null,
|
||||||
"PBKDF2": null,
|
"PBKDF2": null,
|
||||||
|
@ -796,8 +798,9 @@
|
||||||
keyUsages,
|
keyUsages,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
case "ECDH":
|
||||||
case "ECDSA": {
|
case "ECDSA": {
|
||||||
return importKeyECDSA(
|
return importKeyEC(
|
||||||
format,
|
format,
|
||||||
normalizedAlgorithm,
|
normalizedAlgorithm,
|
||||||
keyData,
|
keyData,
|
||||||
|
@ -1144,6 +1147,7 @@
|
||||||
}
|
}
|
||||||
// 2.
|
// 2.
|
||||||
const hash = normalizedAlgorithm.hash.name;
|
const hash = normalizedAlgorithm.hash.name;
|
||||||
|
|
||||||
// 3-8.
|
// 3-8.
|
||||||
return await core.opAsync("op_crypto_verify_key", {
|
return await core.opAsync("op_crypto_verify_key", {
|
||||||
key: keyData,
|
key: keyData,
|
||||||
|
@ -2195,13 +2199,28 @@
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
|
||||||
function importKeyECDSA(
|
const SUPPORTED_EC_KEY_USAGES = {
|
||||||
|
"ECDSA": {
|
||||||
|
public: ["verify"],
|
||||||
|
private: ["sign"],
|
||||||
|
jwtUse: "sig",
|
||||||
|
},
|
||||||
|
"ECDH": {
|
||||||
|
public: [],
|
||||||
|
private: ["deriveKey", "deriveBits"],
|
||||||
|
jwtUse: "enc",
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
function importKeyEC(
|
||||||
format,
|
format,
|
||||||
normalizedAlgorithm,
|
normalizedAlgorithm,
|
||||||
keyData,
|
keyData,
|
||||||
extractable,
|
extractable,
|
||||||
keyUsages,
|
keyUsages,
|
||||||
) {
|
) {
|
||||||
|
const supportedUsages = SUPPORTED_EC_KEY_USAGES[normalizedAlgorithm.name];
|
||||||
|
|
||||||
switch (format) {
|
switch (format) {
|
||||||
case "raw": {
|
case "raw": {
|
||||||
// 1.
|
// 1.
|
||||||
|
@ -2221,7 +2240,7 @@
|
||||||
if (
|
if (
|
||||||
ArrayPrototypeFind(
|
ArrayPrototypeFind(
|
||||||
keyUsages,
|
keyUsages,
|
||||||
(u) => !ArrayPrototypeIncludes(["verify"], u),
|
(u) => !ArrayPrototypeIncludes(supportedUsages.public, u),
|
||||||
) !== undefined
|
) !== undefined
|
||||||
) {
|
) {
|
||||||
throw new DOMException("Invalid key usages", "SyntaxError");
|
throw new DOMException("Invalid key usages", "SyntaxError");
|
||||||
|
@ -2229,7 +2248,7 @@
|
||||||
|
|
||||||
// 3.
|
// 3.
|
||||||
const { rawData } = core.opSync("op_crypto_import_key", {
|
const { rawData } = core.opSync("op_crypto_import_key", {
|
||||||
algorithm: "ECDSA",
|
algorithm: normalizedAlgorithm.name,
|
||||||
namedCurve: normalizedAlgorithm.namedCurve,
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
}, { raw: keyData });
|
}, { raw: keyData });
|
||||||
|
|
||||||
|
@ -2238,7 +2257,7 @@
|
||||||
|
|
||||||
// 4-5.
|
// 4-5.
|
||||||
const algorithm = {
|
const algorithm = {
|
||||||
name: "ECDSA",
|
name: normalizedAlgorithm.name,
|
||||||
namedCurve: normalizedAlgorithm.namedCurve,
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2253,6 +2272,248 @@
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
case "pkcs8": {
|
||||||
|
// 1.
|
||||||
|
if (
|
||||||
|
ArrayPrototypeFind(
|
||||||
|
keyUsages,
|
||||||
|
(u) => !ArrayPrototypeIncludes(supportedUsages.private, u),
|
||||||
|
) !== undefined
|
||||||
|
) {
|
||||||
|
throw new DOMException("Invalid key usages", "SyntaxError");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 2-9.
|
||||||
|
const { rawData } = core.opSync("op_crypto_import_key", {
|
||||||
|
algorithm: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
}, { pkcs8: keyData });
|
||||||
|
|
||||||
|
const handle = {};
|
||||||
|
WeakMapPrototypeSet(KEY_STORE, handle, rawData);
|
||||||
|
|
||||||
|
const algorithm = {
|
||||||
|
name: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
};
|
||||||
|
|
||||||
|
const key = constructKey(
|
||||||
|
"private",
|
||||||
|
extractable,
|
||||||
|
usageIntersection(keyUsages, recognisedUsages),
|
||||||
|
algorithm,
|
||||||
|
handle,
|
||||||
|
);
|
||||||
|
|
||||||
|
return key;
|
||||||
|
}
|
||||||
|
case "spki": {
|
||||||
|
// 1.
|
||||||
|
if (normalizedAlgorithm.name == "ECDSA") {
|
||||||
|
if (
|
||||||
|
ArrayPrototypeFind(
|
||||||
|
keyUsages,
|
||||||
|
(u) => !ArrayPrototypeIncludes(supportedUsages.public, u),
|
||||||
|
) !== undefined
|
||||||
|
) {
|
||||||
|
throw new DOMException("Invalid key usages", "SyntaxError");
|
||||||
|
}
|
||||||
|
} else if (keyUsages.length != 0) {
|
||||||
|
throw new DOMException("Key usage must be empty", "SyntaxError");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 2-12
|
||||||
|
const { rawData } = core.opSync("op_crypto_import_key", {
|
||||||
|
algorithm: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
}, { spki: keyData });
|
||||||
|
|
||||||
|
const handle = {};
|
||||||
|
WeakMapPrototypeSet(KEY_STORE, handle, rawData);
|
||||||
|
|
||||||
|
const algorithm = {
|
||||||
|
name: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
};
|
||||||
|
|
||||||
|
// 6-8.
|
||||||
|
const key = constructKey(
|
||||||
|
"public",
|
||||||
|
extractable,
|
||||||
|
usageIntersection(keyUsages, recognisedUsages),
|
||||||
|
algorithm,
|
||||||
|
handle,
|
||||||
|
);
|
||||||
|
|
||||||
|
return key;
|
||||||
|
}
|
||||||
|
case "jwk": {
|
||||||
|
const jwk = keyData;
|
||||||
|
|
||||||
|
const keyType = (jwk.d !== undefined) ? "private" : "public";
|
||||||
|
|
||||||
|
// 2.
|
||||||
|
if (
|
||||||
|
ArrayPrototypeFind(
|
||||||
|
keyUsages,
|
||||||
|
(u) => !ArrayPrototypeIncludes(supportedUsages[keyType], u),
|
||||||
|
) !== undefined
|
||||||
|
) {
|
||||||
|
throw new DOMException("Invalid key usages", "SyntaxError");
|
||||||
|
}
|
||||||
|
|
||||||
|
// 3.
|
||||||
|
if (jwk.kty !== "EC") {
|
||||||
|
throw new DOMException(
|
||||||
|
"'kty' property of JsonWebKey must be 'EC'",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 4.
|
||||||
|
if (
|
||||||
|
keyUsages.length > 0 && jwk.use !== undefined &&
|
||||||
|
jwk.use !== supportedUsages.jwkUse
|
||||||
|
) {
|
||||||
|
throw new DOMException(
|
||||||
|
`'use' property of JsonWebKey must be '${supportedUsages.jwkUse}'`,
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 5.
|
||||||
|
// Section 4.3 of RFC7517
|
||||||
|
if (jwk.key_ops !== undefined) {
|
||||||
|
if (
|
||||||
|
ArrayPrototypeFind(
|
||||||
|
jwk.key_ops,
|
||||||
|
(u) => !ArrayPrototypeIncludes(recognisedUsages, u),
|
||||||
|
) !== undefined
|
||||||
|
) {
|
||||||
|
throw new DOMException(
|
||||||
|
"'key_ops' member of JsonWebKey is invalid",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (
|
||||||
|
!ArrayPrototypeEvery(
|
||||||
|
jwk.key_ops,
|
||||||
|
(u) => ArrayPrototypeIncludes(keyUsages, u),
|
||||||
|
)
|
||||||
|
) {
|
||||||
|
throw new DOMException(
|
||||||
|
"'key_ops' member of JsonWebKey is invalid",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// 6.
|
||||||
|
if (jwk.ext === false && extractable === true) {
|
||||||
|
throw new DOMException(
|
||||||
|
"'ext' property of JsonWebKey must not be false if extractable is true",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 9.
|
||||||
|
if (jwk.alg !== undefined && normalizedAlgorithm.name == "ECDSA") {
|
||||||
|
let algNamedCurve;
|
||||||
|
|
||||||
|
switch (jwk.alg) {
|
||||||
|
case "ES256": {
|
||||||
|
algNamedCurve = "P-256";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case "ES384": {
|
||||||
|
algNamedCurve = "P-384";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case "ES512": {
|
||||||
|
algNamedCurve = "P-521";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
throw new DOMException(
|
||||||
|
"Curve algorithm not supported",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (algNamedCurve) {
|
||||||
|
if (algNamedCurve !== normalizedAlgorithm.namedCurve) {
|
||||||
|
throw new DOMException(
|
||||||
|
"Mismatched curve algorithm",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate that this is a valid public key.
|
||||||
|
if (jwk.x === undefined) {
|
||||||
|
throw new DOMException(
|
||||||
|
"'x' property of JsonWebKey is required for EC keys",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
if (jwk.y === undefined) {
|
||||||
|
throw new DOMException(
|
||||||
|
"'y' property of JsonWebKey is required for EC keys",
|
||||||
|
"DataError",
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (jwk.d !== undefined) {
|
||||||
|
// it's also a Private key
|
||||||
|
const { rawData } = core.opSync("op_crypto_import_key", {
|
||||||
|
algorithm: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
}, { jwkPrivateEc: jwk });
|
||||||
|
|
||||||
|
const handle = {};
|
||||||
|
WeakMapPrototypeSet(KEY_STORE, handle, rawData);
|
||||||
|
|
||||||
|
const algorithm = {
|
||||||
|
name: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
};
|
||||||
|
|
||||||
|
const key = constructKey(
|
||||||
|
"private",
|
||||||
|
extractable,
|
||||||
|
usageIntersection(keyUsages, recognisedUsages),
|
||||||
|
algorithm,
|
||||||
|
handle,
|
||||||
|
);
|
||||||
|
|
||||||
|
return key;
|
||||||
|
} else {
|
||||||
|
const { rawData } = core.opSync("op_crypto_import_key", {
|
||||||
|
algorithm: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
}, { jwkPublicEc: jwk });
|
||||||
|
|
||||||
|
const handle = {};
|
||||||
|
WeakMapPrototypeSet(KEY_STORE, handle, rawData);
|
||||||
|
|
||||||
|
const algorithm = {
|
||||||
|
name: normalizedAlgorithm.name,
|
||||||
|
namedCurve: normalizedAlgorithm.namedCurve,
|
||||||
|
};
|
||||||
|
|
||||||
|
const key = constructKey(
|
||||||
|
"public",
|
||||||
|
extractable,
|
||||||
|
usageIntersection(keyUsages, recognisedUsages),
|
||||||
|
algorithm,
|
||||||
|
handle,
|
||||||
|
);
|
||||||
|
|
||||||
|
return key;
|
||||||
|
}
|
||||||
|
}
|
||||||
default:
|
default:
|
||||||
throw new DOMException("Not implemented", "NotSupportedError");
|
throw new DOMException("Not implemented", "NotSupportedError");
|
||||||
}
|
}
|
||||||
|
|
|
@ -130,6 +130,18 @@
|
||||||
webidl.converters.EcKeyGenParams = webidl
|
webidl.converters.EcKeyGenParams = webidl
|
||||||
.createDictionaryConverter("EcKeyGenParams", dictEcKeyGenParams);
|
.createDictionaryConverter("EcKeyGenParams", dictEcKeyGenParams);
|
||||||
|
|
||||||
|
const dictEcImportParams = [
|
||||||
|
...dictAlgorithm,
|
||||||
|
{
|
||||||
|
key: "namedCurve",
|
||||||
|
converter: webidl.converters.NamedCurve,
|
||||||
|
required: true,
|
||||||
|
},
|
||||||
|
];
|
||||||
|
|
||||||
|
webidl.converters.EcImportParams = webidl
|
||||||
|
.createDictionaryConverter("EcImportParams", dictEcImportParams);
|
||||||
|
|
||||||
const dictAesKeyGenParams = [
|
const dictAesKeyGenParams = [
|
||||||
...dictAlgorithm,
|
...dictAlgorithm,
|
||||||
{
|
{
|
||||||
|
|
|
@ -19,7 +19,7 @@ base64 = "0.13.0"
|
||||||
block-modes = "0.8.1"
|
block-modes = "0.8.1"
|
||||||
deno_core = { version = "0.110.0", path = "../../core" }
|
deno_core = { version = "0.110.0", path = "../../core" }
|
||||||
deno_web = { version = "0.59.0", path = "../web" }
|
deno_web = { version = "0.59.0", path = "../web" }
|
||||||
elliptic-curve = "0.10.6"
|
elliptic-curve = { version = "0.10.6", features = ["std", "pem"] }
|
||||||
lazy_static = "1.4.0"
|
lazy_static = "1.4.0"
|
||||||
num-traits = "0.2.14"
|
num-traits = "0.2.14"
|
||||||
p256 = { version = "0.9.0", features = ["ecdh"] }
|
p256 = { version = "0.9.0", features = ["ecdh"] }
|
||||||
|
|
|
@ -87,6 +87,7 @@ fn generate_key_ec(named_curve: EcNamedCurve) -> Result<Vec<u8>, AnyError> {
|
||||||
let curve = match named_curve {
|
let curve = match named_curve {
|
||||||
EcNamedCurve::P256 => &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
EcNamedCurve::P256 => &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
||||||
EcNamedCurve::P384 => &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
EcNamedCurve::P384 => &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
||||||
|
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||||
};
|
};
|
||||||
|
|
||||||
let rng = ring::rand::SystemRandom::new();
|
let rng = ring::rand::SystemRandom::new();
|
||||||
|
|
|
@ -1,10 +1,14 @@
|
||||||
use deno_core::error::AnyError;
|
use deno_core::error::AnyError;
|
||||||
use deno_core::OpState;
|
use deno_core::OpState;
|
||||||
use deno_core::ZeroCopyBuf;
|
use deno_core::ZeroCopyBuf;
|
||||||
|
use elliptic_curve::pkcs8::der::Decodable as Pkcs8Decodable;
|
||||||
|
use elliptic_curve::pkcs8::PrivateKeyInfo;
|
||||||
|
use elliptic_curve::sec1::ToEncodedPoint;
|
||||||
|
use p256::pkcs8::FromPrivateKey;
|
||||||
|
use p256::pkcs8::ToPrivateKey;
|
||||||
use rsa::pkcs1::UIntBytes;
|
use rsa::pkcs1::UIntBytes;
|
||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
use spki::der::Decodable;
|
|
||||||
use spki::der::Encodable;
|
use spki::der::Encodable;
|
||||||
|
|
||||||
use crate::shared::*;
|
use crate::shared::*;
|
||||||
|
@ -34,6 +38,15 @@ pub enum KeyData {
|
||||||
dq: String,
|
dq: String,
|
||||||
qi: String,
|
qi: String,
|
||||||
},
|
},
|
||||||
|
JwkPublicEc {
|
||||||
|
x: String,
|
||||||
|
y: String,
|
||||||
|
},
|
||||||
|
JwkPrivateEc {
|
||||||
|
x: String,
|
||||||
|
y: String,
|
||||||
|
d: String,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize)]
|
#[derive(Deserialize)]
|
||||||
|
@ -238,7 +251,7 @@ fn import_key_rsassa(
|
||||||
}
|
}
|
||||||
KeyData::Pkcs8(data) => {
|
KeyData::Pkcs8(data) => {
|
||||||
// 2-3.
|
// 2-3.
|
||||||
let pk_info = rsa::pkcs8::PrivateKeyInfo::from_der(&data)
|
let pk_info = PrivateKeyInfo::from_der(&data)
|
||||||
.map_err(|e| data_error(e.to_string()))?;
|
.map_err(|e| data_error(e.to_string()))?;
|
||||||
|
|
||||||
// 4-5.
|
// 4-5.
|
||||||
|
@ -389,7 +402,7 @@ fn import_key_rsapss(
|
||||||
}
|
}
|
||||||
KeyData::Pkcs8(data) => {
|
KeyData::Pkcs8(data) => {
|
||||||
// 2-3.
|
// 2-3.
|
||||||
let pk_info = rsa::pkcs8::PrivateKeyInfo::from_der(&data)
|
let pk_info = PrivateKeyInfo::from_der(&data)
|
||||||
.map_err(|e| data_error(e.to_string()))?;
|
.map_err(|e| data_error(e.to_string()))?;
|
||||||
|
|
||||||
// 4-5.
|
// 4-5.
|
||||||
|
@ -568,7 +581,7 @@ fn import_key_rsaoaep(
|
||||||
}
|
}
|
||||||
KeyData::Pkcs8(data) => {
|
KeyData::Pkcs8(data) => {
|
||||||
// 2-3.
|
// 2-3.
|
||||||
let pk_info = rsa::pkcs8::PrivateKeyInfo::from_der(&data)
|
let pk_info = PrivateKeyInfo::from_der(&data)
|
||||||
.map_err(|e| data_error(e.to_string()))?;
|
.map_err(|e| data_error(e.to_string()))?;
|
||||||
|
|
||||||
// 4-5.
|
// 4-5.
|
||||||
|
@ -657,11 +670,137 @@ fn import_key_rsaoaep(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn decode_b64url_to_field_bytes<C: elliptic_curve::Curve>(
|
||||||
|
b64: &str,
|
||||||
|
) -> Result<elliptic_curve::FieldBytes<C>, deno_core::anyhow::Error> {
|
||||||
|
jwt_b64_int_or_err!(val, b64, "invalid b64 coordinate");
|
||||||
|
|
||||||
|
let mut bytes = elliptic_curve::FieldBytes::<C>::default();
|
||||||
|
let val = val.as_bytes();
|
||||||
|
if val.len() != bytes.len() {
|
||||||
|
return Err(data_error("invalid b64 coordinate"));
|
||||||
|
}
|
||||||
|
bytes.copy_from_slice(val);
|
||||||
|
|
||||||
|
Ok(bytes)
|
||||||
|
}
|
||||||
|
|
||||||
|
fn import_key_ec_jwk_to_point(
|
||||||
|
x: String,
|
||||||
|
y: String,
|
||||||
|
named_curve: EcNamedCurve,
|
||||||
|
) -> Result<Vec<u8>, deno_core::anyhow::Error> {
|
||||||
|
let point_bytes = match named_curve {
|
||||||
|
EcNamedCurve::P256 => {
|
||||||
|
let x = decode_b64url_to_field_bytes::<p256::NistP256>(&x)?;
|
||||||
|
let y = decode_b64url_to_field_bytes::<p256::NistP256>(&y)?;
|
||||||
|
|
||||||
|
p256::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
|
||||||
|
}
|
||||||
|
EcNamedCurve::P384 => {
|
||||||
|
let x = decode_b64url_to_field_bytes::<p384::NistP384>(&x)?;
|
||||||
|
let y = decode_b64url_to_field_bytes::<p384::NistP384>(&y)?;
|
||||||
|
|
||||||
|
p384::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
|
||||||
|
}
|
||||||
|
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||||
|
};
|
||||||
|
|
||||||
|
Ok(point_bytes.to_vec())
|
||||||
|
}
|
||||||
|
|
||||||
|
fn import_key_ec_jwk(
|
||||||
|
key_data: KeyData,
|
||||||
|
named_curve: EcNamedCurve,
|
||||||
|
) -> Result<ImportKeyResult, deno_core::anyhow::Error> {
|
||||||
|
match key_data {
|
||||||
|
KeyData::JwkPublicEc { x, y } => {
|
||||||
|
let point_bytes = import_key_ec_jwk_to_point(x, y, named_curve)?;
|
||||||
|
|
||||||
|
Ok(ImportKeyResult::Ec {
|
||||||
|
raw_data: RawKeyData::Public(point_bytes.to_vec().into()),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
KeyData::JwkPrivateEc { d, x, y } => {
|
||||||
|
let point_bytes = import_key_ec_jwk_to_point(x, y, named_curve)?;
|
||||||
|
|
||||||
|
let secret_key_der = match named_curve {
|
||||||
|
EcNamedCurve::P256 => {
|
||||||
|
let d = decode_b64url_to_field_bytes::<p256::NistP256>(&d)?;
|
||||||
|
let secret_key = p256::SecretKey::from_bytes(&d)?;
|
||||||
|
ToPrivateKey::to_pkcs8_der(&secret_key).unwrap()
|
||||||
|
}
|
||||||
|
//@todo(sean) - build p384 secret key from jwk, when crate implements to_pkcs8_der
|
||||||
|
//Problem: p384 crate does not implement ProjectiveArithmetic
|
||||||
|
/*EcNamedCurve::P384 => {
|
||||||
|
let secret_key = p384::SecretKey::from_be_bytes(&d)?;
|
||||||
|
|
||||||
|
secret_key.to_pkcs8_der().unwrap()
|
||||||
|
}*/
|
||||||
|
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||||
|
};
|
||||||
|
|
||||||
|
let oid =
|
||||||
|
<p256::NistP256 as p256::elliptic_curve::AlgorithmParameters>::OID;
|
||||||
|
|
||||||
|
let pki = p256::pkcs8::PrivateKeyInfo::new(
|
||||||
|
p256::pkcs8::AlgorithmIdentifier {
|
||||||
|
oid,
|
||||||
|
parameters: None,
|
||||||
|
},
|
||||||
|
secret_key_der.as_ref(),
|
||||||
|
);
|
||||||
|
|
||||||
|
let pki = p256::pkcs8::PrivateKeyInfo {
|
||||||
|
public_key: Some(&point_bytes),
|
||||||
|
..pki
|
||||||
|
};
|
||||||
|
|
||||||
|
Ok(ImportKeyResult::Ec {
|
||||||
|
raw_data: RawKeyData::Private(pki.private_key.to_vec().into()),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
_ => unreachable!(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct ECParametersPkcs8 {
|
||||||
|
pub named_curve_alg: p256::pkcs8::der::asn1::ObjectIdentifier,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl<'a> TryFrom<p256::pkcs8::der::asn1::Any<'a>> for ECParametersPkcs8 {
|
||||||
|
type Error = p256::pkcs8::der::Error;
|
||||||
|
|
||||||
|
fn try_from(
|
||||||
|
any: p256::pkcs8::der::asn1::Any<'a>,
|
||||||
|
) -> p256::pkcs8::der::Result<ECParametersPkcs8> {
|
||||||
|
let x = any.oid()?;
|
||||||
|
|
||||||
|
Ok(Self { named_curve_alg: x })
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct ECParametersSpki {
|
||||||
|
pub named_curve_alg: spki::der::asn1::ObjectIdentifier,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl<'a> TryFrom<spki::der::asn1::Any<'a>> for ECParametersSpki {
|
||||||
|
type Error = spki::der::Error;
|
||||||
|
|
||||||
|
fn try_from(
|
||||||
|
any: spki::der::asn1::Any<'a>,
|
||||||
|
) -> spki::der::Result<ECParametersSpki> {
|
||||||
|
let x = any.oid()?;
|
||||||
|
|
||||||
|
Ok(Self { named_curve_alg: x })
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fn import_key_ec(
|
fn import_key_ec(
|
||||||
key_data: KeyData,
|
key_data: KeyData,
|
||||||
named_curve: EcNamedCurve,
|
named_curve: EcNamedCurve,
|
||||||
) -> Result<ImportKeyResult, AnyError> {
|
) -> Result<ImportKeyResult, AnyError> {
|
||||||
Ok(match key_data {
|
match key_data {
|
||||||
KeyData::Raw(data) => {
|
KeyData::Raw(data) => {
|
||||||
// The point is parsed and validated, ultimately the original data is
|
// The point is parsed and validated, ultimately the original data is
|
||||||
// returned though.
|
// returned though.
|
||||||
|
@ -684,13 +823,179 @@ fn import_key_ec(
|
||||||
return Err(data_error("invalid P-384 eliptic curve point"));
|
return Err(data_error("invalid P-384 eliptic curve point"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||||
};
|
};
|
||||||
ImportKeyResult::Ec {
|
Ok(ImportKeyResult::Ec {
|
||||||
raw_data: RawKeyData::Public(data),
|
raw_data: RawKeyData::Public(data),
|
||||||
}
|
|
||||||
}
|
|
||||||
_ => return Err(unsupported_format()),
|
|
||||||
})
|
})
|
||||||
|
}
|
||||||
|
KeyData::Pkcs8(data) => {
|
||||||
|
// 2-3.
|
||||||
|
let pk_info = PrivateKeyInfo::from_der(&data)
|
||||||
|
.map_err(|e| data_error(e.to_string()))?;
|
||||||
|
|
||||||
|
// 4-5.
|
||||||
|
let alg = pk_info.algorithm.oid;
|
||||||
|
// id-ecPublicKey
|
||||||
|
if alg != elliptic_curve::ALGORITHM_OID {
|
||||||
|
return Err(data_error("unsupported algorithm"));
|
||||||
|
}
|
||||||
|
|
||||||
|
// 5-7.
|
||||||
|
let params = ECParametersPkcs8::try_from(
|
||||||
|
pk_info
|
||||||
|
.algorithm
|
||||||
|
.parameters
|
||||||
|
.ok_or_else(|| data_error("malformed parameters"))?,
|
||||||
|
)
|
||||||
|
.map_err(|_| data_error("malformed parameters"))?;
|
||||||
|
|
||||||
|
// 8-9.
|
||||||
|
let pk_named_curve = match params.named_curve_alg {
|
||||||
|
// id-secp256r1
|
||||||
|
ID_SECP256R1_OID => Some(EcNamedCurve::P256),
|
||||||
|
// id-secp384r1
|
||||||
|
ID_SECP384R1_OID => Some(EcNamedCurve::P384),
|
||||||
|
// id-secp384r1
|
||||||
|
ID_SECP521R1_OID => Some(EcNamedCurve::P521),
|
||||||
|
_ => None,
|
||||||
|
};
|
||||||
|
|
||||||
|
// 10.
|
||||||
|
if let Some(pk_named_curve) = pk_named_curve {
|
||||||
|
match pk_named_curve {
|
||||||
|
EcNamedCurve::P256 => {
|
||||||
|
let secret_key =
|
||||||
|
p256::SecretKey::from_pkcs8_der(&data).map_err(|_| {
|
||||||
|
data_error("invalid P-256 elliptic curve PKCS8 data")
|
||||||
|
})?;
|
||||||
|
|
||||||
|
let point =
|
||||||
|
secret_key.public_key().as_affine().to_encoded_point(false);
|
||||||
|
|
||||||
|
// 12 - not sure if this is correct.
|
||||||
|
if point.is_identity() {
|
||||||
|
return Err(data_error("Invalid key data"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//@todo(sean) Validate P384 secret-key on import(pkcs8)
|
||||||
|
//Problem: Nist384 Curve from p384 crate does not implement ProjectiveArithmetic
|
||||||
|
//so cannot extract PublicKey from SecretKey.
|
||||||
|
/*EcNamedCurve::P384 => {
|
||||||
|
let secret_key =
|
||||||
|
p384::SecretKey::from_pkcs8_der(&data).unwrap();
|
||||||
|
|
||||||
|
let point =
|
||||||
|
secret_key.public_key().as_affine().to_encoded_point(false);
|
||||||
|
// 3.
|
||||||
|
if point.is_identity() {
|
||||||
|
return Err(type_error("Invalid key data".to_string()));
|
||||||
|
}
|
||||||
|
}*/
|
||||||
|
_ => return Err(data_error("Unsupported named curve")),
|
||||||
|
}
|
||||||
|
// 11.
|
||||||
|
if named_curve != pk_named_curve {
|
||||||
|
return Err(data_error("curve mismatch"));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return Err(data_error("Unsupported named curve"));
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(ImportKeyResult::Ec {
|
||||||
|
raw_data: RawKeyData::Private(data),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
KeyData::Spki(data) => {
|
||||||
|
// 2-3.
|
||||||
|
let pk_info = spki::SubjectPublicKeyInfo::from_der(&data)
|
||||||
|
.map_err(|e| data_error(e.to_string()))?;
|
||||||
|
|
||||||
|
// 4.
|
||||||
|
let alg = pk_info.algorithm.oid;
|
||||||
|
// id-ecPublicKey
|
||||||
|
if alg != elliptic_curve::ALGORITHM_OID {
|
||||||
|
return Err(data_error("unsupported algorithm"));
|
||||||
|
}
|
||||||
|
|
||||||
|
// 5-7.
|
||||||
|
let params = ECParametersSpki::try_from(
|
||||||
|
pk_info
|
||||||
|
.algorithm
|
||||||
|
.parameters
|
||||||
|
.ok_or_else(|| data_error("malformed parameters"))?,
|
||||||
|
)
|
||||||
|
.map_err(|_| data_error("malformed parameters"))?;
|
||||||
|
|
||||||
|
// 8-9.
|
||||||
|
let named_curve_alg = params.named_curve_alg;
|
||||||
|
let pk_named_curve = match named_curve_alg {
|
||||||
|
// id-secp256r1
|
||||||
|
ID_SECP256R1_OID => Some(EcNamedCurve::P256),
|
||||||
|
// id-secp384r1
|
||||||
|
ID_SECP384R1_OID => Some(EcNamedCurve::P384),
|
||||||
|
// id-secp521r1
|
||||||
|
ID_SECP521R1_OID => Some(EcNamedCurve::P521),
|
||||||
|
_ => None,
|
||||||
|
};
|
||||||
|
|
||||||
|
// 10.
|
||||||
|
let encoded_key;
|
||||||
|
|
||||||
|
if let Some(pk_named_curve) = pk_named_curve {
|
||||||
|
let pk = pk_info.subject_public_key;
|
||||||
|
|
||||||
|
encoded_key = pk.to_vec();
|
||||||
|
|
||||||
|
let bytes_consumed = match named_curve {
|
||||||
|
EcNamedCurve::P256 => {
|
||||||
|
let point =
|
||||||
|
p256::EncodedPoint::from_bytes(&*encoded_key).map_err(|_| {
|
||||||
|
data_error("invalid P-256 eliptic curve SPKI data")
|
||||||
|
})?;
|
||||||
|
|
||||||
|
if point.is_identity() {
|
||||||
|
return Err(data_error("invalid P-256 eliptic curve point"));
|
||||||
|
}
|
||||||
|
|
||||||
|
point.as_bytes().len()
|
||||||
|
}
|
||||||
|
EcNamedCurve::P384 => {
|
||||||
|
let point =
|
||||||
|
p384::EncodedPoint::from_bytes(&*encoded_key).map_err(|_| {
|
||||||
|
data_error("invalid P-384 eliptic curve SPKI data")
|
||||||
|
})?;
|
||||||
|
|
||||||
|
if point.is_identity() {
|
||||||
|
return Err(data_error("invalid P-384 eliptic curve point"));
|
||||||
|
}
|
||||||
|
|
||||||
|
point.as_bytes().len()
|
||||||
|
}
|
||||||
|
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||||
|
};
|
||||||
|
|
||||||
|
if bytes_consumed != pk_info.subject_public_key.len() {
|
||||||
|
return Err(data_error("public key is invalid (too long)"));
|
||||||
|
}
|
||||||
|
|
||||||
|
// 11.
|
||||||
|
if named_curve != pk_named_curve {
|
||||||
|
return Err(data_error("curve mismatch"));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return Err(data_error("Unsupported named curve"));
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(ImportKeyResult::Ec {
|
||||||
|
raw_data: RawKeyData::Public(encoded_key.to_vec().into()),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
KeyData::JwkPublicEc { .. } | KeyData::JwkPrivateEc { .. } => {
|
||||||
|
import_key_ec_jwk(key_data, named_curve)
|
||||||
|
}
|
||||||
|
_ => Err(unsupported_format()),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn import_key_aes(key_data: KeyData) -> Result<ImportKeyResult, AnyError> {
|
fn import_key_aes(key_data: KeyData) -> Result<ImportKeyResult, AnyError> {
|
||||||
|
|
16
ext/crypto/lib.deno_crypto.d.ts
vendored
16
ext/crypto/lib.deno_crypto.d.ts
vendored
|
@ -71,6 +71,10 @@ interface EcKeyGenParams extends Algorithm {
|
||||||
namedCurve: NamedCurve;
|
namedCurve: NamedCurve;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
interface EcImportParams extends Algorithm {
|
||||||
|
namedCurve: NamedCurve;
|
||||||
|
}
|
||||||
|
|
||||||
interface EcdsaParams extends Algorithm {
|
interface EcdsaParams extends Algorithm {
|
||||||
hash: HashAlgorithmIdentifier;
|
hash: HashAlgorithmIdentifier;
|
||||||
}
|
}
|
||||||
|
@ -195,14 +199,22 @@ interface SubtleCrypto {
|
||||||
importKey(
|
importKey(
|
||||||
format: "jwk",
|
format: "jwk",
|
||||||
keyData: JsonWebKey,
|
keyData: JsonWebKey,
|
||||||
algorithm: AlgorithmIdentifier | HmacImportParams | RsaHashedImportParams,
|
algorithm:
|
||||||
|
| AlgorithmIdentifier
|
||||||
|
| HmacImportParams
|
||||||
|
| RsaHashedImportParams
|
||||||
|
| EcImportParams,
|
||||||
extractable: boolean,
|
extractable: boolean,
|
||||||
keyUsages: KeyUsage[],
|
keyUsages: KeyUsage[],
|
||||||
): Promise<CryptoKey>;
|
): Promise<CryptoKey>;
|
||||||
importKey(
|
importKey(
|
||||||
format: Exclude<KeyFormat, "jwk">,
|
format: Exclude<KeyFormat, "jwk">,
|
||||||
keyData: BufferSource,
|
keyData: BufferSource,
|
||||||
algorithm: AlgorithmIdentifier | HmacImportParams | RsaHashedImportParams,
|
algorithm:
|
||||||
|
| AlgorithmIdentifier
|
||||||
|
| HmacImportParams
|
||||||
|
| RsaHashedImportParams
|
||||||
|
| EcImportParams,
|
||||||
extractable: boolean,
|
extractable: boolean,
|
||||||
keyUsages: KeyUsage[],
|
keyUsages: KeyUsage[],
|
||||||
): Promise<CryptoKey>;
|
): Promise<CryptoKey>;
|
||||||
|
|
|
@ -19,6 +19,8 @@ use std::rc::Rc;
|
||||||
use block_modes::BlockMode;
|
use block_modes::BlockMode;
|
||||||
use lazy_static::lazy_static;
|
use lazy_static::lazy_static;
|
||||||
use num_traits::cast::FromPrimitive;
|
use num_traits::cast::FromPrimitive;
|
||||||
|
use p256::elliptic_curve::sec1::FromEncodedPoint;
|
||||||
|
use p256::pkcs8::FromPrivateKey;
|
||||||
use rand::rngs::OsRng;
|
use rand::rngs::OsRng;
|
||||||
use rand::rngs::StdRng;
|
use rand::rngs::StdRng;
|
||||||
use rand::thread_rng;
|
use rand::thread_rng;
|
||||||
|
@ -40,7 +42,6 @@ use rsa::pkcs1::der::Encodable;
|
||||||
use rsa::pkcs1::FromRsaPrivateKey;
|
use rsa::pkcs1::FromRsaPrivateKey;
|
||||||
use rsa::pkcs1::FromRsaPublicKey;
|
use rsa::pkcs1::FromRsaPublicKey;
|
||||||
use rsa::pkcs8::der::asn1;
|
use rsa::pkcs8::der::asn1;
|
||||||
use rsa::pkcs8::FromPrivateKey;
|
|
||||||
use rsa::BigUint;
|
use rsa::BigUint;
|
||||||
use rsa::PublicKey;
|
use rsa::PublicKey;
|
||||||
use rsa::RsaPrivateKey;
|
use rsa::RsaPrivateKey;
|
||||||
|
@ -443,8 +444,18 @@ pub async fn op_crypto_verify_key(
|
||||||
let verify_alg: &EcdsaVerificationAlgorithm =
|
let verify_alg: &EcdsaVerificationAlgorithm =
|
||||||
args.named_curve.ok_or_else(not_supported)?.try_into()?;
|
args.named_curve.ok_or_else(not_supported)?.try_into()?;
|
||||||
|
|
||||||
let private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &*args.key.data)?;
|
let private_key;
|
||||||
let public_key_bytes = private_key.public_key().as_ref();
|
|
||||||
|
let public_key_bytes = match args.key.r#type {
|
||||||
|
KeyType::Private => {
|
||||||
|
private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &*args.key.data)?;
|
||||||
|
|
||||||
|
private_key.public_key().as_ref()
|
||||||
|
}
|
||||||
|
KeyType::Public => &*args.key.data,
|
||||||
|
_ => return Err(type_error("Invalid Key format".to_string())),
|
||||||
|
};
|
||||||
|
|
||||||
let public_key =
|
let public_key =
|
||||||
ring::signature::UnparsedPublicKey::new(verify_alg, public_key_bytes);
|
ring::signature::UnparsedPublicKey::new(verify_alg, public_key_bytes);
|
||||||
|
|
||||||
|
@ -507,13 +518,40 @@ pub async fn op_crypto_derive_bits(
|
||||||
|
|
||||||
let public_key = args
|
let public_key = args
|
||||||
.public_key
|
.public_key
|
||||||
.ok_or_else(|| type_error("Missing argument publicKey".to_string()))?;
|
.ok_or_else(|| type_error("Missing argument publicKey"))?;
|
||||||
|
|
||||||
match named_curve {
|
match named_curve {
|
||||||
CryptoNamedCurve::P256 => {
|
CryptoNamedCurve::P256 => {
|
||||||
let secret_key = p256::SecretKey::from_pkcs8_der(&args.key.data)?;
|
let secret_key = p256::SecretKey::from_pkcs8_der(&args.key.data)
|
||||||
let public_key =
|
.map_err(|_| type_error("Unexpected error decoding private key"))?;
|
||||||
p256::SecretKey::from_pkcs8_der(&public_key.data)?.public_key();
|
|
||||||
|
let public_key = match public_key.r#type {
|
||||||
|
KeyType::Private => {
|
||||||
|
p256::SecretKey::from_pkcs8_der(&public_key.data)
|
||||||
|
.map_err(|_| {
|
||||||
|
type_error("Unexpected error decoding private key")
|
||||||
|
})?
|
||||||
|
.public_key()
|
||||||
|
}
|
||||||
|
KeyType::Public => {
|
||||||
|
let point = p256::EncodedPoint::from_bytes(public_key.data)
|
||||||
|
.map_err(|_| {
|
||||||
|
type_error("Unexpected error decoding private key")
|
||||||
|
})?;
|
||||||
|
|
||||||
|
let pk: Option<p256::PublicKey> =
|
||||||
|
p256::PublicKey::from_encoded_point(&point);
|
||||||
|
|
||||||
|
if let Some(pk) = pk {
|
||||||
|
pk
|
||||||
|
} else {
|
||||||
|
return Err(type_error(
|
||||||
|
"Unexpected error decoding private key",
|
||||||
|
));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
_ => unreachable!(),
|
||||||
|
};
|
||||||
|
|
||||||
let shared_secret = p256::elliptic_curve::ecdh::diffie_hellman(
|
let shared_secret = p256::elliptic_curve::ecdh::diffie_hellman(
|
||||||
secret_key.to_secret_scalar(),
|
secret_key.to_secret_scalar(),
|
||||||
|
|
|
@ -37,6 +37,13 @@ pub const RSAES_OAEP_OID: rsa::pkcs8::ObjectIdentifier =
|
||||||
pub const ID_P_SPECIFIED: rsa::pkcs8::ObjectIdentifier =
|
pub const ID_P_SPECIFIED: rsa::pkcs8::ObjectIdentifier =
|
||||||
rsa::pkcs8::ObjectIdentifier::new("1.2.840.113549.1.1.9");
|
rsa::pkcs8::ObjectIdentifier::new("1.2.840.113549.1.1.9");
|
||||||
|
|
||||||
|
pub const ID_SECP256R1_OID: rsa::pkcs8::ObjectIdentifier =
|
||||||
|
rsa::pkcs8::ObjectIdentifier::new("1.2.840.10045.3.1.7");
|
||||||
|
pub const ID_SECP384R1_OID: rsa::pkcs8::ObjectIdentifier =
|
||||||
|
rsa::pkcs8::ObjectIdentifier::new("1.3.132.0.34");
|
||||||
|
pub const ID_SECP521R1_OID: rsa::pkcs8::ObjectIdentifier =
|
||||||
|
rsa::pkcs8::ObjectIdentifier::new("1.3.132.0.35");
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Copy, Clone, PartialEq)]
|
#[derive(Serialize, Deserialize, Copy, Clone, PartialEq)]
|
||||||
pub enum ShaHash {
|
pub enum ShaHash {
|
||||||
#[serde(rename = "SHA-1")]
|
#[serde(rename = "SHA-1")]
|
||||||
|
@ -55,6 +62,8 @@ pub enum EcNamedCurve {
|
||||||
P256,
|
P256,
|
||||||
#[serde(rename = "P-384")]
|
#[serde(rename = "P-384")]
|
||||||
P384,
|
P384,
|
||||||
|
#[serde(rename = "P-521")]
|
||||||
|
P521,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
|
|
|
@ -3939,8 +3939,122 @@
|
||||||
"WorkerGlobalScope interface: attribute crypto"
|
"WorkerGlobalScope interface: attribute crypto"
|
||||||
],
|
],
|
||||||
"import_export": {
|
"import_export": {
|
||||||
"ec_importKey.https.any.html": false,
|
"ec_importKey.https.any.html": [
|
||||||
"ec_importKey.https.any.worker.html": false,
|
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||||
|
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits])"
|
||||||
|
],
|
||||||
|
"ec_importKey.https.any.worker.html": [
|
||||||
|
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||||
|
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDH, namedCurve: P-256}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-256}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
|
||||||
|
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
|
||||||
|
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits])"
|
||||||
|
],
|
||||||
"rsa_importKey.https.any.html": true,
|
"rsa_importKey.https.any.html": true,
|
||||||
"rsa_importKey.https.any.worker.html": true,
|
"rsa_importKey.https.any.worker.html": true,
|
||||||
"symmetric_importKey.https.any.html": true,
|
"symmetric_importKey.https.any.html": true,
|
||||||
|
@ -3950,10 +4064,9 @@
|
||||||
"randomUUID.https.any.worker.html": true,
|
"randomUUID.https.any.worker.html": true,
|
||||||
"sign_verify": {
|
"sign_verify": {
|
||||||
"ecdsa.https.any.html": [
|
"ecdsa.https.any.html": [
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification",
|
"ECDSA P-256 with SHA-1 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification",
|
"ECDSA P-256 with SHA-384 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification",
|
"ECDSA P-256 with SHA-512 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
||||||
|
@ -3962,10 +4075,9 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification with altered signature after call",
|
"ECDSA P-256 with SHA-1 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification with altered signature after call",
|
"ECDSA P-256 with SHA-384 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification with altered signature after call",
|
"ECDSA P-256 with SHA-512 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification with altered signature after call",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
||||||
|
@ -3974,10 +4086,9 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 with altered plaintext after call",
|
"ECDSA P-256 with SHA-1 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 with altered plaintext after call",
|
"ECDSA P-256 with SHA-384 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 with altered plaintext after call",
|
"ECDSA P-256 with SHA-512 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 with altered plaintext after call",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
||||||
|
@ -3986,10 +4097,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
||||||
|
@ -3998,10 +4105,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
||||||
|
@ -4010,10 +4113,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
||||||
|
@ -4022,10 +4121,8 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 round trip",
|
"ECDSA P-256 with SHA-1 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 round trip",
|
"ECDSA P-256 with SHA-512 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 round trip",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 round trip",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
||||||
|
@ -4034,10 +4131,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
||||||
|
@ -4046,10 +4139,7 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to wrong hash",
|
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||||
|
@ -4058,10 +4148,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
||||||
|
@ -4070,10 +4156,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
||||||
|
@ -4082,10 +4164,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
||||||
|
@ -4094,10 +4172,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
||||||
|
@ -4106,10 +4180,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
||||||
|
@ -4120,10 +4190,9 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verifying with wrong algorithm name"
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verifying with wrong algorithm name"
|
||||||
],
|
],
|
||||||
"ecdsa.https.any.worker.html": [
|
"ecdsa.https.any.worker.html": [
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification",
|
"ECDSA P-256 with SHA-1 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification",
|
"ECDSA P-256 with SHA-384 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification",
|
"ECDSA P-256 with SHA-512 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
||||||
|
@ -4132,10 +4201,9 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification with altered signature after call",
|
"ECDSA P-256 with SHA-1 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification with altered signature after call",
|
"ECDSA P-256 with SHA-384 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification with altered signature after call",
|
"ECDSA P-256 with SHA-512 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification with altered signature after call",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
||||||
|
@ -4144,10 +4212,9 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 with altered plaintext after call",
|
"ECDSA P-256 with SHA-1 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 with altered plaintext after call",
|
"ECDSA P-256 with SHA-384 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 with altered plaintext after call",
|
"ECDSA P-256 with SHA-512 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 with altered plaintext after call",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
||||||
|
@ -4156,10 +4223,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 using privateKey to verify",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
||||||
|
@ -4168,10 +4231,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 using publicKey to sign",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
||||||
|
@ -4180,10 +4239,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 no verify usage",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
||||||
|
@ -4192,10 +4247,8 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 round trip",
|
"ECDSA P-256 with SHA-1 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 round trip",
|
"ECDSA P-256 with SHA-512 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 round trip",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 round trip",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
||||||
|
@ -4204,10 +4257,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to altered signature",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
||||||
|
@ -4216,10 +4265,7 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to wrong hash",
|
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to wrong hash",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||||
|
@ -4228,10 +4274,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to bad hash name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
||||||
|
@ -4240,10 +4282,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to shortened signature",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
||||||
|
@ -4252,10 +4290,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verification failure due to altered plaintext",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
||||||
|
@ -4264,10 +4298,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 signing with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
||||||
|
@ -4276,10 +4306,6 @@
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-1 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-256 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-384 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-256 with SHA-512 verifying with wrong algorithm name",
|
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
||||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
||||||
|
|
Loading…
Reference in a new issue