1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-23 15:49:44 -05:00

feat(ext/crypto): initial support for p521 in generateKey and importKey (#21815)

Part 1 of a potential 3 part series. Ref #13449 

The current implementation passes key material back and forth RustCrypto
group of crates and ring. ring does not implement p521 yet.

This PR adds support for P521 named curve in `generateKey` and
`importKey` where we use RustCrypto. Other parts should be moved over to
the RustGroup group of crates for consistency.
This commit is contained in:
Divy Srivastava 2024-01-06 16:48:31 +05:30 committed by Bartek Iwańczuk
parent a32792d1b1
commit 6e017dbba7
No known key found for this signature in database
GPG key ID: 0C6BCDDC3B3AD750
7 changed files with 98 additions and 158 deletions

15
Cargo.lock generated
View file

@ -1218,6 +1218,7 @@ dependencies = [
"once_cell",
"p256",
"p384",
"p521",
"rand",
"ring",
"rsa",
@ -4115,6 +4116,20 @@ dependencies = [
"sha2",
]
[[package]]
name = "p521"
version = "0.13.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0fc9e2161f1f215afdfce23677034ae137bbd45016a880c2eb3ba8eb95f085b2"
dependencies = [
"base16ct",
"ecdsa",
"elliptic-curve",
"primeorder",
"rand_core",
"sha2",
]
[[package]]
name = "parking_lot"
version = "0.11.2"

View file

@ -2006,3 +2006,42 @@ Deno.test(async function testHmacJwkImport() {
["sign", "verify"],
);
});
Deno.test(async function p521Import() {
const jwk = {
"crv": "P-521",
"ext": true,
"key_ops": [
"verify",
],
"kty": "EC",
"x":
"AXkSI8nfkc6bu3fifXGuKKbu08g5LKPfxUNQJJYzzPgmN8XLDzx0C9Sdeejl1XoWGrheKPHl0k4tUmHw0cdInpfj",
"y":
"AT4vjsO0bzVRlN3Wthv9DewncDXS2tlTob5QojV8WX1GzOAikRfWFEP3nspoSv88U447acZAsk5IvgGJuVjgMDlx",
};
const algorithm = { name: "ECDSA", namedCurve: "P-521" };
const key = await crypto.subtle.importKey(
"jwk",
jwk,
algorithm,
true,
["verify"],
);
assert(key instanceof CryptoKey);
});
Deno.test(async function p521Generate() {
const algorithm = { name: "ECDSA", namedCurve: "P-521" };
const key = await crypto.subtle.generateKey(
algorithm,
true,
["sign", "verify"],
);
assert(key.privateKey instanceof CryptoKey);
assert(key.publicKey instanceof CryptoKey);
});

View file

@ -63,8 +63,7 @@ const {
isDataView,
} = core;
// P-521 is not yet supported.
const supportedNamedCurves = ["P-256", "P-384"];
const supportedNamedCurves = ["P-256", "P-384", "P-521"];
const recognisedUsages = [
"encrypt",
"decrypt",

View file

@ -30,6 +30,7 @@ num-traits = "0.2.14"
once_cell.workspace = true
p256 = { version = "0.13.2", features = ["ecdh"] }
p384 = "0.13.0"
p521 = "0.13.3"
rand.workspace = true
ring = { workspace = true, features = ["std"] }
rsa.workspace = true

View file

@ -84,11 +84,17 @@ fn generate_key_rsa(
Ok(private_key.as_bytes().to_vec())
}
fn generate_key_ec_p521() -> Vec<u8> {
let mut rng = OsRng;
let key = p521::SecretKey::random(&mut rng);
key.to_nonzero_scalar().to_bytes().to_vec()
}
fn generate_key_ec(named_curve: EcNamedCurve) -> Result<Vec<u8>, AnyError> {
let curve = match named_curve {
EcNamedCurve::P256 => &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING,
EcNamedCurve::P384 => &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING,
_ => return Err(not_supported_error("Unsupported named curve")),
EcNamedCurve::P521 => return Ok(generate_key_ec_p521()),
};
let rng = ring::rand::SystemRandom::new();

View file

@ -520,7 +520,12 @@ fn import_key_ec_jwk_to_point(
p384::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
}
_ => return Err(not_supported_error("Unsupported named curve")),
EcNamedCurve::P521 => {
let x = decode_b64url_to_field_bytes::<p521::NistP521>(&x)?;
let y = decode_b64url_to_field_bytes::<p521::NistP521>(&y)?;
p521::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
}
};
Ok(point_bytes.to_vec())
@ -629,7 +634,15 @@ fn import_key_ec(
return Err(data_error("invalid P-384 elliptic curve point"));
}
}
_ => return Err(not_supported_error("Unsupported named curve")),
EcNamedCurve::P521 => {
// 1-2.
let point = p521::EncodedPoint::from_bytes(&data)
.map_err(|_| data_error("invalid P-521 elliptic curve point"))?;
// 3.
if point.is_identity() {
return Err(data_error("invalid P-521 elliptic curve point"));
}
}
};
Ok(ImportKeyResult::Ec {
raw_data: RustRawKeyData::Public(data.to_vec().into()),
@ -755,7 +768,18 @@ fn import_key_ec(
point.as_bytes().len()
}
_ => return Err(not_supported_error("Unsupported named curve")),
EcNamedCurve::P521 => {
let point =
p521::EncodedPoint::from_bytes(&*encoded_key).map_err(|_| {
data_error("invalid P-521 elliptic curve SPKI data")
})?;
if point.is_identity() {
return Err(data_error("invalid P-521 elliptic curve point"));
}
point.as_bytes().len()
}
};
if bytes_consumed != pk_info.subject_public_key.raw_bytes().len() {

View file

@ -12,7 +12,6 @@
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveBits usage for base key",
"P-521 base key is not a private key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key",
"P-521 asking for too many bits"
@ -26,7 +25,6 @@
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveBits usage for base key",
"P-521 base key is not a private key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key",
"P-521 asking for too many bits"
@ -37,7 +35,6 @@
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveKey usage for base key",
"P-521 base key is not a private key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key"
],
@ -47,7 +44,6 @@
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveKey usage for base key",
"P-521 base key is not a private key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key"
],
@ -699,22 +695,10 @@
"failures_AES-GCM.https.any.worker.html": true,
"failures_AES-KW.https.any.html": true,
"failures_AES-KW.https.any.worker.html": true,
"failures_ECDH.https.any.html": [
"Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])",
"Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])"
],
"failures_ECDH.https.any.worker.html": [
"Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])",
"Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])"
],
"failures_ECDSA.https.any.html": [
"Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])",
"Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])"
],
"failures_ECDSA.https.any.worker.html": [
"Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])",
"Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])"
],
"failures_ECDH.https.any.html": true,
"failures_ECDH.https.any.worker.html": true,
"failures_ECDSA.https.any.html": true,
"failures_ECDSA.https.any.worker.html": true,
"failures_HMAC.https.any.html": true,
"failures_HMAC.https.any.worker.html": true,
"failures_RSA-OAEP.https.any.html": true,
@ -733,98 +717,10 @@
"successes_AES-KW.https.any.worker.html": true,
"successes_HMAC.https.any.html": true,
"successes_HMAC.https.any.worker.html": true,
"successes_ECDH.https.any.html": [
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])"
],
"successes_ECDH.https.any.worker.html": [
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
"Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])"
],
"successes_ECDSA.https.any.html": [
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])"
],
"successes_ECDSA.https.any.worker.html": [
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
"Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])"
],
"successes_ECDH.https.any.html": true,
"successes_ECDH.https.any.worker.html": true,
"successes_ECDSA.https.any.html": true,
"successes_ECDSA.https.any.worker.html": true,
"successes_RSA-OAEP.https.any.html?1-10": true,
"successes_RSA-OAEP.https.any.html?101-110": true,
"successes_RSA-OAEP.https.any.html?11-20": true,
@ -1061,21 +957,6 @@
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
@ -1109,11 +990,6 @@
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
@ -1167,21 +1043,6 @@
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
@ -1215,11 +1076,6 @@
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",