mirror of
https://github.com/denoland/deno.git
synced 2025-01-11 16:42:21 -05:00
feat(ext/crypto): implement pkcs8/JWK for P-384 curves (#13154)
This commit is contained in:
parent
77e58fe7f9
commit
9139985180
4 changed files with 106 additions and 247 deletions
|
@ -1200,10 +1200,7 @@ Deno.test(async function testImportExportEcDsaJwk() {
|
|||
for (
|
||||
const [_key, keyData] of Object.entries(jwtECKeys)
|
||||
) {
|
||||
const { size, publicJWK, privateJWK, algo } = keyData;
|
||||
if (size != 256) {
|
||||
continue;
|
||||
}
|
||||
const { publicJWK, privateJWK, algo } = keyData;
|
||||
|
||||
// 1. Test import EcDsa
|
||||
const privateKeyECDSA = await subtle.importKey(
|
||||
|
@ -1268,9 +1265,6 @@ Deno.test(async function testImportEcDhJwk() {
|
|||
const [_key, jwkData] of Object.entries(jwtECKeys)
|
||||
) {
|
||||
const { size, publicJWK, privateJWK } = jwkData;
|
||||
if (size != 256) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// 1. Test import EcDsa
|
||||
const privateKeyECDH = await subtle.importKey(
|
||||
|
@ -1308,6 +1302,11 @@ Deno.test(async function testImportEcDhJwk() {
|
|||
);
|
||||
assert(equalJwk(publicJWK, expPublicKeyJWK as JWK));
|
||||
|
||||
// deriveBits still not implemented for P384
|
||||
if (size != 256) {
|
||||
continue;
|
||||
}
|
||||
|
||||
const derivedKey = await subtle.deriveBits(
|
||||
{
|
||||
name: "ECDH",
|
||||
|
@ -1406,6 +1405,13 @@ Deno.test(async function testImportEcSpkiPkcs8() {
|
|||
for (
|
||||
const hash of [/*"SHA-1", */ "SHA-256", "SHA-384" /*"SHA-512"*/]
|
||||
) {
|
||||
if (
|
||||
(hash == "SHA-256" && namedCurve != "P-256") ||
|
||||
(hash == "SHA-384" && namedCurve != "P-384")
|
||||
) {
|
||||
continue;
|
||||
}
|
||||
|
||||
const signatureECDSA = await subtle.sign(
|
||||
{ name: "ECDSA", hash },
|
||||
privateKeyECDSA,
|
||||
|
|
|
@ -28,8 +28,6 @@ pub struct ECPrivateKey<'a, C: elliptic_curve::Curve> {
|
|||
pub encoded_point: &'a [u8],
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
///todo(@sean) - to be removed in #13154
|
||||
impl<'a, C> ECPrivateKey<'a, C>
|
||||
where
|
||||
C: elliptic_curve::Curve + AlgorithmParameters,
|
||||
|
|
|
@ -3,14 +3,14 @@ use deno_core::OpState;
|
|||
use deno_core::ZeroCopyBuf;
|
||||
use elliptic_curve::pkcs8::der::Decodable as Pkcs8Decodable;
|
||||
use elliptic_curve::pkcs8::PrivateKeyInfo;
|
||||
use elliptic_curve::sec1::ToEncodedPoint;
|
||||
use p256::pkcs8::FromPrivateKey;
|
||||
use p256::pkcs8::ToPrivateKey;
|
||||
use ring::signature::EcdsaKeyPair;
|
||||
use rsa::pkcs1::UIntBytes;
|
||||
use serde::Deserialize;
|
||||
use serde::Serialize;
|
||||
use spki::der::Encodable;
|
||||
|
||||
use crate::ec_key::ECPrivateKey;
|
||||
use crate::key::CryptoNamedCurve;
|
||||
use crate::shared::*;
|
||||
use crate::OaepPrivateKeyParameters;
|
||||
use crate::PssPrivateKeyParameters;
|
||||
|
@ -721,68 +721,65 @@ fn import_key_ec_jwk(
|
|||
let point_bytes = import_key_ec_jwk_to_point(x, y, named_curve)?;
|
||||
|
||||
Ok(ImportKeyResult::Ec {
|
||||
raw_data: RawKeyData::Public(point_bytes.to_vec().into()),
|
||||
raw_data: RawKeyData::Public(point_bytes.into()),
|
||||
})
|
||||
}
|
||||
KeyData::JwkPrivateEc { d, x, y } => {
|
||||
let point_bytes = import_key_ec_jwk_to_point(x, y, named_curve)?;
|
||||
|
||||
let secret_key_der = match named_curve {
|
||||
jwt_b64_int_or_err!(private_d, &d, "invalid JWK private key");
|
||||
|
||||
let pkcs8_der = match named_curve {
|
||||
EcNamedCurve::P256 => {
|
||||
let d = decode_b64url_to_field_bytes::<p256::NistP256>(&d)?;
|
||||
let secret_key = p256::SecretKey::from_bytes(&d)?;
|
||||
ToPrivateKey::to_pkcs8_der(&secret_key).unwrap()
|
||||
}
|
||||
//@todo(sean) - build p384 secret key from jwk, when crate implements to_pkcs8_der
|
||||
//Problem: p384 crate does not implement ProjectiveArithmetic
|
||||
/*EcNamedCurve::P384 => {
|
||||
let secret_key = p384::SecretKey::from_be_bytes(&d)?;
|
||||
|
||||
secret_key.to_pkcs8_der().unwrap()
|
||||
}*/
|
||||
_ => return Err(not_supported_error("Unsupported named curve")),
|
||||
};
|
||||
|
||||
let oid =
|
||||
<p256::NistP256 as p256::elliptic_curve::AlgorithmParameters>::OID;
|
||||
|
||||
let pki = p256::pkcs8::PrivateKeyInfo::new(
|
||||
p256::pkcs8::AlgorithmIdentifier {
|
||||
oid,
|
||||
parameters: None,
|
||||
},
|
||||
secret_key_der.as_ref(),
|
||||
let pk =
|
||||
ECPrivateKey::<p256::NistP256>::from_private_and_public_bytes(
|
||||
d,
|
||||
&point_bytes,
|
||||
);
|
||||
|
||||
let pki = p256::pkcs8::PrivateKeyInfo {
|
||||
public_key: Some(&point_bytes),
|
||||
..pki
|
||||
pk.to_pkcs8_der()?
|
||||
}
|
||||
EcNamedCurve::P384 => {
|
||||
let d = decode_b64url_to_field_bytes::<p384::NistP384>(&d)?;
|
||||
|
||||
let pk =
|
||||
ECPrivateKey::<p384::NistP384>::from_private_and_public_bytes(
|
||||
d,
|
||||
&point_bytes,
|
||||
);
|
||||
|
||||
pk.to_pkcs8_der()?
|
||||
}
|
||||
EcNamedCurve::P521 => {
|
||||
return Err(data_error("Unsupported named curve"))
|
||||
}
|
||||
};
|
||||
|
||||
// Import using ring, to validate key
|
||||
let key_alg = match named_curve {
|
||||
EcNamedCurve::P256 => CryptoNamedCurve::P256.try_into()?,
|
||||
EcNamedCurve::P384 => CryptoNamedCurve::P256.try_into()?,
|
||||
EcNamedCurve::P521 => {
|
||||
return Err(data_error("Unsupported named curve"))
|
||||
}
|
||||
};
|
||||
|
||||
let _key_pair = EcdsaKeyPair::from_private_key_and_public_key(
|
||||
key_alg,
|
||||
private_d.as_bytes(),
|
||||
point_bytes.as_ref(),
|
||||
);
|
||||
|
||||
Ok(ImportKeyResult::Ec {
|
||||
raw_data: RawKeyData::Private(pki.private_key.to_vec().into()),
|
||||
raw_data: RawKeyData::Private(pkcs8_der.as_ref().to_vec().into()),
|
||||
})
|
||||
}
|
||||
_ => unreachable!(),
|
||||
}
|
||||
}
|
||||
|
||||
pub struct ECParametersPkcs8 {
|
||||
pub named_curve_alg: p256::pkcs8::der::asn1::ObjectIdentifier,
|
||||
}
|
||||
|
||||
impl<'a> TryFrom<p256::pkcs8::der::asn1::Any<'a>> for ECParametersPkcs8 {
|
||||
type Error = p256::pkcs8::der::Error;
|
||||
|
||||
fn try_from(
|
||||
any: p256::pkcs8::der::asn1::Any<'a>,
|
||||
) -> p256::pkcs8::der::Result<ECParametersPkcs8> {
|
||||
let x = any.oid()?;
|
||||
|
||||
Ok(Self { named_curve_alg: x })
|
||||
}
|
||||
}
|
||||
|
||||
pub struct ECParametersSpki {
|
||||
pub named_curve_alg: spki::der::asn1::ObjectIdentifier,
|
||||
}
|
||||
|
@ -833,70 +830,48 @@ fn import_key_ec(
|
|||
})
|
||||
}
|
||||
KeyData::Pkcs8(data) => {
|
||||
// 2-3.
|
||||
let pk_info = PrivateKeyInfo::from_der(&data)
|
||||
.map_err(|e| data_error(e.to_string()))?;
|
||||
// 2-7
|
||||
// Deserialize PKCS8 - validate structure, extracts named_curve
|
||||
let named_curve_alg = match named_curve {
|
||||
EcNamedCurve::P256 => {
|
||||
let pk = ECPrivateKey::<p256::NistP256>::try_from(data.as_ref())?;
|
||||
|
||||
// 4-5.
|
||||
let alg = pk_info.algorithm.oid;
|
||||
// id-ecPublicKey
|
||||
if alg != elliptic_curve::ALGORITHM_OID {
|
||||
return Err(data_error("unsupported algorithm"));
|
||||
pk.named_curve_oid().unwrap()
|
||||
}
|
||||
EcNamedCurve::P384 => {
|
||||
let pk = ECPrivateKey::<p384::NistP384>::try_from(data.as_ref())?;
|
||||
|
||||
// 5-7.
|
||||
let params = ECParametersPkcs8::try_from(
|
||||
pk_info
|
||||
.algorithm
|
||||
.parameters
|
||||
.ok_or_else(|| data_error("malformed parameters"))?,
|
||||
)
|
||||
.map_err(|_| data_error("malformed parameters"))?;
|
||||
pk.named_curve_oid().unwrap()
|
||||
}
|
||||
EcNamedCurve::P521 => {
|
||||
return Err(data_error("Unsupported named curve"))
|
||||
}
|
||||
};
|
||||
|
||||
// 8-9.
|
||||
let pk_named_curve = match params.named_curve_alg {
|
||||
let pk_named_curve = match named_curve_alg {
|
||||
// id-secp256r1
|
||||
ID_SECP256R1_OID => Some(EcNamedCurve::P256),
|
||||
// id-secp384r1
|
||||
ID_SECP384R1_OID => Some(EcNamedCurve::P384),
|
||||
// id-secp384r1
|
||||
// id-secp521r1
|
||||
ID_SECP521R1_OID => Some(EcNamedCurve::P521),
|
||||
_ => None,
|
||||
};
|
||||
|
||||
// 10.
|
||||
if let Some(pk_named_curve) = pk_named_curve {
|
||||
match pk_named_curve {
|
||||
EcNamedCurve::P256 => {
|
||||
let secret_key =
|
||||
p256::SecretKey::from_pkcs8_der(&data).map_err(|_| {
|
||||
data_error("invalid P-256 elliptic curve PKCS8 data")
|
||||
})?;
|
||||
let signing_alg = match pk_named_curve {
|
||||
EcNamedCurve::P256 => CryptoNamedCurve::P256.try_into()?,
|
||||
EcNamedCurve::P384 => CryptoNamedCurve::P384.try_into()?,
|
||||
EcNamedCurve::P521 => {
|
||||
return Err(data_error("Unsupported named curve"))
|
||||
}
|
||||
};
|
||||
|
||||
let point =
|
||||
secret_key.public_key().as_affine().to_encoded_point(false);
|
||||
// deserialize pkcs8 using ring crate, to VALIDATE public key
|
||||
let _private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &data)?;
|
||||
|
||||
// 12 - not sure if this is correct.
|
||||
if point.is_identity() {
|
||||
return Err(data_error("Invalid key data"));
|
||||
}
|
||||
}
|
||||
//@todo(sean) Validate P384 secret-key on import(pkcs8)
|
||||
//Problem: Nist384 Curve from p384 crate does not implement ProjectiveArithmetic
|
||||
//so cannot extract PublicKey from SecretKey.
|
||||
/*EcNamedCurve::P384 => {
|
||||
let secret_key =
|
||||
p384::SecretKey::from_pkcs8_der(&data).unwrap();
|
||||
|
||||
let point =
|
||||
secret_key.public_key().as_affine().to_encoded_point(false);
|
||||
// 3.
|
||||
if point.is_identity() {
|
||||
return Err(type_error("Invalid key data".to_string()));
|
||||
}
|
||||
}*/
|
||||
_ => return Err(data_error("Unsupported named curve")),
|
||||
}
|
||||
// 11.
|
||||
if named_curve != pk_named_curve {
|
||||
return Err(data_error("curve mismatch"));
|
||||
|
|
|
@ -616,10 +616,6 @@
|
|||
],
|
||||
"import_export": {
|
||||
"ec_importKey.https.any.html": [
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||
|
@ -630,18 +626,6 @@
|
|||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||
|
@ -660,10 +644,6 @@
|
|||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits])"
|
||||
],
|
||||
"ec_importKey.https.any.worker.html": [
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])",
|
||||
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
|
||||
|
@ -674,18 +654,6 @@
|
|||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
|
||||
"Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])",
|
||||
"Good parameters: P-384 bits (spki, buffer(120), {name: ECDH, namedCurve: P-384}, true, [])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, true, [deriveBits])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits, deriveKey])",
|
||||
"Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||
"Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-384}, false, [deriveBits])",
|
||||
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
|
||||
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
|
||||
|
@ -715,10 +683,9 @@
|
|||
"ECDSA P-256 with SHA-1 verification",
|
||||
"ECDSA P-256 with SHA-384 verification",
|
||||
"ECDSA P-256 with SHA-512 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification",
|
||||
"ECDSA P-384 with SHA-1 verification",
|
||||
"ECDSA P-384 with SHA-256 verification",
|
||||
"ECDSA P-384 with SHA-512 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
||||
|
@ -726,10 +693,9 @@
|
|||
"ECDSA P-256 with SHA-1 verification with altered signature after call",
|
||||
"ECDSA P-256 with SHA-384 verification with altered signature after call",
|
||||
"ECDSA P-256 with SHA-512 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-512 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
||||
|
@ -737,101 +703,59 @@
|
|||
"ECDSA P-256 with SHA-1 with altered plaintext after call",
|
||||
"ECDSA P-256 with SHA-384 with altered plaintext after call",
|
||||
"ECDSA P-256 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
||||
"ECDSA P-256 with SHA-1 round trip",
|
||||
"ECDSA P-256 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 round trip",
|
||||
"ECDSA P-384 with SHA-1 round trip",
|
||||
"ECDSA P-384 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
||||
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to wrong hash",
|
||||
"ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verifying with wrong algorithm name",
|
||||
|
@ -841,10 +765,9 @@
|
|||
"ECDSA P-256 with SHA-1 verification",
|
||||
"ECDSA P-256 with SHA-384 verification",
|
||||
"ECDSA P-256 with SHA-512 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification",
|
||||
"ECDSA P-384 with SHA-1 verification",
|
||||
"ECDSA P-384 with SHA-256 verification",
|
||||
"ECDSA P-384 with SHA-512 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
|
||||
|
@ -852,10 +775,9 @@
|
|||
"ECDSA P-256 with SHA-1 verification with altered signature after call",
|
||||
"ECDSA P-256 with SHA-384 verification with altered signature after call",
|
||||
"ECDSA P-256 with SHA-512 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-1 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-256 verification with altered signature after call",
|
||||
"ECDSA P-384 with SHA-512 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
|
||||
|
@ -863,101 +785,59 @@
|
|||
"ECDSA P-256 with SHA-1 with altered plaintext after call",
|
||||
"ECDSA P-256 with SHA-384 with altered plaintext after call",
|
||||
"ECDSA P-256 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-1 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-256 with altered plaintext after call",
|
||||
"ECDSA P-384 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
|
||||
"ECDSA P-256 with SHA-1 round trip",
|
||||
"ECDSA P-256 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 round trip",
|
||||
"ECDSA P-384 with SHA-1 round trip",
|
||||
"ECDSA P-384 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
|
||||
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to wrong hash",
|
||||
"ECDSA P-384 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-1 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-256 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-384 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-384 with SHA-512 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-1 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-256 verifying with wrong algorithm name",
|
||||
"importVectorKeys step: ECDSA P-521 with SHA-384 verifying with wrong algorithm name",
|
||||
|
|
Loading…
Reference in a new issue