1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-21 23:04:45 -05:00

feat(ext/crypto): import and export p521 keys (#25789)

Towards https://github.com/denoland/deno/issues/13449
This commit is contained in:
Divy Srivastava 2024-09-23 19:40:36 +05:30 committed by GitHub
parent b1550842d9
commit bfdca5bc7a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 219 additions and 389 deletions

1
Cargo.lock generated
View file

@ -1476,6 +1476,7 @@ dependencies = [
"rand",
"ring",
"rsa",
"sec1",
"serde",
"serde_bytes",
"sha1",

View file

@ -163,6 +163,7 @@ rustls-webpki = "0.102"
rustyline = "=13.0.0"
saffron = "=0.1.0"
scopeguard = "1.2.0"
sec1 = "0.7"
serde = { version = "1.0.149", features = ["derive"] }
serde_bytes = "0.11"
serde_json = "1.0.85"

View file

@ -33,6 +33,7 @@ p521 = "0.13.3"
rand.workspace = true
ring = { workspace = true, features = ["std"] }
rsa.workspace = true
sec1.workspace = true
serde.workspace = true
serde_bytes.workspace = true
sha1.workspace = true

View file

@ -254,7 +254,9 @@ fn export_key_ec(
point.as_ref().to_vec()
}
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
let point = key_data.as_ec_public_key_p521()?;
point.as_ref().to_vec()
}
};
Ok(ExportKeyResult::Raw(subject_public_key.into()))
@ -272,7 +274,9 @@ fn export_key_ec(
point.as_ref().to_vec()
}
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
let point = key_data.as_ec_public_key_p521()?;
point.as_ref().to_vec()
}
};
@ -285,9 +289,10 @@ fn export_key_ec(
oid: elliptic_curve::ALGORITHM_OID,
parameters: Some((&p384::NistP384::OID).into()),
},
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
}
EcNamedCurve::P521 => AlgorithmIdentifierOwned {
oid: elliptic_curve::ALGORITHM_OID,
parameters: Some((&p521::NistP521::OID).into()),
},
};
let alg_id = match algorithm {
@ -351,7 +356,24 @@ fn export_key_ec(
))
}
}
EcNamedCurve::P521 => Err(data_error("Unsupported named curve")),
EcNamedCurve::P521 => {
let point = key_data.as_ec_public_key_p521()?;
let coords = point.coordinates();
if let p521::elliptic_curve::sec1::Coordinates::Uncompressed { x, y } =
coords
{
Ok(ExportKeyResult::JwkPublicEc {
x: bytes_to_b64(x),
y: bytes_to_b64(y),
})
} else {
Err(custom_error(
"DOMExceptionOperationError",
"failed to decode public key",
))
}
}
},
ExportKeyFormat::JwkPrivate => {
let private_key = key_data.as_ec_private_key()?;

View file

@ -7,14 +7,12 @@ use deno_core::JsBuffer;
use deno_core::ToJsBuffer;
use elliptic_curve::pkcs8::PrivateKeyInfo;
use p256::pkcs8::EncodePrivateKey;
use ring::signature::EcdsaKeyPair;
use rsa::pkcs1::UintRef;
use rsa::pkcs8::der::Encode;
use serde::Deserialize;
use serde::Serialize;
use spki::der::Decode;
use crate::key::CryptoNamedCurve;
use crate::shared::*;
#[derive(Deserialize)]
@ -45,7 +43,9 @@ pub enum KeyData {
y: String,
},
JwkPrivateEc {
#[allow(dead_code)]
x: String,
#[allow(dead_code)]
y: String,
d: String,
},
@ -543,9 +543,7 @@ fn import_key_ec_jwk(
raw_data: RustRawKeyData::Public(point_bytes.into()),
})
}
KeyData::JwkPrivateEc { d, x, y } => {
jwt_b64_int_or_err!(private_d, &d, "invalid JWK private key");
let point_bytes = import_key_ec_jwk_to_point(x, y, named_curve)?;
KeyData::JwkPrivateEc { d, .. } => {
let pkcs8_der = match named_curve {
EcNamedCurve::P256 => {
let d = decode_b64url_to_field_bytes::<p256::NistP256>(&d)?;
@ -562,27 +560,14 @@ fn import_key_ec_jwk(
.map_err(|_| data_error("invalid JWK private key"))?
}
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
let d = decode_b64url_to_field_bytes::<p521::NistP521>(&d)?;
let pk = p521::SecretKey::from_bytes(&d)?;
pk.to_pkcs8_der()
.map_err(|_| data_error("invalid JWK private key"))?
}
};
// Import using ring, to validate key
let key_alg = match named_curve {
EcNamedCurve::P256 => CryptoNamedCurve::P256.into(),
EcNamedCurve::P384 => CryptoNamedCurve::P256.into(),
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
}
};
let rng = ring::rand::SystemRandom::new();
let _key_pair = EcdsaKeyPair::from_private_key_and_public_key(
key_alg,
private_d.as_bytes(),
point_bytes.as_ref(),
&rng,
);
Ok(ImportKeyResult::Ec {
raw_data: RustRawKeyData::Private(pkcs8_der.as_bytes().to_vec().into()),
})
@ -649,24 +634,15 @@ fn import_key_ec(
})
}
KeyData::Pkcs8(data) => {
// 2-7
// Deserialize PKCS8 - validate structure, extracts named_curve
let named_curve_alg = match named_curve {
EcNamedCurve::P256 | EcNamedCurve::P384 => {
let pk = PrivateKeyInfo::from_der(data.as_ref())
.map_err(|_| data_error("expected valid PKCS#8 data"))?;
pk.algorithm
.parameters
.ok_or_else(|| data_error("malformed parameters"))?
.try_into()
.unwrap()
}
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
}
};
let pk = PrivateKeyInfo::from_der(data.as_ref())
.map_err(|_| data_error("expected valid PKCS#8 data"))?;
let named_curve_alg = pk
.algorithm
.parameters
.ok_or_else(|| data_error("malformed parameters"))?
.try_into()
.unwrap();
// 8-9.
let pk_named_curve = match named_curve_alg {
// id-secp256r1
ID_SECP256R1_OID => Some(EcNamedCurve::P256),
@ -677,27 +653,8 @@ fn import_key_ec(
_ => None,
};
// 10.
if let Some(pk_named_curve) = pk_named_curve {
let signing_alg = match pk_named_curve {
EcNamedCurve::P256 => CryptoNamedCurve::P256.into(),
EcNamedCurve::P384 => CryptoNamedCurve::P384.into(),
EcNamedCurve::P521 => {
return Err(data_error("Unsupported named curve"))
}
};
let rng = ring::rand::SystemRandom::new();
// deserialize pkcs8 using ring crate, to VALIDATE public key
let _private_key = EcdsaKeyPair::from_pkcs8(signing_alg, &data, &rng)
.map_err(|_| data_error("invalid key"))?;
// 11.
if named_curve != pk_named_curve {
return Err(data_error("curve mismatch"));
}
} else {
return Err(data_error("Unsupported named curve"));
if pk_named_curve != Some(named_curve) {
return Err(data_error("curve mismatch"));
}
Ok(ImportKeyResult::Ec {

View file

@ -126,6 +126,23 @@ impl V8RawKeyData {
}
}
pub fn as_ec_public_key_p521(&self) -> Result<p521::EncodedPoint, AnyError> {
match self {
V8RawKeyData::Public(data) => {
// public_key is a serialized EncodedPoint
p521::EncodedPoint::from_bytes(data)
.map_err(|_| type_error("expected valid public EC key"))
}
V8RawKeyData::Private(data) => {
let signing_key = p521::SecretKey::from_pkcs8_der(data)
.map_err(|_| type_error("expected valid private EC key"))?;
Ok(signing_key.public_key().to_encoded_point(false))
}
// Should never reach here.
V8RawKeyData::Secret(_) => unreachable!(),
}
}
pub fn as_ec_private_key(&self) -> Result<&[u8], AnyError> {
match self {
V8RawKeyData::Private(data) => Ok(data),

View file

@ -81,7 +81,7 @@ ring.workspace = true
ripemd = { version = "0.1.3", features = ["oid"] }
rsa.workspace = true
scrypt = "0.11.0"
sec1 = "0.7"
sec1.workspace = true
serde = "1.0.149"
sha1.workspace = true
sha2.workspace = true

View file

@ -2045,24 +2045,3 @@ Deno.test(async function p521Generate() {
assert(key.privateKey instanceof CryptoKey);
assert(key.publicKey instanceof CryptoKey);
});
Deno.test(async function invalidEcPointDataError() {
await assertRejects(async () => {
await crypto.subtle
.importKey(
"pkcs8",
// deno-fmt-ignore
new Uint8Array([
48, 102, 2, 1, 0, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134,
72, 206, 61, 3, 1, 7, 4, 76, 48, 74, 2, 1, 1, 4, 32, 255, 255, 255, 255,
0, 0, 0, 0, 255, 255, 255, 255, 255, 255, 255, 255, 188, 230, 250, 173,
167, 23, 158, 132, 243, 185, 202, 194, 252, 99, 37, 81, 161, 35, 3, 33, 0,
0, 255, 255, 255, 0, 0, 0, 0, 255, 255, 255, 255, 255, 255, 255, 255, 188,
230, 250, 173, 167, 23, 158, 132, 243, 185, 202, 194, 252, 99, 37, 81,
]),
{ name: "ECDSA", namedCurve: "P-256" },
true,
["sign"],
);
}, DOMException);
});

View file

@ -6,46 +6,26 @@
"ecdh_bits.https.any.html": [
"P-521 good parameters",
"P-521 mixed case parameters",
"P-521 with null length",
"P-521 short result",
"P-521 non-multiple of 8 bits",
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveBits usage for base key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key",
"P-521 asking for too many bits"
],
"ecdh_bits.https.any.worker.html": [
"P-521 good parameters",
"P-521 mixed case parameters",
"P-521 with null length",
"P-521 short result",
"P-521 non-multiple of 8 bits",
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveBits usage for base key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key",
"P-521 asking for too many bits"
],
"ecdh_keys.https.any.html": [
"P-521 good parameters",
"P-521 mixed case parameters",
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveKey usage for base key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key"
"P-521 mixed case parameters"
],
"ecdh_keys.https.any.worker.html": [
"P-521 good parameters",
"P-521 mixed case parameters",
"P-521 mismatched curves",
"P-521 public property of algorithm is not an ECDSA public key",
"P-521 no deriveKey usage for base key",
"P-521 public property value is a private key",
"P-521 public property value is a secret key"
"P-521 mixed case parameters"
],
"hkdf.https.any.html?1-1000": true,
"hkdf.https.any.html?1001-2000": true,
@ -87,14 +67,12 @@
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
"X25519 good parameters",
"X25519 mixed case parameters",
"X25519 with null length",
"X25519 short result",
"X25519 non-multiple of 8 bits",
"X25519 mismatched algorithms",
"X25519 no deriveBits usage for base key",
"X448 good parameters",
"X448 mixed case parameters",
"X448 with null length",
"X448 short result",
"X448 non-multiple of 8 bits",
"X448 mismatched algorithms",
@ -118,14 +96,12 @@
"X448 key derivation checks for all-zero value result with a key of order p+1 (=1, order 1)",
"X25519 good parameters",
"X25519 mixed case parameters",
"X25519 with null length",
"X25519 short result",
"X25519 non-multiple of 8 bits",
"X25519 mismatched algorithms",
"X25519 no deriveBits usage for base key",
"X448 good parameters",
"X448 mixed case parameters",
"X448 with null length",
"X448 short result",
"X448 non-multiple of 8 bits",
"X448 mismatched algorithms",
@ -184,6 +160,20 @@
"X448 base key is not a private key",
"X448 public property value is a private key",
"X448 public property value is a secret key"
],
"derived_bits_length.https.any.html": [
"X25519 derivation with 256 as 'length' parameter",
"X25519 derivation with 0 as 'length' parameter",
"X25519 derivation with null as 'length' parameter",
"X25519 derivation with undefined as 'length' parameter",
"X25519 derivation with omitted as 'length' parameter"
],
"derived_bits_length.https.any.worker.html": [
"X25519 derivation with 256 as 'length' parameter",
"X25519 derivation with 0 as 'length' parameter",
"X25519 derivation with null as 'length' parameter",
"X25519 derivation with undefined as 'length' parameter",
"X25519 derivation with omitted as 'length' parameter"
]
},
"digest": {
@ -909,137 +899,43 @@
"historical.any.html": false,
"historical.any.worker.html": false,
"idlharness.https.any.html": [
"Window interface: attribute crypto",
"SubtleCrypto interface: operation deriveBits(AlgorithmIdentifier, CryptoKey, unsigned long)"
"Window interface: attribute crypto"
],
"idlharness.https.any.worker.html": [
"WorkerGlobalScope interface: attribute crypto",
"SubtleCrypto interface: operation deriveBits(AlgorithmIdentifier, CryptoKey, unsigned long)"
"WorkerGlobalScope interface: attribute crypto"
],
"import_export": {
"ec_importKey.https.any.html": [
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [])"
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])"
],
"ec_importKey.https.any.worker.html": [
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"ECDH any JWK alg: P-521 bits (jwk, object(kty, crv, x, y, d, alg), {name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits])",
"Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, false, [])"
"Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])"
],
"rsa_importKey.https.any.html": true,
"rsa_importKey.https.any.worker.html": true,
@ -1276,62 +1172,50 @@
"ECDSA P-384 with SHA-1 verification",
"ECDSA P-384 with SHA-256 verification",
"ECDSA P-384 with SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
"ECDSA P-521 with SHA-1 verification",
"ECDSA P-521 with SHA-256 verification",
"ECDSA P-521 with SHA-384 verification",
"ECDSA P-521 with SHA-512 verification",
"ECDSA P-256 with SHA-1 verification with altered signature after call",
"ECDSA P-256 with SHA-384 verification with altered signature after call",
"ECDSA P-256 with SHA-512 verification with altered signature after call",
"ECDSA P-384 with SHA-1 verification with altered signature after call",
"ECDSA P-384 with SHA-256 verification with altered signature after call",
"ECDSA P-384 with SHA-512 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
"ECDSA P-521 with SHA-1 verification with altered signature after call",
"ECDSA P-521 with SHA-256 verification with altered signature after call",
"ECDSA P-521 with SHA-384 verification with altered signature after call",
"ECDSA P-521 with SHA-512 verification with altered signature after call",
"ECDSA P-256 with SHA-1 with altered plaintext after call",
"ECDSA P-256 with SHA-384 with altered plaintext after call",
"ECDSA P-256 with SHA-512 with altered plaintext after call",
"ECDSA P-384 with SHA-1 with altered plaintext after call",
"ECDSA P-384 with SHA-256 with altered plaintext after call",
"ECDSA P-384 with SHA-512 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-1 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-1 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
"ECDSA P-521 with SHA-1 with altered plaintext after call",
"ECDSA P-521 with SHA-256 with altered plaintext after call",
"ECDSA P-521 with SHA-384 with altered plaintext after call",
"ECDSA P-521 with SHA-512 with altered plaintext after call",
"ECDSA P-256 with SHA-1 round trip",
"ECDSA P-256 with SHA-384 round trip",
"ECDSA P-256 with SHA-512 round trip",
"ECDSA P-384 with SHA-1 round trip",
"ECDSA P-384 with SHA-256 round trip",
"ECDSA P-384 with SHA-512 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-1 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
"ECDSA P-521 with SHA-1 round trip",
"ECDSA P-521 with SHA-256 round trip",
"ECDSA P-521 with SHA-384 round trip",
"ECDSA P-521 with SHA-512 round trip",
"ECDSA P-256 with SHA-1 verification failure due to altered signature",
"ECDSA P-256 with SHA-384 verification failure due to altered signature",
"ECDSA P-256 with SHA-512 verification failure due to altered signature",
"ECDSA P-384 with SHA-1 verification failure due to altered signature",
"ECDSA P-384 with SHA-256 verification failure due to altered signature",
"ECDSA P-384 with SHA-512 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
"ECDSA P-521 with SHA-1 verification failure due to altered signature",
"ECDSA P-521 with SHA-256 verification failure due to altered signature",
"ECDSA P-521 with SHA-384 verification failure due to altered signature",
"ECDSA P-521 with SHA-512 verification failure due to altered signature",
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
"ECDSA P-256 with SHA-384 verification failure due to wrong hash",
"ECDSA P-256 with SHA-512 verification failure due to wrong hash",
@ -1339,34 +1223,30 @@
"ECDSA P-384 with SHA-256 verification failure due to wrong hash",
"ECDSA P-384 with SHA-384 verification failure due to wrong hash",
"ECDSA P-384 with SHA-512 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
"ECDSA P-521 with SHA-1 verification failure due to wrong hash",
"ECDSA P-521 with SHA-256 verification failure due to wrong hash",
"ECDSA P-521 with SHA-384 verification failure due to wrong hash",
"ECDSA P-521 with SHA-512 verification failure due to wrong hash",
"ECDSA P-256 with SHA-1 verification failure due to shortened signature",
"ECDSA P-256 with SHA-384 verification failure due to shortened signature",
"ECDSA P-256 with SHA-512 verification failure due to shortened signature",
"ECDSA P-384 with SHA-1 verification failure due to shortened signature",
"ECDSA P-384 with SHA-256 verification failure due to shortened signature",
"ECDSA P-384 with SHA-512 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
"ECDSA P-521 with SHA-1 verification failure due to shortened signature",
"ECDSA P-521 with SHA-256 verification failure due to shortened signature",
"ECDSA P-521 with SHA-384 verification failure due to shortened signature",
"ECDSA P-521 with SHA-512 verification failure due to shortened signature",
"ECDSA P-256 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-384 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-512 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-1 - The signature was truncated by 1 byte verification",
"ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
@ -1409,42 +1289,34 @@
"ECDSA P-384 with SHA-512 - Signature has excess padding verification",
"ECDSA P-384 with SHA-512 - The signature is empty verification",
"ECDSA P-384 with SHA-512 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-1 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-256 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-384 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-512 verifying with wrong algorithm name"
"ECDSA P-521 with SHA-1 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-1 - Signature has excess padding verification",
"ECDSA P-521 with SHA-1 - The signature is empty verification",
"ECDSA P-521 with SHA-1 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-256 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-256 - Signature has excess padding verification",
"ECDSA P-521 with SHA-256 - The signature is empty verification",
"ECDSA P-521 with SHA-256 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-384 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-384 - Signature has excess padding verification",
"ECDSA P-521 with SHA-384 - The signature is empty verification",
"ECDSA P-521 with SHA-384 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-512 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-512 - Signature has excess padding verification",
"ECDSA P-521 with SHA-512 - The signature is empty verification",
"ECDSA P-521 with SHA-512 - The signature is all zeroes verification"
],
"ecdsa.https.any.worker.html": [
"ECDSA P-256 with SHA-1 verification",
@ -1453,62 +1325,50 @@
"ECDSA P-384 with SHA-1 verification",
"ECDSA P-384 with SHA-256 verification",
"ECDSA P-384 with SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification",
"ECDSA P-521 with SHA-1 verification",
"ECDSA P-521 with SHA-256 verification",
"ECDSA P-521 with SHA-384 verification",
"ECDSA P-521 with SHA-512 verification",
"ECDSA P-256 with SHA-1 verification with altered signature after call",
"ECDSA P-256 with SHA-384 verification with altered signature after call",
"ECDSA P-256 with SHA-512 verification with altered signature after call",
"ECDSA P-384 with SHA-1 verification with altered signature after call",
"ECDSA P-384 with SHA-256 verification with altered signature after call",
"ECDSA P-384 with SHA-512 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification with altered signature after call",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification with altered signature after call",
"ECDSA P-521 with SHA-1 verification with altered signature after call",
"ECDSA P-521 with SHA-256 verification with altered signature after call",
"ECDSA P-521 with SHA-384 verification with altered signature after call",
"ECDSA P-521 with SHA-512 verification with altered signature after call",
"ECDSA P-256 with SHA-1 with altered plaintext after call",
"ECDSA P-256 with SHA-384 with altered plaintext after call",
"ECDSA P-256 with SHA-512 with altered plaintext after call",
"ECDSA P-384 with SHA-1 with altered plaintext after call",
"ECDSA P-384 with SHA-256 with altered plaintext after call",
"ECDSA P-384 with SHA-512 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-256 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-384 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-512 with altered plaintext after call",
"importVectorKeys step: ECDSA P-521 with SHA-1 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-256 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-384 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-512 using privateKey to verify",
"importVectorKeys step: ECDSA P-521 with SHA-1 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-256 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-384 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-512 using publicKey to sign",
"importVectorKeys step: ECDSA P-521 with SHA-1 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-256 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-384 no verify usage",
"importVectorKeys step: ECDSA P-521 with SHA-512 no verify usage",
"ECDSA P-521 with SHA-1 with altered plaintext after call",
"ECDSA P-521 with SHA-256 with altered plaintext after call",
"ECDSA P-521 with SHA-384 with altered plaintext after call",
"ECDSA P-521 with SHA-512 with altered plaintext after call",
"ECDSA P-256 with SHA-1 round trip",
"ECDSA P-256 with SHA-384 round trip",
"ECDSA P-256 with SHA-512 round trip",
"ECDSA P-384 with SHA-1 round trip",
"ECDSA P-384 with SHA-256 round trip",
"ECDSA P-384 with SHA-512 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-1 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-256 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-384 round trip",
"importVectorKeys step: ECDSA P-521 with SHA-512 round trip",
"ECDSA P-521 with SHA-1 round trip",
"ECDSA P-521 with SHA-256 round trip",
"ECDSA P-521 with SHA-384 round trip",
"ECDSA P-521 with SHA-512 round trip",
"ECDSA P-256 with SHA-1 verification failure due to altered signature",
"ECDSA P-256 with SHA-384 verification failure due to altered signature",
"ECDSA P-256 with SHA-512 verification failure due to altered signature",
"ECDSA P-384 with SHA-1 verification failure due to altered signature",
"ECDSA P-384 with SHA-256 verification failure due to altered signature",
"ECDSA P-384 with SHA-512 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered signature",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered signature",
"ECDSA P-521 with SHA-1 verification failure due to altered signature",
"ECDSA P-521 with SHA-256 verification failure due to altered signature",
"ECDSA P-521 with SHA-384 verification failure due to altered signature",
"ECDSA P-521 with SHA-512 verification failure due to altered signature",
"ECDSA P-256 with SHA-256 verification failure due to wrong hash",
"ECDSA P-256 with SHA-384 verification failure due to wrong hash",
"ECDSA P-256 with SHA-512 verification failure due to wrong hash",
@ -1516,34 +1376,30 @@
"ECDSA P-384 with SHA-256 verification failure due to wrong hash",
"ECDSA P-384 with SHA-384 verification failure due to wrong hash",
"ECDSA P-384 with SHA-512 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to wrong hash",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to bad hash name",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to bad hash name",
"ECDSA P-521 with SHA-1 verification failure due to wrong hash",
"ECDSA P-521 with SHA-256 verification failure due to wrong hash",
"ECDSA P-521 with SHA-384 verification failure due to wrong hash",
"ECDSA P-521 with SHA-512 verification failure due to wrong hash",
"ECDSA P-256 with SHA-1 verification failure due to shortened signature",
"ECDSA P-256 with SHA-384 verification failure due to shortened signature",
"ECDSA P-256 with SHA-512 verification failure due to shortened signature",
"ECDSA P-384 with SHA-1 verification failure due to shortened signature",
"ECDSA P-384 with SHA-256 verification failure due to shortened signature",
"ECDSA P-384 with SHA-512 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to shortened signature",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to shortened signature",
"ECDSA P-521 with SHA-1 verification failure due to shortened signature",
"ECDSA P-521 with SHA-256 verification failure due to shortened signature",
"ECDSA P-521 with SHA-384 verification failure due to shortened signature",
"ECDSA P-521 with SHA-512 verification failure due to shortened signature",
"ECDSA P-256 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-384 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-256 verification failure due to altered plaintext",
"ECDSA P-384 with SHA-512 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
"importVectorKeys step: ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-1 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-256 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-384 verification failure due to altered plaintext",
"ECDSA P-521 with SHA-512 verification failure due to altered plaintext",
"ECDSA P-256 with SHA-1 - The signature was truncated by 1 byte verification",
"ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
@ -1586,42 +1442,34 @@
"ECDSA P-384 with SHA-512 - Signature has excess padding verification",
"ECDSA P-384 with SHA-512 - The signature is empty verification",
"ECDSA P-384 with SHA-512 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-256 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-384 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was truncated by 1 byte verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - Signature has excess padding verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature is empty verification",
"importVectorKeys step: ECDSA P-521 with SHA-512 - The signature is all zeroes verification",
"importVectorKeys step: ECDSA P-521 with SHA-1 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-256 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-384 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-512 signing with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-1 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-256 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-384 verifying with wrong algorithm name",
"importVectorKeys step: ECDSA P-521 with SHA-512 verifying with wrong algorithm name"
"ECDSA P-521 with SHA-1 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-1 - Signature has excess padding verification",
"ECDSA P-521 with SHA-1 - The signature is empty verification",
"ECDSA P-521 with SHA-1 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-256 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-256 - Signature has excess padding verification",
"ECDSA P-521 with SHA-256 - The signature is empty verification",
"ECDSA P-521 with SHA-256 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-384 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification",
"ECDSA P-521 with SHA-384 - Signature has excess padding verification",
"ECDSA P-521 with SHA-384 - The signature is empty verification",
"ECDSA P-521 with SHA-384 - The signature is all zeroes verification",
"ECDSA P-521 with SHA-512 - The signature was truncated by 1 byte verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification",
"ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification",
"ECDSA P-521 with SHA-512 - Signature has excess padding verification",
"ECDSA P-521 with SHA-512 - The signature is empty verification",
"ECDSA P-521 with SHA-512 - The signature is all zeroes verification"
],
"hmac.https.any.html": true,
"hmac.https.any.worker.html": true,
@ -1642,13 +1490,7 @@
"EdDSA Ed448 verification failure due to altered signature",
"EdDSA Ed448 verification failure due to shortened signature",
"EdDSA Ed448 verification failure due to altered data",
"Sign and verify using generated Ed448 keys.",
"Ed25519 Verification checks with small-order key of order - Test 0",
"Ed25519 Verification checks with small-order key of order - Test 1",
"Ed25519 Verification checks with small-order key of order - Test 2",
"Ed25519 Verification checks with small-order key of order - Test 11",
"Ed25519 Verification checks with small-order key of order - Test 12",
"Ed25519 Verification checks with small-order key of order - Test 13"
"Sign and verify using generated Ed448 keys."
],
"eddsa.https.any.worker.html": [
"EdDSA Ed448 verification",
@ -1663,7 +1505,17 @@
"EdDSA Ed448 verification failure due to altered signature",
"EdDSA Ed448 verification failure due to shortened signature",
"EdDSA Ed448 verification failure due to altered data",
"Sign and verify using generated Ed448 keys.",
"Sign and verify using generated Ed448 keys."
],
"eddsa_small_order_points.https.any.html": [
"Ed25519 Verification checks with small-order key of order - Test 0",
"Ed25519 Verification checks with small-order key of order - Test 1",
"Ed25519 Verification checks with small-order key of order - Test 2",
"Ed25519 Verification checks with small-order key of order - Test 11",
"Ed25519 Verification checks with small-order key of order - Test 12",
"Ed25519 Verification checks with small-order key of order - Test 13"
],
"eddsa_small_order_points.https.any.worker.html": [
"Ed25519 Verification checks with small-order key of order - Test 0",
"Ed25519 Verification checks with small-order key of order - Test 1",
"Ed25519 Verification checks with small-order key of order - Test 2",