feat(ext/crypto): initial support for p521 in `generateKey` and `importKey` (#21815)

Part 1 of a potential 3 part series. Ref #13449 The current implementation passes key material back and forth RustCrypto group of crates and ring. ring does not implement p521 yet. This PR adds support for P521 named curve in `generateKey` and `importKey` where we use RustCrypto. Other parts should be moved over to the RustGroup group of crates for consistency.
author: Divy Srivastava <dj.srivastava23@gmail.com> 2024-01-06 16:48:31 +0530
committer: GitHub <noreply@github.com> 2024-01-06 16:48:31 +0530
commit: bfd5f1598cc462b460791fdfca9bb6c2c69fec9b (patch)
tree: 93dfa9f650d07351d76e2202b7a4f7930727271b
parent: 1d46ee5129dc5c674a7a4b6ad3a40243de4de2a0 (diff)
7 files changed, 98 insertions, 158 deletions
diff --git a/Cargo.lock b/Cargo.lock
index f4f6c0060..fabd5ff62 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1218,6 +1218,7 @@ dependencies = [
  "once_cell",
  "p256",
  "p384",
+ "p521",
  "rand",
  "ring",
  "rsa",
@@ -4116,6 +4117,20 @@ dependencies = [
 ]
 
 [[package]]
+name = "p521"
+version = "0.13.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0fc9e2161f1f215afdfce23677034ae137bbd45016a880c2eb3ba8eb95f085b2"
+dependencies = [
+ "base16ct",
+ "ecdsa",
+ "elliptic-curve",
+ "primeorder",
+ "rand_core",
+ "sha2",
+]
+
+[[package]]
 name = "parking_lot"
 version = "0.11.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts
index 4e1a31eaa..829330eba 100644
--- a/cli/tests/unit/webcrypto_test.ts
+++ b/cli/tests/unit/webcrypto_test.ts
@@ -2006,3 +2006,42 @@ Deno.test(async function testHmacJwkImport() {
     ["sign", "verify"],
   );
 });
+
+Deno.test(async function p521Import() {
+  const jwk = {
+    "crv": "P-521",
+    "ext": true,
+    "key_ops": [
+      "verify",
+    ],
+    "kty": "EC",
+    "x":
+      "AXkSI8nfkc6bu3fifXGuKKbu08g5LKPfxUNQJJYzzPgmN8XLDzx0C9Sdeejl1XoWGrheKPHl0k4tUmHw0cdInpfj",
+    "y":
+      "AT4vjsO0bzVRlN3Wthv9DewncDXS2tlTob5QojV8WX1GzOAikRfWFEP3nspoSv88U447acZAsk5IvgGJuVjgMDlx",
+  };
+  const algorithm = { name: "ECDSA", namedCurve: "P-521" };
+
+  const key = await crypto.subtle.importKey(
+    "jwk",
+    jwk,
+    algorithm,
+    true,
+    ["verify"],
+  );
+
+  assert(key instanceof CryptoKey);
+});
+
+Deno.test(async function p521Generate() {
+  const algorithm = { name: "ECDSA", namedCurve: "P-521" };
+
+  const key = await crypto.subtle.generateKey(
+    algorithm,
+    true,
+    ["sign", "verify"],
+  );
+
+  assert(key.privateKey instanceof CryptoKey);
+  assert(key.publicKey instanceof CryptoKey);
+});
diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js
index 06dd0f41a..d2949eb62 100644
--- a/ext/crypto/00_crypto.js
+++ b/ext/crypto/00_crypto.js
@@ -63,8 +63,7 @@ const {
   isDataView,
 } = core;
 
-// P-521 is not yet supported.
-const supportedNamedCurves = ["P-256", "P-384"];
+const supportedNamedCurves = ["P-256", "P-384", "P-521"];
 const recognisedUsages = [
   "encrypt",
   "decrypt",
diff --git a/ext/crypto/Cargo.toml b/ext/crypto/Cargo.toml
index 2ac35c4e0..9896bde0b 100644
--- a/ext/crypto/Cargo.toml
+++ b/ext/crypto/Cargo.toml
@@ -30,6 +30,7 @@ num-traits = "0.2.14"
 once_cell.workspace = true
 p256 = { version = "0.13.2", features = ["ecdh"] }
 p384 = "0.13.0"
+p521 = "0.13.3"
 rand.workspace = true
 ring = { workspace = true, features = ["std"] }
 rsa.workspace = true
diff --git a/ext/crypto/generate_key.rs b/ext/crypto/generate_key.rs
index 074558532..43aea2c70 100644
--- a/ext/crypto/generate_key.rs
+++ b/ext/crypto/generate_key.rs
@@ -84,11 +84,17 @@ fn generate_key_rsa(
   Ok(private_key.as_bytes().to_vec())
 }
 
+fn generate_key_ec_p521() -> Vec<u8> {
+  let mut rng = OsRng;
+  let key = p521::SecretKey::random(&mut rng);
+  key.to_nonzero_scalar().to_bytes().to_vec()
+}
+
 fn generate_key_ec(named_curve: EcNamedCurve) -> Result<Vec<u8>, AnyError> {
   let curve = match named_curve {
     EcNamedCurve::P256 => &ring::signature::ECDSA_P256_SHA256_FIXED_SIGNING,
     EcNamedCurve::P384 => &ring::signature::ECDSA_P384_SHA384_FIXED_SIGNING,
-    _ => return Err(not_supported_error("Unsupported named curve")),
+    EcNamedCurve::P521 => return Ok(generate_key_ec_p521()),
   };
 
   let rng = ring::rand::SystemRandom::new();
diff --git a/ext/crypto/import_key.rs b/ext/crypto/import_key.rs
index 409ffe7be..7b06cae99 100644
--- a/ext/crypto/import_key.rs
+++ b/ext/crypto/import_key.rs
@@ -520,7 +520,12 @@ fn import_key_ec_jwk_to_point(
 
       p384::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
     }
-    _ => return Err(not_supported_error("Unsupported named curve")),
+    EcNamedCurve::P521 => {
+      let x = decode_b64url_to_field_bytes::<p521::NistP521>(&x)?;
+      let y = decode_b64url_to_field_bytes::<p521::NistP521>(&y)?;
+
+      p521::EncodedPoint::from_affine_coordinates(&x, &y, false).to_bytes()
+    }
   };
 
   Ok(point_bytes.to_vec())
@@ -629,7 +634,15 @@ fn import_key_ec(
             return Err(data_error("invalid P-384 elliptic curve point"));
           }
         }
-        _ => return Err(not_supported_error("Unsupported named curve")),
+        EcNamedCurve::P521 => {
+          // 1-2.
+          let point = p521::EncodedPoint::from_bytes(&data)
+            .map_err(|_| data_error("invalid P-521 elliptic curve point"))?;
+          // 3.
+          if point.is_identity() {
+            return Err(data_error("invalid P-521 elliptic curve point"));
+          }
+        }
       };
       Ok(ImportKeyResult::Ec {
         raw_data: RustRawKeyData::Public(data.to_vec().into()),
@@ -755,7 +768,18 @@ fn import_key_ec(
 
             point.as_bytes().len()
           }
-          _ => return Err(not_supported_error("Unsupported named curve")),
+          EcNamedCurve::P521 => {
+            let point =
+              p521::EncodedPoint::from_bytes(&*encoded_key).map_err(|_| {
+                data_error("invalid P-521 elliptic curve SPKI data")
+              })?;
+
+            if point.is_identity() {
+              return Err(data_error("invalid P-521 elliptic curve point"));
+            }
+
+            point.as_bytes().len()
+          }
         };
 
         if bytes_consumed != pk_info.subject_public_key.raw_bytes().len() {
diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json
index 2c9aa8ceb..f473eef20 100644
--- a/tools/wpt/expectation.json
+++ b/tools/wpt/expectation.json
@@ -12,7 +12,6 @@
         "P-521 mismatched curves",
         "P-521 public property of algorithm is not an ECDSA public key",
         "P-521 no deriveBits usage for base key",
-        "P-521 base key is not a private key",
         "P-521 public property value is a private key",
         "P-521 public property value is a secret key",
         "P-521 asking for too many bits"
@@ -26,7 +25,6 @@
         "P-521 mismatched curves",
         "P-521 public property of algorithm is not an ECDSA public key",
         "P-521 no deriveBits usage for base key",
-        "P-521 base key is not a private key",
         "P-521 public property value is a private key",
         "P-521 public property value is a secret key",
         "P-521 asking for too many bits"
@@ -37,7 +35,6 @@
         "P-521 mismatched curves",
         "P-521 public property of algorithm is not an ECDSA public key",
         "P-521 no deriveKey usage for base key",
-        "P-521 base key is not a private key",
         "P-521 public property value is a private key",
         "P-521 public property value is a secret key"
       ],
@@ -47,7 +44,6 @@
         "P-521 mismatched curves",
         "P-521 public property of algorithm is not an ECDSA public key",
         "P-521 no deriveKey usage for base key",
-        "P-521 base key is not a private key",
         "P-521 public property value is a private key",
         "P-521 public property value is a secret key"
       ],
@@ -699,22 +695,10 @@
       "failures_AES-GCM.https.any.worker.html": true,
       "failures_AES-KW.https.any.html": true,
       "failures_AES-KW.https.any.worker.html": true,
-      "failures_ECDH.https.any.html": [
-        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])",
-        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])"
-      ],
-      "failures_ECDH.https.any.worker.html": [
-        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, false, [])",
-        "Empty usages: generateKey({name: ECDH, namedCurve: P-521}, true, [])"
-      ],
-      "failures_ECDSA.https.any.html": [
-        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])",
-        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])"
-      ],
-      "failures_ECDSA.https.any.worker.html": [
-        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, false, [])",
-        "Empty usages: generateKey({name: ECDSA, namedCurve: P-521}, true, [])"
-      ],
+      "failures_ECDH.https.any.html": true,
+      "failures_ECDH.https.any.worker.html": true,
+      "failures_ECDSA.https.any.html": true,
+      "failures_ECDSA.https.any.worker.html": true,
       "failures_HMAC.https.any.html": true,
       "failures_HMAC.https.any.worker.html": true,
       "failures_RSA-OAEP.https.any.html": true,
@@ -733,98 +717,10 @@
       "successes_AES-KW.https.any.worker.html": true,
       "successes_HMAC.https.any.html": true,
       "successes_HMAC.https.any.worker.html": true,
-      "successes_ECDH.https.any.html": [
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])"
-      ],
-      "successes_ECDH.https.any.worker.html": [
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits, deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits, deriveKey])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, false, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])",
-        "Success: generateKey({name: Ecdh, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits, deriveKey, deriveBits])"
-      ],
-      "successes_ECDSA.https.any.html": [
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])"
-      ],
-      "successes_ECDSA.https.any.worker.html": [
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ECDSA, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [verify, sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [verify, sign])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, false, [sign, verify, sign, sign, verify])",
-        "Success: generateKey({name: Ecdsa, namedCurve: P-521}, true, [sign, verify, sign, sign, verify])"
-      ],
+      "successes_ECDH.https.any.html": true,
+      "successes_ECDH.https.any.worker.html": true,
+      "successes_ECDSA.https.any.html": true,
+      "successes_ECDSA.https.any.worker.html": true,
       "successes_RSA-OAEP.https.any.html?1-10": true,
       "successes_RSA-OAEP.https.any.html?101-110": true,
       "successes_RSA-OAEP.https.any.html?11-20": true,
@@ -1061,21 +957,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
         "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
         "Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
@@ -1109,11 +990,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
         "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
@@ -1167,21 +1043,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])",
         "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])",
         "Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])",
@@ -1215,11 +1076,6 @@
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveBits])",
         "Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [deriveKey, deriveBits, deriveKey, deriveBits])",
         "Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDH, namedCurve: P-521}, true, [])",
-        "Good parameters: P-521 bits (spki, buffer(158), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(133), {name: ECDH, namedCurve: P-521}, false, [])",
-        "Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDH, namedCurve: P-521}, false, [])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveKey])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits, deriveKey])",
         "Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDH, namedCurve: P-521}, false, [deriveBits])",
author	Divy Srivastava <dj.srivastava23@gmail.com>	2024-01-06 16:48:31 +0530
committer	GitHub <noreply@github.com>	2024-01-06 16:48:31 +0530
commit	bfd5f1598cc462b460791fdfca9bb6c2c69fec9b (patch)
tree	93dfa9f650d07351d76e2202b7a4f7930727271b
parent	1d46ee5129dc5c674a7a4b6ad3a40243de4de2a0 (diff)