From 8f182e4a9b149f13f703f26a85778ee8e5921db8 Mon Sep 17 00:00:00 2001 From: CPlusSharp Date: Sat, 13 Nov 2021 01:46:31 +0100 Subject: [PATCH] Sign/Verify Operations for ECDSA also an Operation for ECDSA signature conversion, as there could be multiple formats of the signature --- src/core/config/Categories.json | 3 + src/core/operations/ECDSASign.mjs | 100 +++++ .../operations/ECDSASignatureConversion.mjs | 106 +++++ src/core/operations/ECDSAVerify.mjs | 120 ++++++ tests/operations/index.mjs | 1 + tests/operations/tests/ECDSA.mjs | 397 ++++++++++++++++++ 6 files changed, 727 insertions(+) create mode 100644 src/core/operations/ECDSASign.mjs create mode 100644 src/core/operations/ECDSASignatureConversion.mjs create mode 100644 src/core/operations/ECDSAVerify.mjs create mode 100644 tests/operations/tests/ECDSA.mjs diff --git a/src/core/config/Categories.json b/src/core/config/Categories.json index 53b8a2f0..98d35bbd 100644 --- a/src/core/config/Categories.json +++ b/src/core/config/Categories.json @@ -180,6 +180,9 @@ "RSA Encrypt", "RSA Decrypt", "Generate ECDSA Key Pair", + "ECDSA Signature Conversion", + "ECDSA Sign", + "ECDSA Verify", "Parse SSH Host Key", "Parse CSR" ] diff --git a/src/core/operations/ECDSASign.mjs b/src/core/operations/ECDSASign.mjs new file mode 100644 index 00000000..d7bd32e0 --- /dev/null +++ b/src/core/operations/ECDSASign.mjs @@ -0,0 +1,100 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Sign operation + */ +class ECDSASign extends Operation { + + /** + * ECDSASign constructor + */ + constructor() { + super(); + + this.name = "ECDSA Sign"; + this.module = "Ciphers"; + this.description = "Sign a plaintext message with a PEM encoded EC key."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "ECDSA Private Key (PEM)", + type: "text", + value: "-----BEGIN EC PRIVATE KEY-----" + }, + { + name: "Message Digest Algorithm", + type: "option", + value: [ + "SHA-256", + "SHA-384", + "SHA-512", + "SHA-1", + "MD5" + ] + }, + { + name: "Output Format", + type: "option", + value: [ + "ASN.1 HEX", + "Concat HEX", + "JSON" + ] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + const [keyPem, mdAlgo, outputFormat] = args; + + if (keyPem.replace("-----BEGIN EC PRIVATE KEY-----", "").length === 0) { + throw new OperationError("Please enter a private key."); + } + + const internalAlgorithmName = mdAlgo.replace("-", "") + "withECDSA"; + const sig = new r.KJUR.crypto.Signature({ alg: internalAlgorithmName }); + const key = r.KEYUTIL.getKey(keyPem); + if (key.type !== "EC") { + throw new OperationError("Provided key is not an EC key."); + } + if (!key.isPrivate) { + throw new OperationError("Provided key is not a private key."); + } + sig.init(key); + const signatureASN1Hex = sig.signString(input); + + let result; + switch (outputFormat) { + case "ASN.1 HEX": + result = signatureASN1Hex; + break; + case "Concat HEX": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + break; + case "JSON": { + const signatureRS = r.KJUR.crypto.ECDSA.parseSigHexInHexRS(signatureASN1Hex); + result = JSON.stringify(signatureRS); + break; + } + } + + return result; + } +} + +export default ECDSASign; diff --git a/src/core/operations/ECDSASignatureConversion.mjs b/src/core/operations/ECDSASignatureConversion.mjs new file mode 100644 index 00000000..fe5dc3c2 --- /dev/null +++ b/src/core/operations/ECDSASignatureConversion.mjs @@ -0,0 +1,106 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Sign operation + */ +class ECDSASignatureConversion extends Operation { + + /** + * ECDSASignatureConversion constructor + */ + constructor() { + super(); + + this.name = "ECDSA Signature Conversion"; + this.module = "Ciphers"; + this.description = "Convert an ECDSA signature between hex, asn1 and json."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input Format", + type: "option", + value: [ + "Auto", + "ASN.1 HEX", + "Concat HEX", + "JSON" + ] + }, + { + name: "Output Format", + type: "option", + value: [ + "ASN.1 HEX", + "Concat HEX", + "JSON" + ] + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let inputFormat = args[0]; + const outputFormat = args[1]; + + // detect input format + if (inputFormat === "Auto") { + if (input.substr(0, 2) === "30" && r.ASN1HEX.isASN1HEX(input)) { + inputFormat = "ASN.1 HEX"; + } else if (input.indexOf("{") !== -1) { + inputFormat = "JSON"; + } else { + inputFormat = "Concat HEX"; + } + } + + // convert input to ASN.1 hex + let signatureASN1Hex; + switch (inputFormat) { + case "ASN.1 HEX": + signatureASN1Hex = input; + break; + case "Concat HEX": + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(input); + break; + case "JSON": { + const inputJson = JSON.parse(input); + signatureASN1Hex = r.KJUR.crypto.ECDSA.hexRSSigToASN1Sig(inputJson.r, inputJson.s); + break; + } + } + + // convert ASN.1 hex to output format + let result; + switch (outputFormat) { + case "ASN.1 HEX": + result = signatureASN1Hex; + break; + case "Concat HEX": + result = r.KJUR.crypto.ECDSA.asn1SigToConcatSig(signatureASN1Hex); + break; + case "JSON": { + const signatureRS = r.KJUR.crypto.ECDSA.parseSigHexInHexRS(signatureASN1Hex); + result = JSON.stringify(signatureRS); + break; + } + } + + return result; + } +} + +export default ECDSASignatureConversion; diff --git a/src/core/operations/ECDSAVerify.mjs b/src/core/operations/ECDSAVerify.mjs new file mode 100644 index 00000000..68e3a1aa --- /dev/null +++ b/src/core/operations/ECDSAVerify.mjs @@ -0,0 +1,120 @@ +/** + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ + +import Operation from "../Operation.mjs"; +import OperationError from "../errors/OperationError.mjs"; +import r from "jsrsasign"; + +/** + * ECDSA Verify operation + */ +class ECDSAVerify extends Operation { + + /** + * ECDSAVerify constructor + */ + constructor() { + super(); + + this.name = "ECDSA Verify"; + this.module = "Ciphers"; + this.description = "Verify a message against a signature and a public PEM encoded EC key."; + this.infoURL = "https://wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm"; + this.inputType = "string"; + this.outputType = "string"; + this.args = [ + { + name: "Input Format", + type: "option", + value: [ + "Auto", + "ASN.1 HEX", + "Concat HEX", + "JSON" + ] + }, + { + name: "Message Digest Algorithm", + type: "option", + value: [ + "SHA-256", + "SHA-384", + "SHA-512", + "SHA-1", + "MD5" + ] + }, + { + name: "ECDSA Public Key (PEM)", + type: "text", + value: "-----BEGIN PUBLIC KEY-----" + }, + { + name: "Message", + type: "text", + value: "" + } + ]; + } + + /** + * @param {string} input + * @param {Object[]} args + * @returns {string} + */ + run(input, args) { + let inputFormat = args[0]; + const [, mdAlgo, keyPem, msg] = args; + + if (keyPem.replace("-----BEGIN PUBLIC KEY-----", "").length === 0) { + throw new OperationError("Please enter a public key."); + } + + // detect input format + if (inputFormat === "Auto") { + if (input.substr(0, 2) === "30" && r.ASN1HEX.isASN1HEX(input)) { + inputFormat = "ASN.1 HEX"; + } else if (input.indexOf("{") !== -1) { + inputFormat = "JSON"; + } else { + inputFormat = "Concat HEX"; + } + } + + // convert to ASN.1 signature + let signatureASN1Hex; + switch (inputFormat) { + case "ASN.1 HEX": + signatureASN1Hex = input; + break; + case "Concat HEX": + signatureASN1Hex = r.KJUR.crypto.ECDSA.concatSigToASN1Sig(input); + break; + case "JSON": { + const inputJson = JSON.parse(input); + signatureASN1Hex = r.KJUR.crypto.ECDSA.hexRSSigToASN1Sig(inputJson.r, inputJson.s); + break; + } + } + + // verify signature + const internalAlgorithmName = mdAlgo.replace("-", "") + "withECDSA"; + const sig = new r.KJUR.crypto.Signature({ alg: internalAlgorithmName }); + const key = r.KEYUTIL.getKey(keyPem); + if (key.type !== "EC") { + throw new OperationError("Provided key is not an EC key."); + } + if (!key.isPublic) { + throw new OperationError("Provided key is not a public key."); + } + sig.init(key); + sig.updateString(msg); + const result = sig.verify(signatureASN1Hex); + return result ? "Verified OK" : "Verification Failure"; + } +} + +export default ECDSAVerify; diff --git a/tests/operations/index.mjs b/tests/operations/index.mjs index ab6dac68..96ede7a3 100644 --- a/tests/operations/index.mjs +++ b/tests/operations/index.mjs @@ -59,6 +59,7 @@ import "./tests/Crypt.mjs"; import "./tests/CSV.mjs"; import "./tests/DateTime.mjs"; import "./tests/DefangIP.mjs"; +import "./tests/ECDSA.mjs"; import "./tests/ELFInfo.mjs"; import "./tests/Enigma.mjs"; import "./tests/ExtractEmailAddresses.mjs"; diff --git a/tests/operations/tests/ECDSA.mjs b/tests/operations/tests/ECDSA.mjs new file mode 100644 index 00000000..dd3013d3 --- /dev/null +++ b/tests/operations/tests/ECDSA.mjs @@ -0,0 +1,397 @@ +/** + * ECDSA tests. + * + * @author cplussharp + * @copyright Crown Copyright 2021 + * @license Apache-2.0 + */ +import TestRegister from "../../lib/TestRegister.mjs"; +import { ASCII_TEXT } from "../../samples/Ciphers.mjs"; + +const P256 = { + // openssl ecparam -name prime256v1 -genkey -noout -out p256.priv.key + privateKeyPkcs1: `-----BEGIN EC PRIVATE KEY----- +MHcCAQEEINtTjwUkgfAiSwqgcGAXWyE0ueIW6n2k395dmQZ3vGr4oAoGCCqGSM49 +AwEHoUQDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJgusgcAE8H6810fkJ8ZmTNiCC +a6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END EC PRIVATE KEY-----`, + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg21OPBSSB8CJLCqBw +YBdbITS54hbqfaTf3l2ZBne8avihRANCAAQNRzwDQQM0qgJgg9YwfPXJTOoTmYmC +6yBwATwfrzXR+QnxmZM2IIJrqwuBHa8PVU2HZ2KKtaAo8fg9Uwpq/l7p +-----END PRIVATE KEY-----`, + + // openssl ec -in p256.priv.key -pubout -out p256.pub.key + publicKey: `-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDUc8A0EDNKoCYIPWMHz1yUzqE5mJ +gusgcAE8H6810fkJ8ZmTNiCCa6sLgR2vD1VNh2diirWgKPH4PVMKav5e6Q== +-----END PUBLIC KEY-----`, + + signature: { + sha256: { + asn1: "3046022100e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127022100b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d", + concat: "e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d", + json: `{"r":"00e06905608a2fa7dbda9e284c2a7959dfb68fb527a5f003b2d7975ff135145127","s":"00b6baa253793334f8b93ea1dd622bc600124d8090babd807efe3f77b8b324388d"}` + } + } +}; + +// openssl pkcs8 -topk8 -in p256.priv.key -out p256.enc-priv.key -v2 des3 -v2prf hmacWithSHA1 -passout pass:Test1234 +/* const PEM_PRIV_P256_ENCRYPTED_PASS = "Test1234"; +const PEM_PRIV_P256_ENCRYPTED = `-----BEGIN ENCRYPTED PRIVATE KEY----- +MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAg+4ckqI9Q9ZAICCAAw +DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEOnMUW15Hn/ub0OcCCj9lksEgZCk +kxaK4d430lZHovcA4ZeKTt94QcfjnIHRk65aZt93l17l52pv6n/srs3aRo/n5RV+ +wZ5sTLF0925ZQWJB5cIhzc8KQIvguGCX1znLQJJaRHyYOUXIN77AKEfALKAinBit +25paDnbXAqGn1CR3UwFWUZZW+c3UEhWhmpghQpS1tIl0KI6IAvnrGIdw2kKIouo= +-----END ENCRYPTED PRIVATE KEY-----`;*/ + +const P384 = { + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAYo22xn2kZjN8MInom +NDsgD/zhpUwnCYch634jUgO59fN9m2lR5ekaI1XABHz39rihZANiAAQwXoCsPOLv +Nn2STUs/hpL41CQveSL3WUmJ4QdtD7UFCl1mBO6ME0xSUgIQTUNkHt5k9CpOq3x9 +r+LG5+GcisoLn7R54R+bRoGp/p1ZBeuBXoCgthvs+RFoT3OewUmA8oQ= +-----END PRIVATE KEY-----`, + publicKey: `-----BEGIN PUBLIC KEY----- +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMF6ArDzi7zZ9kk1LP4aS+NQkL3ki91lJ +ieEHbQ+1BQpdZgTujBNMUlICEE1DZB7eZPQqTqt8fa/ixufhnIrKC5+0eeEfm0aB +qf6dWQXrgV6AoLYb7PkRaE9znsFJgPKE +-----END PUBLIC KEY-----` +}; + +const P521 = { + privateKeyPkcs8: `-----BEGIN PRIVATE KEY----- +MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAifBaJDqNwOtKgThc +FU34GzPQ73ubOQg9dnighpVGwA3b/KwCifimCNKDmKnXJaE04mEcxg8yzcFKausF +5I8o206hgYkDgYYABAGwpkwrBBlZOdx4u9mxqYxJvtzAHaFFAzl21WQVbAjyrqXe +nFPMkhbFpEEWr1ualPYKQkHe14AX33iU3fQ9MlBkgAAripsPbiKggAaog74cUERo +qbrUFZwMbptGgovpE6pU93h7A1wb3Vtw9DZQCgiNbwzMbdsft+p2RJ8iSxWEC6Gd +mw== +-----END PRIVATE KEY-----`, + publicKey: `-----BEGIN PUBLIC KEY----- +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBsKZMKwQZWTnceLvZsamMSb7cwB2h +RQM5dtVkFWwI8q6l3pxTzJIWxaRBFq9bmpT2CkJB3teAF994lN30PTJQZIAAK4qb +D24ioIAGqIO+HFBEaKm61BWcDG6bRoKL6ROqVPd4ewNcG91bcPQ2UAoIjW8MzG3b +H7fqdkSfIksVhAuhnZs= +-----END PUBLIC KEY-----` +}; + +const PEM_PPRIV_RSA512 = `-----BEGIN RSA PRIVATE KEY----- +MIIBOQIBAAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelMYKtboGLrk6ihtqFPZFRL +NcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQJAOJUpM0lv36MAQR3WAwsF +F7DOy+LnigteCvaNWiNVxZ6jByB5Qb7sall/Qlu9sFI0ZwrlVcKS0kldee7JTYlL +WQIhAP3UKEfOtpTgT1tYmdhaqjxqMfxBom0Ri+rt9ajlzs6vAiEA9L85B8/Gnb7p +6Af7/wpmafL277OV4X4xBfzMR+TUzHUCIBq+VLQkInaTH6lXL3ZtLwyIf9W9MJjf +RWeuRLjT5bM/AiBF7Kw6kx5Hy1fAtydEApCoDIaIjWJw/kC7WTJ0B+jUUQIgV6dw +NSyj0feakeD890gmId+lvl/w/3oUXiczqvl/N9o= +-----END RSA PRIVATE KEY-----`; +const PEM_PUB_RSA512 = `-----BEGIN PUBLIC KEY----- +MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAPKr0Dp6YdItzOfk6a7ma7L4BF4LnelM +YKtboGLrk6ihtqFPZFRLNcJi68Hvnt8stMrP50t6jqwWQ2EjMdkj6fsCAwEAAQ== +-----END PUBLIC KEY-----`; + +TestRegister.addTests([ + { + name: "ECDSA Sign/Verify: P-256 with MD5", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "MD5", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "MD5", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA1", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-1", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-1", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA256", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-256", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA384", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-384", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-384", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-256 with SHA512", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs1, "SHA-512", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-512", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify:: Using a private key in PKCS#8 format works", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.privateKeyPkcs8, "SHA-256", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-384 with SHA384", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P384.privateKeyPkcs8, "SHA-384", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-384", P384.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Sign/Verify: P-521 with SHA512", + input: ASCII_TEXT, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P521.privateKeyPkcs8, "SHA-512", "ASN.1 HEX"] + }, + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-512", P521.publicKey, ASCII_TEXT] + } + ] + }, + + // ECDSA Sign + { + name: "ECDSA Sign: Using public key fails", + input: ASCII_TEXT, + expectedOutput: "Provided key is not a private key.", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [P256.publicKey, "SHA-256", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Sign: Using an RSA key fails", + input: ASCII_TEXT, + expectedOutput: "Provided key is not an EC key.", + recipeConfig: [ + { + "op": "ECDSA Sign", + "args": [PEM_PPRIV_RSA512, "SHA-256", "ASN.1 HEX"] + } + ] + }, + + // ECDSA Verify + { + name: "ECDSA Verify: P-256 with SHA256 (ASN.1 signature)", + input: P256.signature.sha256.asn1, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: P-256 with SHA256 (Concat signature)", + input: P256.signature.sha256.concat, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: P-256 with SHA256 (JSON signature)", + input: P256.signature.sha256.json, + expectedOutput: "Verified OK", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["Auto", "SHA-256", P256.publicKey, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: Using private key fails", + input: P256.signature.sha256.asn1, + expectedOutput: "Provided key is not a public key.", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", P256.privateKeyPkcs1, ASCII_TEXT] + } + ] + }, + { + name: "ECDSA Verify: Using an RSA key fails", + input: P256.signature.sha256.asn1, + expectedOutput: "Provided key is not an EC key.", + recipeConfig: [ + { + "op": "ECDSA Verify", + "args": ["ASN.1 HEX", "SHA-256", PEM_PUB_RSA512, ASCII_TEXT] + } + ] + }, + + // ECDSA Signatur Conversion + { + name: "ECDSA Signature Conversion: ASN.1 To ASN.1", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: ASN.1 To Concat", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.concat, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Concat HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: ASN.1 To JSON", + input: P256.signature.sha256.asn1, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON"] + } + ] + }, + { + name: "ECDSA Signature Conversion: Concat To ASN.1", + input: P256.signature.sha256.concat, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: Concat To Concat", + input: P256.signature.sha256.concat, + expectedOutput: P256.signature.sha256.concat, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Concat HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: Concat To JSON", + input: P256.signature.sha256.concat, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To ASN.1", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.asn1, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "ASN.1 HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To Concat", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.concat, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "Concat HEX"] + } + ] + }, + { + name: "ECDSA Signature Conversion: JSON To JSON", + input: P256.signature.sha256.json, + expectedOutput: P256.signature.sha256.json, + recipeConfig: [ + { + "op": "ECDSA Signature Conversion", + "args": ["Auto", "JSON"] + } + ] + } +]);