Merge pull request kjur#528 from cplussharp/es512

Fix some P-521 problems and add more tests
Schum123 · Nov 29, 2021 · 6bf4f0e · 6bf4f0e
2 parents dd7a376 + 5234f9f
commit 6bf4f0e
Show file tree

Hide file tree

Showing 11 changed files with 413 additions and 47 deletions.
diff --git a/mobile/tool_jwt.html b/mobile/tool_jwt.html
@@ -25,12 +25,13 @@
     case 5: _setKey(z4PrvP5EPem, z4PrvP5EPass); break;
     case 6: _setKey(k1PrvP8PPem, ''); break;
     case 7: _setKey(k6PrvP8PPem, ''); break;
-    case 8: _setKey(z4PrvP5EPem, z4PrvP5EPass); break;
+    case 8: _setKey(k5PrvP8PPem, ''); break;
     case 9: _setKey(z4PrvP5EPem, z4PrvP5EPass); break;
     case 10: _setKey(z4PrvP5EPem, z4PrvP5EPass); break;
-    case 11: _setKey(z4PrvP5PPem, ''); break;
-    case 12: _setKey(z4PrvP8PPem, ''); break;
-    case 13: _setKey(z4PrvP8EPem, z4PrvP8EPass); break;
+    case 11: _setKey(z4PrvP5EPem, z4PrvP5EPass); break;
+    case 12: _setKey(z4PrvP5PPem, ''); break;
+    case 13: _setKey(z4PrvP8PPem, ''); break;
+    case 14: _setKey(z4PrvP8EPem, z4PrvP8EPass); break;
   }
 }
 
@@ -136,9 +137,11 @@
     case 2: _setKey2(z4PubP8Pem); break;
     case 3: _setKey2(z4CertPem); break;
     case 4: _setKey2(k1PubP8Pem); break;
-    case 4: _setKey2(k1CertPem); break;
-    case 5: _setKey2(k6PubP8Pem); break;
-    case 5: _setKey2(k6CertPem); break;
+    case 5: _setKey2(k1CertPem); break;
+    case 6: _setKey2(k6PubP8Pem); break;
+    case 7: _setKey2(k6CertPem); break;
+    case 8: _setKey2(k5PubP8Pem); break;
+    case 9: _setKey2(k5CertPem); break;
   }
 }
 
@@ -307,6 +310,16 @@
 "6xwFR0yaTivuwoyXC+ScGUnwnpaXmid6UUgw4ypbneHsaKuZ9JLdMAo=\n" +
 "-----END PRIVATE KEY-----\n";
 
+var k5PrvP8PPem = "" +
+"-----BEGIN PRIVATE KEY-----\n" +
+"MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBRNEQ8Y1gwDMH8pne\n" +
+"z9uq4ODLE/KTx7eCzMNKlGRIhx/8Mo2+B9ORKPMFk4on0wFW7T+rp7NpXm1wxTOY\n" +
+"HSTf7mWhgYkDgYYABADSmlI0TDURn/W+oZrgkPgC0F/56jGtzDFSTQEodep5E0Sw\n" +
+"KvBrWN48PSbxukE9JdXPm2soe1yc9BC/Km6nrQJhnQDeIhUCoVSA8GTZ0EwL1AcT\n" +
+"5YfKcvwwCdM4lHRU1jYXti4IpC/pggFT3N+IRFmS6M8gTYzvxCZMDUnYHimDB+1p\n" +
+"jw==\n" +
+"-----END PRIVATE KEY-----\n";
+
 // PUBLIC KEY
 var z4PubP8Pem = "" +
 "-----BEGIN PUBLIC KEY-----\n" +
@@ -379,6 +392,30 @@
 "2F8=\n" +
 "-----END CERTIFICATE-----\n";
 
+var k5PubP8Pem = "" +
+"-----BEGIN PUBLIC KEY-----\n" +
+"MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQA0ppSNEw1EZ/1vqGa4JD4AtBf+eox\n" +
+"rcwxUk0BKHXqeRNEsCrwa1jePD0m8bpBPSXVz5trKHtcnPQQvypup60CYZ0A3iIV\n" +
+"AqFUgPBk2dBMC9QHE+WHynL8MAnTOJR0VNY2F7YuCKQv6YIBU9zfiERZkujPIE2M\n" +
+"78QmTA1J2B4pgwftaY8=\n" +
+"-----END PUBLIC KEY-----\n";
+
+var k5CertPem = "" +
+"-----BEGIN CERTIFICATE-----\n" +
+"MIICETCCAXKgAwIBAgIUYcEvdqjSYTHDXGJJMmK76h+q/bYwCgYIKoZIzj0EAwQw\n" +
+"GjELMAkGA1UEBhMCVVMxCzAJBgNVBAoMAks1MB4XDTIxMTEyNzEwMzgyMFoXDTQx\n" +
+"MTEyMjEwMzgyMFowGjELMAkGA1UEBhMCVVMxCzAJBgNVBAoMAks1MIGbMBAGByqG\n" +
+"SM49AgEGBSuBBAAjA4GGAAQA0ppSNEw1EZ/1vqGa4JD4AtBf+eoxrcwxUk0BKHXq\n" +
+"eRNEsCrwa1jePD0m8bpBPSXVz5trKHtcnPQQvypup60CYZ0A3iIVAqFUgPBk2dBM\n" +
+"C9QHE+WHynL8MAnTOJR0VNY2F7YuCKQv6YIBU9zfiERZkujPIE2M78QmTA1J2B4p\n" +
+"gwftaY+jUzBRMB0GA1UdDgQWBBRlDRyXy9CrDdTZW7gEIWipef3DhzAfBgNVHSME\n" +
+"GDAWgBRlDRyXy9CrDdTZW7gEIWipef3DhzAPBgNVHRMBAf8EBTADAQH/MAoGCCqG\n" +
+"SM49BAMEA4GMADCBiAJCAV4C6IirulahutoguAzYfHsFZieP6Z5tqm0ql/bXsDgd\n" +
+"ZqxlrvTrpbHjSZr8vROiDPWaj9umJz2R8EOGk36vTY0MAkIAo2TRkneSYP3ZDjSh\n" +
+"+29UnKQBS2/JazRBJ5ztk58L+4UkPInmj4lWXk3Rzhi8h2lKWVPK/5oq1KcvvHpd\n" +
+"JPZcEXw=\n" +
+"-----END CERTIFICATE-----\n";
+
 </script>
 
 </head>
@@ -462,6 +499,7 @@ <h2>(Step2) Choose issuer key and JWS signing algorithm.</h2>
 <option value="RS512"/> RS512 (SHA512withRSA RSA2048bit:z4) with default private key
 <option value="ES256"/> ES256 (SHA256withECDSA NIST P-256) with default private key
 <option value="ES384"/> ES384 (SHA384withECDSA NIST P-384) with default private key
+<option value="ES512"/> ES512 (SHA512withECDSA NIST P-521) with default private key
 <option value="PS256"/> PS256 (SHA256withRSAandMGF1 RSA2048bit:z4) with default private key
 <option value="PS384"/> PS384 (SHA384withRSAandMGF1 RSA2048bit:z4) with default private key
 <option value="PS512"/> PS512 (SHA512withRSAandMGF1 RSA2048bit:z4) with default private key
@@ -521,7 +559,9 @@ <h2>(Step2) Choose proper public key or certificate to verify.</h2>
 <option value="ES256-PUB"/> default public key for ES256 (SHA256withECDSA NIST P-256 k1)
 <option value="ES256-CER"/> default X.509 certificate for ES256 (SHA256withECDSA NIST P-256 k1)
 <option value="ES384-PUB"/> default public key for ES384 (SHA384withECDSA NIST P-384 k6)
-<option value="ES384-PUB"/> default X.509 certificate for ES384 (SHA384withECDSA NIST P-384 k6)
+<option value="ES384-CER"/> default X.509 certificate for ES384 (SHA384withECDSA NIST P-384 k6)
+<option value="ES512-PUB"/> default public key for ES512 (SHA512withECDSA NIST P-521 k5)
+<option value="ES512-CER"/> default X.509 certificate for ES512 (SHA512withECDSA NIST P-521 k5)
 </select>
 <br/>
 <textarea name="key2" cols="65" rows="3"></textarea><br/>

diff --git a/src/ecdsa-modified-1.0.js b/src/ecdsa-modified-1.0.js
@@ -753,13 +753,33 @@ KJUR.crypto.ECDSA.parseSigHexInHexRS = function(sigHex) {
  * @static
  * @param {String} asn1Hex hexadecimal string of ASN.1 encoded ECDSA signature value
  * @return {String} r-s concatinated format of ECDSA signature value
+ * @throws Error when signature length is unsupported
  * @since ecdsa-modified 1.0.3
  */
 KJUR.crypto.ECDSA.asn1SigToConcatSig = function(asn1Sig) {
     var pSig = KJUR.crypto.ECDSA.parseSigHexInHexRS(asn1Sig);
     var hR = pSig.r;
     var hS = pSig.s;
 
+	// P-521 special case (65-66 bytes are allowed)
+	if (hR.length >= 130 && hR.length <= 134) {
+		if (hR.length % 2 != 0) {
+			throw Error(`unknown ECDSA sig r length error (${hR.length} is not a multiple of 2)`);
+		}
+		if (hS.length % 2 != 0) {
+			throw Error(`unknown ECDSA sig s length error (${hS.length} is not a multiple of 2)`);
+		}
+		if (hR.substr(0, 2) == "00") hR = hR.substr(2);
+		if (hS.substr(0, 2) == "00") hS = hS.substr(2);
+
+		// make sure they have the same length
+		var length = Math.max(hR.length, hS.length);
+		hR = ("000000" + hR).slice(- length);
+		hS = ("000000" + hS).slice(- length);
+
+		return hR + hS;
+	}
+
     // R and S length is assumed multiple of 128bit(32chars in hex).
     // If leading is "00" and modulo of length is 2(chars) then
     // leading "00" is for two's complement and will be removed.
@@ -777,9 +797,9 @@ KJUR.crypto.ECDSA.asn1SigToConcatSig = function(asn1Sig) {
     // If R and S length is not still multiple of 128bit(32 chars),
     // then error
     if (hR.length % 32 != 0)
-	throw "unknown ECDSA sig r length error";
+	throw Error(`unknown ECDSA sig r length error (${hR.length} is not a multiple of 32)`);
     if (hS.length % 32 != 0)
-	throw "unknown ECDSA sig s length error";
+	throw Error(`unknown ECDSA sig s length error (${hS.length} is not a multiple of 32)`);
 
     return hR + hS;
 };
@@ -792,11 +812,13 @@ KJUR.crypto.ECDSA.asn1SigToConcatSig = function(asn1Sig) {
  * @static
  * @param {String} concatSig r-s concatinated format of ECDSA signature value
  * @return {String} hexadecimal string of ASN.1 encoded ECDSA signature value
+ * @throws Error when signature length is unsupported
  * @since ecdsa-modified 1.0.3
  */
 KJUR.crypto.ECDSA.concatSigToASN1Sig = function(concatSig) {
-    if ((((concatSig.length / 2) * 8) % (16 * 8)) != 0)
-	throw "unknown ECDSA concatinated r-s sig  length error";
+	if (concatSig.length % 4 != 0) {
+		throw Error(`unknown ECDSA concatinated r-s sig length error (${concatSig.length} is not a multiple of 4)`);
+	}
 
     var hR = concatSig.substr(0, concatSig.length / 2);
     var hS = concatSig.substr(concatSig.length / 2);

diff --git a/src/jws-3.3.js b/src/jws-3.3.js
@@ -810,7 +810,7 @@ KJUR.jws.JWS.jwsalg2sigalg = {
     "RS512":	"SHA512withRSA",
     "ES256":	"SHA256withECDSA",
     "ES384":	"SHA384withECDSA",
-    //"ES512":	"SHA512withECDSA", // unsupported because of jsrsasign's bug
+    "ES512":	"SHA512withECDSA",
     "PS256":	"SHA256withRSAandMGF1",
     "PS384":	"SHA384withRSAandMGF1",
     "PS512":	"SHA512withRSAandMGF1",

diff --git a/src/keyutil-1.0.js b/src/keyutil-1.0.js
@@ -1044,7 +1044,7 @@ KEYUTIL.getKey = function(param, passcode, hextype) {
 	param.y !== undefined &&
         param.d === undefined) {
 	var ec = new _KJUR_crypto_ECDSA({"curve": param.crv});
-	var charlen = ec.ecparams.keylen / 4;
+	var charlen = ec.ecparams.keycharlen;
         var hX   = ("0000000000" + b64utohex(param.x)).slice(- charlen);
         var hY   = ("0000000000" + b64utohex(param.y)).slice(- charlen);
         var hPub = "04" + hX + hY;
@@ -1059,7 +1059,7 @@ KEYUTIL.getKey = function(param, passcode, hextype) {
 	param.y !== undefined &&
         param.d !== undefined) {
 	var ec = new _KJUR_crypto_ECDSA({"curve": param.crv});
-	var charlen = ec.ecparams.keylen / 4;
+	var charlen = ec.ecparams.keycharlen;
         var hX   = ("0000000000" + b64utohex(param.x)).slice(- charlen);
         var hY   = ("0000000000" + b64utohex(param.y)).slice(- charlen);
         var hPub = "04" + hX + hY;
@@ -1789,7 +1789,7 @@ KEYUTIL.getJWKFromKey = function(keyObj) {
 	return jwk;
     } else if (keyObj instanceof KJUR.crypto.ECDSA && keyObj.isPrivate) {
 	var name = keyObj.getShortNISTPCurveName();
-	if (name !== "P-256" && name !== "P-384")
+	if (name !== "P-256" && name !== "P-384" && name !== "P-521")
 	    throw new Error("unsupported curve name for JWT: " + name);
 	var xy = keyObj.getPublicKeyXYHex();
 	jwk.kty = "EC";
@@ -1800,7 +1800,7 @@ KEYUTIL.getJWKFromKey = function(keyObj) {
 	return jwk;
     } else if (keyObj instanceof KJUR.crypto.ECDSA && keyObj.isPublic) {
 	var name = keyObj.getShortNISTPCurveName();
-	if (name !== "P-256" && name !== "P-384")
+	if (name !== "P-256" && name !== "P-384" && name !== "P-521")
 	    throw new Error("unsupported curve name for JWT: " + name);
 	var xy = keyObj.getPublicKeyXYHex();
 	jwk.kty = "EC";

diff --git a/test/qunit-do-ecdsamod-s.html b/test/qunit-do-ecdsamod-s.html
@@ -43,13 +43,80 @@
 $(document).ready(function(){
 var o = KJUR.crypto.ECDSA;
 
-test("asn1SigToConcatSig k1.sig.aaa.1", function() {
-  equal(o.asn1SigToConcatSig('3045022100f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b0220051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8'), 'f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8', '1');
-});
+const SIGNATURES = {
+  "P-256": [
+    {
+      "asn1":"3045022100f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b0220051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8",
+      "concat":"f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8",
+      "raw": {"r":"f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b","s":"051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8"}
+    },
+    {
+      "asn1":"304502205eb5d99ad13adc09bd6df2105c16d7f7565b768e1e9f2e2b8a5e42bcb5f0f083022100b1d8b2091958df331b700c97698c96e2d4c6aebb2cf7b68fc57901b9794582af",
+      "concat":"5eb5d99ad13adc09bd6df2105c16d7f7565b768e1e9f2e2b8a5e42bcb5f0f083b1d8b2091958df331b700c97698c96e2d4c6aebb2cf7b68fc57901b9794582af",
+      "raw": {"r":"5eb5d99ad13adc09bd6df2105c16d7f7565b768e1e9f2e2b8a5e42bcb5f0f083","s":"b1d8b2091958df331b700c97698c96e2d4c6aebb2cf7b68fc57901b9794582af"}
+    },
+    {
+      "asn1":"3046022100f3ee83e040657dc7228ad28350a512fc48139a5eba421ec8e04c3692d4645cf202210086701829886e409ab81f2388226047453e089090e450e2a9026df52de16dfadf",
+      "concat":"f3ee83e040657dc7228ad28350a512fc48139a5eba421ec8e04c3692d4645cf286701829886e409ab81f2388226047453e089090e450e2a9026df52de16dfadf",
+      "raw": {"r":"f3ee83e040657dc7228ad28350a512fc48139a5eba421ec8e04c3692d4645cf2","s":"86701829886e409ab81f2388226047453e089090e450e2a9026df52de16dfadf"}
+    }
+  ],
+  "P-384": [
+    {
+      "asn1":"3064023030ff2c434742949ef193f00a90c9a4bf8dd99f0442d487502b4fdad4dcbfc44e3164479f9c766dab3e4685dfbff46d3502302f4da9694360b868ffc83763123d82ac6d21bb4d7491e63ead157f8b2d2043e2fbcee860dcdcd3b2401f3004352dd05e",
+      "concat":"30ff2c434742949ef193f00a90c9a4bf8dd99f0442d487502b4fdad4dcbfc44e3164479f9c766dab3e4685dfbff46d352f4da9694360b868ffc83763123d82ac6d21bb4d7491e63ead157f8b2d2043e2fbcee860dcdcd3b2401f3004352dd05e",
+      "raw": {"r":"30ff2c434742949ef193f00a90c9a4bf8dd99f0442d487502b4fdad4dcbfc44e3164479f9c766dab3e4685dfbff46d35","s":"2f4da9694360b868ffc83763123d82ac6d21bb4d7491e63ead157f8b2d2043e2fbcee860dcdcd3b2401f3004352dd05e"}
+    },
+    {
+      "asn1":"3065023042958d6ae304e1acc9414517bc4d90d8d9dea7bb9548a14cc46b86a8614bd3f51737eaf8353a9963856c9d4186e8e46a023100ec025b8368c33facf235541f1f5fcd86049c7f69f9bee67ba905786507e1b016c59aca93ca06535d450c1572d8b4512b",
+      "concat":"42958d6ae304e1acc9414517bc4d90d8d9dea7bb9548a14cc46b86a8614bd3f51737eaf8353a9963856c9d4186e8e46aec025b8368c33facf235541f1f5fcd86049c7f69f9bee67ba905786507e1b016c59aca93ca06535d450c1572d8b4512b",
+      "raw": {"r":"42958d6ae304e1acc9414517bc4d90d8d9dea7bb9548a14cc46b86a8614bd3f51737eaf8353a9963856c9d4186e8e46a","s":"ec025b8368c33facf235541f1f5fcd86049c7f69f9bee67ba905786507e1b016c59aca93ca06535d450c1572d8b4512b"}
+    }
+  ],
+  "P-521": [
+    {
+      "asn1":"308186024164f6b34ba7348a7d987257df7969843925b0716c5b96e5bdbb4eb71bf5f5ddcb3f4cbf7ae6aca31e57e931ef68cd15b5bbac892110f6b48c7d436076b9de4245a5024136f0edafb5c6d78e2dd02bf4c233c3f72401c0da68789a0046f6b971d7ef02a638ec351d2d893edc3ac95ee4e003fd22859100ac5cf56267f1ffe599662307e2e5",
+      "concat":"64f6b34ba7348a7d987257df7969843925b0716c5b96e5bdbb4eb71bf5f5ddcb3f4cbf7ae6aca31e57e931ef68cd15b5bbac892110f6b48c7d436076b9de4245a536f0edafb5c6d78e2dd02bf4c233c3f72401c0da68789a0046f6b971d7ef02a638ec351d2d893edc3ac95ee4e003fd22859100ac5cf56267f1ffe599662307e2e5",
+      "raw": {"r":"64f6b34ba7348a7d987257df7969843925b0716c5b96e5bdbb4eb71bf5f5ddcb3f4cbf7ae6aca31e57e931ef68cd15b5bbac892110f6b48c7d436076b9de4245a5","s":"36f0edafb5c6d78e2dd02bf4c233c3f72401c0da68789a0046f6b971d7ef02a638ec351d2d893edc3ac95ee4e003fd22859100ac5cf56267f1ffe599662307e2e5"}
+    },
+    {
+      "asn1":"308187024103268bca0a5c5fc7b9910efa9f4925d9b1eb411d08bdbf91941c469e4e06fea5b7f6115c67006e836a2f240e057c96d84e10a964e5db87ad281afe59cec1efd609024200fd5d6d9b874fe743cc9cc6ab6b66de667d1c3952e94dffb3d113f8fce92b3f3b419555ed97e54ed038ef091a90242baf84a626d697faf9a169eb75710bdb11b843",
+      "concat":"03268bca0a5c5fc7b9910efa9f4925d9b1eb411d08bdbf91941c469e4e06fea5b7f6115c67006e836a2f240e057c96d84e10a964e5db87ad281afe59cec1efd609fd5d6d9b874fe743cc9cc6ab6b66de667d1c3952e94dffb3d113f8fce92b3f3b419555ed97e54ed038ef091a90242baf84a626d697faf9a169eb75710bdb11b843",
+      "raw": {"r":"03268bca0a5c5fc7b9910efa9f4925d9b1eb411d08bdbf91941c469e4e06fea5b7f6115c67006e836a2f240e057c96d84e10a964e5db87ad281afe59cec1efd609","s":"fd5d6d9b874fe743cc9cc6ab6b66de667d1c3952e94dffb3d113f8fce92b3f3b419555ed97e54ed038ef091a90242baf84a626d697faf9a169eb75710bdb11b843"}
+    },
+    {
+      "asn1":"308188024201e1a66f447ce86608e717f4a66d1ab046a13964e4269daa790922506e594667feafcd89b372525b3c07a7fefc085bea1f3ff50e10687230b27de4d1179a05781930024200f60de78284181ccf85f8ff32a842866a2d0436b9a4da2702c15d2f97194ecf6d880059ba932e2e347be1002b20fa64d9dd46d05f1b8c4b62163eefc583f9bf153c",
+      "concat":"01e1a66f447ce86608e717f4a66d1ab046a13964e4269daa790922506e594667feafcd89b372525b3c07a7fefc085bea1f3ff50e10687230b27de4d1179a0578193000f60de78284181ccf85f8ff32a842866a2d0436b9a4da2702c15d2f97194ecf6d880059ba932e2e347be1002b20fa64d9dd46d05f1b8c4b62163eefc583f9bf153c",
+      "raw": {"r":"01e1a66f447ce86608e717f4a66d1ab046a13964e4269daa790922506e594667feafcd89b372525b3c07a7fefc085bea1f3ff50e10687230b27de4d1179a05781930","s":"f60de78284181ccf85f8ff32a842866a2d0436b9a4da2702c15d2f97194ecf6d880059ba932e2e347be1002b20fa64d9dd46d05f1b8c4b62163eefc583f9bf153c"}
+    }
+  ]
+};
 
-test("concatSigToASN1Sig k1.sig.aaa.1", function() {
-  equal(o.concatSigToASN1Sig('f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8'), '3045022100f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b0220051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8', '1');
-});
+for (const curve in SIGNATURES) {
+  test(`${curve} asn1SigToConcatSig`, function() {
+    for (let i=0; i<SIGNATURES[curve].length; i++) {
+      const asn1 = SIGNATURES[curve][i].asn1;
+      const concat = SIGNATURES[curve][i].concat;
+      equal(o.asn1SigToConcatSig(asn1), concat, `${i+1}`);
+    }
+  });
+
+  test(`${curve} hexRSSigToASN1Sig`, function() {
+    for (let i=0; i<SIGNATURES[curve].length; i++) {
+      const asn1 = SIGNATURES[curve][i].asn1;
+      const raw = SIGNATURES[curve][i].raw;
+      equal(o.hexRSSigToASN1Sig(raw.r, raw.s), asn1, `${i+1}`);
+    }
+  });
+
+  test(`${curve} concatSigToASN1Sig`, function() {
+    for (let i=0; i<SIGNATURES[curve].length; i++) {
+      const asn1 = SIGNATURES[curve][i].asn1;
+      const concat = SIGNATURES[curve][i].concat;
+      equal(o.concatSigToASN1Sig(concat), asn1, `${i+1}`);
+    }
+  });
+}
 
 });
 </script>