feat(ecdsa): refactor ES512 with macro-based implementation and comprehensive tests

ars9 · ars9 · commit 225dcbc4525d · 2026-01-12T18:39:29.000+02:00
- Refactor P-521 signer/verifier into define_p521_signer! and define_p521_verifier! macros
- Implement safe PKCS8 key extraction using slice-to-array conversion (no unsafe code)
- Custom ASN.1 DER parser for P-521 nested ECPrivateKey structure (66-byte key extraction)
- Add three ES512 integration tests (sign/verify, PEM, claim round-trip)
- Include P-521 test keys in PEM and DER formats for test suite
diff --git a/src/crypto/rust_crypto/ecdsa.rs b/src/crypto/rust_crypto/ecdsa.rs
@@ -89,61 +89,136 @@ define_ecdsa_signer!(Es384Signer, Algorithm::ES384, SigningKey384);
 define_ecdsa_verifier!(Es256Verifier, Algorithm::ES256, VerifyingKey256, Signature256);
 define_ecdsa_verifier!(Es384Verifier, Algorithm::ES384, VerifyingKey384, Signature384);
 
-// P521 (ES512) uses a different API - no sign_recoverable
-pub struct Es512Signer(SigningKey521);
+// P521 (ES512) signer - uses different API (no sign_recoverable, different PKCS8 extraction)
+macro_rules! define_p521_signer {
+    ($name:ident, $alg:expr) => {
+        pub struct $name(SigningKey521);
 
-impl Es512Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        if encoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+        impl $name {
+            pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
+                if encoding_key.family != AlgorithmFamily::Ec {
+                    return Err(new_error(ErrorKind::InvalidKeyFormat));
+                }
+
+                // Extract the raw 66-byte key from PKCS8 DER format
+                let pkcs8_der = encoding_key.inner();
+                let key_bytes = extract_p521_key_from_pkcs8(pkcs8_der)?;
+
+                // Verify correct length and convert to fixed-size array safely
+                if key_bytes.len() != 66 {
+                    return Err(new_error(ErrorKind::InvalidEcdsaKey));
+                }
+                
+                // Safe conversion using slice_as_array pattern
+                let mut key_array = [0u8; 66];
+                key_array.copy_from_slice(&key_bytes);
+                
+                // Convert array to GenericArray reference using From trait
+                let field_bytes: &p521::FieldBytes = key_array.as_slice().try_into()
+                    .map_err(|_| ErrorKind::InvalidEcdsaKey)?;
+                
+                Ok(Self(
+                    SigningKey521::from_bytes(field_bytes)
+                        .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
+                ))
+            }
         }
 
-        Ok(Self(
-            SigningKey521::from_bytes(encoding_key.inner().into())
-                .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
-        ))
-    }
-}
+        impl Signer<Vec<u8>> for $name {
+            fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
+                let signature: Signature521 = self.0.sign(msg);
+                Ok(signature.to_vec())
+            }
+        }
 
-impl Signer<Vec<u8>> for Es512Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
-        let signature: Signature521 = self.0.sign(msg);
-        Ok(signature.to_vec())
-    }
+        impl JwtSigner for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
 }
 
-impl JwtSigner for Es512Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES512
-    }
-}
+// P521 (ES512) verifier
+macro_rules! define_p521_verifier {
+    ($name:ident, $alg:expr) => {
+        pub struct $name(VerifyingKey521);
 
-pub struct Es512Verifier(VerifyingKey521);
+        impl $name {
+            pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
+                if decoding_key.family != AlgorithmFamily::Ec {
+                    return Err(new_error(ErrorKind::InvalidKeyFormat));
+                }
 
-impl Es512Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        if decoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+                Ok(Self(
+                    VerifyingKey521::from_sec1_bytes(decoding_key.as_bytes())
+                        .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
+                ))
+            }
         }
 
-        Ok(Self(
-            VerifyingKey521::from_sec1_bytes(decoding_key.as_bytes())
-                .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
-        ))
-    }
-}
+        impl Verifier<Vec<u8>> for $name {
+            fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), Error> {
+                self.0
+                    .verify(msg, &Signature521::from_slice(signature).map_err(Error::from_source)?)
+                    .map_err(Error::from_source)?;
+                Ok(())
+            }
+        }
 
-impl Verifier<Vec<u8>> for Es512Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), Error> {
-        self.0
-            .verify(msg, &Signature521::from_slice(signature).map_err(Error::from_source)?)
-            .map_err(Error::from_source)?;
-        Ok(())
-    }
+        impl JwtVerifier for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
 }
 
-impl JwtVerifier for Es512Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES512
+define_p521_signer!(Es512Signer, Algorithm::ES512);
+define_p521_verifier!(Es512Verifier, Algorithm::ES512);
+
+/// Extract the 66-byte P-521 private key from PKCS8 DER format
+/// 
+/// P-521 keys in PKCS8 format have a different structure than the standard P256/P384:
+/// PKCS8 ::= SEQUENCE {
+///   version INTEGER,
+///   algorithm AlgorithmIdentifier,
+///   PrivateKey OCTET STRING
+/// }
+/// The PrivateKey octet string contains a DER-encoded ECPrivateKey SEQUENCE:
+/// ECPrivateKey ::= SEQUENCE {
+///   version INTEGER,
+///   privateKey OCTET STRING (66 bytes for P-521)
+/// }
+fn extract_p521_key_from_pkcs8(pkcs8_der: &[u8]) -> Result<Vec<u8>> {
+    let asn1_blocks = simple_asn1::from_der(pkcs8_der)
+        .map_err(|_| ErrorKind::InvalidKeyFormat)?;
+
+    for block in asn1_blocks {
+        if let simple_asn1::ASN1Block::Sequence(_, entries) = block {
+            // The third element (index 2) should be the privateKey OCTET STRING
+            if entries.len() >= 3 {
+                if let simple_asn1::ASN1Block::OctetString(_, value) = &entries[2] {
+                    // The value is DER-encoded and contains a SEQUENCE with the actual key
+                    if let Ok(inner_blocks) = simple_asn1::from_der(value) {
+                        for inner_block in inner_blocks {
+                            if let simple_asn1::ASN1Block::Sequence(_, inner_entries) = inner_block {
+                                // Look for the OCTET STRING within this sequence
+                                for inner_entry in inner_entries {
+                                    if let simple_asn1::ASN1Block::OctetString(_, key_value) = inner_entry {
+                                        // This should be our 66-byte key
+                                        if key_value.len() == 66 {
+                                            return Ok(key_value.to_vec());
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
     }
+
+    Err(new_error(ErrorKind::InvalidKeyFormat))
 }
diff --git a/tests/ecdsa/mod.rs b/tests/ecdsa/mod.rs
@@ -191,3 +191,72 @@ fn ec_jwk_from_key() {
         .unwrap()
     );
 }
+
+// ES512 Tests
+#[test]
+#[wasm_bindgen_test]
+fn es512_round_trip_sign_verification_pem() {
+    let privkey_pem = include_bytes!("private_es512_key.pem");
+    let pubkey_pem = include_bytes!("public_es512_key.pem");
+
+    let encrypted =
+        sign(b"hello world", &EncodingKey::from_ec_pem(privkey_pem).unwrap(), Algorithm::ES512)
+            .unwrap();
+    let is_valid = verify(
+        &encrypted,
+        b"hello world",
+        &DecodingKey::from_ec_pem(pubkey_pem).unwrap(),
+        Algorithm::ES512,
+    )
+    .unwrap();
+    assert!(is_valid);
+}
+
+#[cfg(feature = "use_pem")]
+#[test]
+#[wasm_bindgen_test]
+fn es512_round_trip_claim() {
+    let privkey_pem = include_bytes!("private_es512_key.pem");
+    let pubkey_pem = include_bytes!("public_es512_key.pem");
+    let my_claims = Claims {
+        sub: "es512@example.com".to_string(),
+        company: "ACME".to_string(),
+        exp: OffsetDateTime::now_utc().unix_timestamp() + 10000,
+    };
+    let token = encode(
+        &Header::new(Algorithm::ES512),
+        &my_claims,
+        &EncodingKey::from_ec_pem(privkey_pem).unwrap(),
+    )
+    .unwrap();
+    let token_data = decode::<Claims>(
+        &token,
+        &DecodingKey::from_ec_pem(pubkey_pem).unwrap(),
+        &Validation::new(Algorithm::ES512),
+    )
+    .unwrap();
+    assert_eq!(my_claims, token_data.claims);
+}
+
+#[cfg(feature = "use_pem")]
+#[test]
+#[wasm_bindgen_test]
+fn es512_sign_and_verify() {
+    let privkey_pem = include_bytes!("private_es512_key.pem");
+    let pubkey_pem = include_bytes!("public_es512_key.pem");
+    let message = b"test message for ES512";
+    
+    // Sign the message
+    let encrypted = sign(message, &EncodingKey::from_ec_pem(privkey_pem).unwrap(), Algorithm::ES512)
+        .unwrap();
+    
+    // Verify the signature
+    let is_valid = verify(
+        &encrypted,
+        message,
+        &DecodingKey::from_ec_pem(pubkey_pem).unwrap(),
+        Algorithm::ES512,
+    )
+    .unwrap();
+    assert!(is_valid);
+}
diff --git a/tests/ecdsa/private_es512_key.pem b/tests/ecdsa/private_es512_key.pem
@@ -0,0 +1,8 @@
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIASpHRYZx6l+CIFdI2
+9MO1GGnfy4eyWXApZLmQUm9nbZCX2MDY6VB63umkLii3h+ng899S2GNqpWpqK4oc
+TOwlL16hgYkDgYYABABoIJ4A1xiM93QfTORva8sVTWyrqNFC8VaTA9wNbHTV+6U/
+SyG1IiQ/wjdmHNzZmXMNah/ICrJGcvrJkN8Ol3tEFgD346qAuxWQp5OF4Fvadluo
+uN/z8IPoeGtWIcTeU2xiJMBohyAKBR4j7yCKVVrQ7FFZ6di4LikqgloUeaMeGLop
+OA==
+-----END PRIVATE KEY-----
diff --git a/tests/ecdsa/private_es512_key.pk8 b/tests/ecdsa/private_es512_key.pk8
@@ -0,0 +1,8 @@
+-----BEGIN PRIVATE KEY-----
+MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIASBiTacIylSnlw2mi
+We9ggHXP2wQgQVjWd4GkbPpK54c1hn3j4qHxNroYE3O5A1JkIHCBvMxAmDZexpZP
+W0+vG1KhgYkDgYYABACPR/NfSO17emjwePAo/R95JsUGT1ensaDsIE+K86LaqF30
+Ji/sg0eW+OOkQG4tVplFzVIDBftPA/gLzUdMslr2OABPthB0tgMnDU99O8+w0n5m
+WbbZ9rs2T1WW6nkGHPH1aJ/4hNuz8HgZ8Tyg66k2ugwH+i9HDSMPK5gbxOF4K1x0
+yA==
+-----END PRIVATE KEY-----
diff --git a/tests/ecdsa/public_es512_key.pem b/tests/ecdsa/public_es512_key.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaCCeANcYjPd0H0zkb2vLFU1sq6jR
+QvFWkwPcDWx01fulP0shtSIkP8I3Zhzc2ZlzDWofyAqyRnL6yZDfDpd7RBYA9+Oq
+gLsVkKeTheBb2nZbqLjf8/CD6HhrViHE3lNsYiTAaIcgCgUeI+8gilVa0OxRWenY
+uC4pKoJaFHmjHhi6KTg=
+-----END PUBLIC KEY-----
diff --git a/tests/ecdsa/public_es512_key.pk8 b/tests/ecdsa/public_es512_key.pk8
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAj0fzX0jte3po8HjwKP0feSbFBk9X
+p7Gg7CBPivOi2qhd9CYv7INHlvjjpEBuLVaZRc1SAwX7TwP4C81HTLJa9jgAT7YQ
+dLYDJw1PfTvPsNJ+Zlm22fa7Nk9Vlup5Bhzx9Wif+ITbs/B4GfE8oOupNroMB/ov
+Rw0jDyuYG8TheCtcdMg=
+-----END PUBLIC KEY-----
