Add support for P-384

README.md

@@ -34,7 +34,7 @@ The following algorithms are supported at this time:
 
 - RSA
 - ed25519
-- NIST P-256
+- NIST P-256 and P-384
 
 If you would like to see a different signing algorithm supported please
 [file an issue](https://github.com/wiktor-k/ssh-sig/issues/new) attaching both

fixtures/p384.txt

@@ -0,0 +1 @@
+this is signed data

fixtures/p384.txt.sig

@@ -0,0 +1,8 @@
+-----BEGIN SSH SIGNATURE-----
+U1NIU0lHAAAAAQAAAIgAAAATZWNkc2Etc2hhMi1uaXN0cDM4NAAAAAhuaXN0cDM4NAAAAG
+EEG6286m3mpFE9rNUVJ9XprgDfd5e2VWRcvvHg8evbOvLDXAZvu3Om5JNkppslpOVJk/8m
+m9rZxoY022g1tdUOKw6yJLj/BJrcAnb8+bE5ym/+VlykLKcqrjMN6iCj4XGsAAAABGZpbG
+UAAAAAAAAABnNoYTUxMgAAAIQAAAATZWNkc2Etc2hhMi1uaXN0cDM4NAAAAGkAAAAxANsT
+hsqb5HsIUn+HbRILJU1xCBiqDgyQEHFArQWUwdNcWeG7KxrlxVS2LxK05VgSrgAAADAgr3
++DHFrtwYzuh9pFiYEcP1IPTpxi9aGaQDJ99p13r/ejnURT6EgGiTjtbPohtF4=
+-----END SSH SIGNATURE-----

formats.ts

@@ -10,7 +10,7 @@ export type Pubkey = {
   key: Uint8Array;
   toString(): string;
 } | {
-  pk_algo: "ecdsa-sha2-nistp256";
+  pk_algo: "ecdsa-sha2-nistp256" | "ecdsa-sha2-nistp384";
   curve: string;
   point: Uint8Array;
   toString(): string;
@@ -39,7 +39,9 @@ export function parsePubkey(
         return `${pk_algo} ${base64Encode(new Uint8Array(raw_publickey))}`;
       },
     };
-  } else if (pk_algo === "ecdsa-sha2-nistp256") {
+  } else if (
+    pk_algo === "ecdsa-sha2-nistp256" || pk_algo === "ecdsa-sha2-nistp384"
+  ) {
     const curve = publickey.readString().toString();
     pubkey = {
       pk_algo,
@@ -88,17 +90,27 @@ export function convertPublicKey(publickey: Pubkey): {
       keyData: publickey.key.buffer,
       format: "raw",
     };
-  } else if (pk_algo === "ecdsa-sha2-nistp256") {
+  } else if (
+    pk_algo === "ecdsa-sha2-nistp256" || pk_algo === "ecdsa-sha2-nistp384"
+  ) {
     if (publickey.point[0] !== 0x04) {
       throw new Error("Only uncompressed (0x04) format is supported");
     }
 
+    const point = publickey.point.slice(1);
+
+    let crv;
+    if (pk_algo === "ecdsa-sha2-nistp256") {
+      crv = "P-256";
+    } else {
+      crv = "P-384";
+    }
     return {
       keyData: {
         kty: "EC",
-        crv: "P-256",
-        x: base64UrlEncode(publickey.point.slice(1, 33)),
-        y: base64UrlEncode(publickey.point.slice(33)),
+        crv,
+        x: base64UrlEncode(point.slice(0, point.length / 2)),
+        y: base64UrlEncode(point.slice(point.length / 2)),
       },
       format: "jwk",
     };
@@ -124,6 +136,12 @@ export function convertAlgorithm(sig_algo: string) {
       namedCurve: "P-256",
       hash: { name: "SHA-256" },
     };
+  } else if (sig_algo === "ecdsa-sha2-nistp384") {
+    return {
+      name: "ECDSA",
+      namedCurve: "P-384",
+      hash: { name: "SHA-384" },
+    };
   } else {
     throw new Error(`Unsupported algo: ${sig_algo}`);
   }

sig_parser.ts

@@ -32,13 +32,15 @@ export function parse(signature: DataView | string): Sig {
   const sig_algo = raw_signature.readString().toString();
   const sig_bytes = raw_signature.readString();
   let bytes;
-  if (sig_algo === "ecdsa-sha2-nistp256") {
+  if (
+    sig_algo === "ecdsa-sha2-nistp256" || sig_algo === "ecdsa-sha2-nistp384"
+  ) {
     let r = new Uint8Array(sig_bytes.readString().bytes());
-    if (r[0] === 0x00 && r.length == 33) {
+    if (r[0] === 0x00 && r.length % 2 == 1) {
       r = r.slice(1);
     }
     let s = new Uint8Array(sig_bytes.readString().bytes());
-    if (s[0] === 0x00 && s.length == 33) {
+    if (s[0] === 0x00 && s.length % 2 == 1) {
       s = s.slice(1);
     }
     bytes = new Uint8Array([...r, ...s]);

verifier_test.ts

@@ -18,6 +18,7 @@ for await (const entry of Deno.readDir("fixtures")) {
             ),
           ),
           true,
+          "signature verification should succeed",
         );
         const allowedSigners = await Deno.makeTempFile();