diff --git a/Libraries/LibCrypto/Curves/SECPxxxr1.h b/Libraries/LibCrypto/Curves/SECPxxxr1.h
index b4fd2110ae6..0d1aa6e9305 100644
--- a/Libraries/LibCrypto/Curves/SECPxxxr1.h
+++ b/Libraries/LibCrypto/Curves/SECPxxxr1.h
@@ -226,6 +226,13 @@ public:
         return shared_point;
     }
 
+    ErrorOr<bool> verify_point(ReadonlyBytes hash, SECPxxxr1Point pubkey, ReadonlyBytes signature)
+    {
+        // FIXME: this is very ugly, but it gets the job done.
+        auto pubkey_bytes = TRY(pubkey.to_uncompressed());
+        return verify(hash, pubkey_bytes, signature);
+    }
+
     ErrorOr<bool> verify(ReadonlyBytes hash, ReadonlyBytes pubkey, ReadonlyBytes signature)
     {
         Crypto::ASN1::Decoder asn1_decoder(signature);
diff --git a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
index b5b74c613d3..93e64b1c39b 100644
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@@ -2287,8 +2287,8 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> ECDSA::
     // NOTE: Spec jumps to 6 here for some reason
     // 6. If performing the key generation operation results in an error, then throw an OperationError.
     auto maybe_private_key_data = curve.visit(
-        [](Empty const&) -> ErrorOr<ByteBuffer> { return Error::from_string_literal("noop error"); },
-        [](auto instance) { return instance.generate_private_key(); });
+        [](Empty const&) -> ErrorOr<::Crypto::UnsignedBigInteger> { return Error::from_string_literal("noop error"); },
+        [](auto instance) { return instance.generate_private_key_scalar(); });
 
     if (maybe_private_key_data.is_error())
         return WebIDL::OperationError::create(m_realm, "Failed to create valid crypto instance"_string);
@@ -2296,13 +2296,14 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> ECDSA::
     auto private_key_data = maybe_private_key_data.release_value();
 
     auto maybe_public_key_data = curve.visit(
-        [](Empty const&) -> ErrorOr<ByteBuffer> { return Error::from_string_literal("noop error"); },
-        [&](auto instance) { return instance.generate_public_key(private_key_data); });
+        [](Empty const&) -> ErrorOr<::Crypto::Curves::SECPxxxr1Point> { return Error::from_string_literal("noop error"); },
+        [&](auto instance) { return instance.generate_public_key_point(private_key_data); });
 
     if (maybe_public_key_data.is_error())
         return WebIDL::OperationError::create(m_realm, "Failed to create valid crypto instance"_string);
 
     auto public_key_data = maybe_public_key_data.release_value();
+    auto ec_public_key = ::Crypto::PK::ECPublicKey<> { public_key_data.x, public_key_data.y };
 
     // 7. Let algorithm be a new EcKeyAlgorithm object.
     auto algorithm = EcKeyAlgorithm::create(m_realm);
@@ -2314,7 +2315,7 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> ECDSA::
     algorithm->set_named_curve(normalized_algorithm.named_curve);
 
     // 10. Let publicKey be a new CryptoKey representing the public key of the generated key pair.
-    auto public_key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { public_key_data });
+    auto public_key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { ec_public_key });
 
     // 11. Set the [[type]] internal slot of publicKey to "public"
     public_key->set_type(Bindings::KeyType::Public);
@@ -2329,7 +2330,8 @@ WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> ECDSA::
     public_key->set_usages(usage_intersection(key_usages, { { Bindings::KeyUsage::Verify } }));
 
     // 15. Let privateKey be a new CryptoKey representing the private key of the generated key pair.
-    auto private_key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { private_key_data });
+    auto ec_private_key = ::Crypto::PK::ECPrivateKey<> { private_key_data, {}, ec_public_key };
+    auto private_key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { ec_private_key });
 
     // 16. Set the [[type]] internal slot of privateKey to "private"
     private_key->set_type(Bindings::KeyType::Private);
@@ -2425,7 +2427,7 @@ WebIDL::ExceptionOr<JS::Value> ECDSA::verify(AlgorithmParams const& params, GC::
     auto M = result_buffer.release_value();
 
     // 4. Let Q be the ECDSA public key associated with key.
-    auto Q = key->handle().get<ByteBuffer>();
+    auto Q = key->handle().get<::Crypto::PK::ECPublicKey<>>();
 
     // FIXME: 5. Let params be the EC domain parameters associated with key.
 
@@ -2468,7 +2470,7 @@ WebIDL::ExceptionOr<JS::Value> ECDSA::verify(AlgorithmParams const& params, GC::
 
         auto maybe_result = curve.visit(
             [](Empty const&) -> ErrorOr<bool> { return Error::from_string_literal("Failed to create valid crypto instance"); },
-            [&](auto instance) { return instance.verify(M, Q, encoded_signature); });
+            [&](auto instance) { return instance.verify_point(M, ::Crypto::Curves::SECPxxxr1Point { Q.x(), Q.y() }, encoded_signature); });
 
         if (maybe_result.is_error()) {
             auto error_message = MUST(String::from_utf8(maybe_result.error().string_literal()));
diff --git a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.txt b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.txt
new file mode 100644
index 00000000000..eef80604f91
--- /dev/null
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.txt
@@ -0,0 +1,264 @@
+Summary
+
+Harness status: OK
+
+Rerun
+
+Found 253 tests
+
+176 Pass
+77 Fail
+Details
+Result	Test Name	MessagePass	setup	
+Pass	ECDSA P-256 with SHA-1 verification	
+Pass	ECDSA P-256 with SHA-256 verification	
+Fail	ECDSA P-256 with SHA-384 verification	
+Fail	ECDSA P-256 with SHA-512 verification	
+Pass	ECDSA P-384 with SHA-1 verification	
+Pass	ECDSA P-384 with SHA-256 verification	
+Pass	ECDSA P-384 with SHA-384 verification	
+Fail	ECDSA P-384 with SHA-512 verification	
+Fail	ECDSA P-521 with SHA-1 verification	
+Fail	ECDSA P-521 with SHA-256 verification	
+Fail	ECDSA P-521 with SHA-384 verification	
+Fail	ECDSA P-521 with SHA-512 verification	
+Pass	ECDSA P-256 with SHA-1 verification with altered signature after call	
+Pass	ECDSA P-256 with SHA-256 verification with altered signature after call	
+Fail	ECDSA P-256 with SHA-384 verification with altered signature after call	
+Fail	ECDSA P-256 with SHA-512 verification with altered signature after call	
+Pass	ECDSA P-384 with SHA-1 verification with altered signature after call	
+Pass	ECDSA P-384 with SHA-256 verification with altered signature after call	
+Pass	ECDSA P-384 with SHA-384 verification with altered signature after call	
+Fail	ECDSA P-384 with SHA-512 verification with altered signature after call	
+Fail	ECDSA P-521 with SHA-1 verification with altered signature after call	
+Fail	ECDSA P-521 with SHA-256 verification with altered signature after call	
+Fail	ECDSA P-521 with SHA-384 verification with altered signature after call	
+Fail	ECDSA P-521 with SHA-512 verification with altered signature after call	
+Pass	ECDSA P-256 with SHA-1 with altered plaintext after call	
+Pass	ECDSA P-256 with SHA-256 with altered plaintext after call	
+Fail	ECDSA P-256 with SHA-384 with altered plaintext after call	
+Fail	ECDSA P-256 with SHA-512 with altered plaintext after call	
+Pass	ECDSA P-384 with SHA-1 with altered plaintext after call	
+Pass	ECDSA P-384 with SHA-256 with altered plaintext after call	
+Pass	ECDSA P-384 with SHA-384 with altered plaintext after call	
+Fail	ECDSA P-384 with SHA-512 with altered plaintext after call	
+Fail	ECDSA P-521 with SHA-1 with altered plaintext after call	
+Fail	ECDSA P-521 with SHA-256 with altered plaintext after call	
+Fail	ECDSA P-521 with SHA-384 with altered plaintext after call	
+Fail	ECDSA P-521 with SHA-512 with altered plaintext after call	
+Pass	ECDSA P-256 with SHA-1 using privateKey to verify	
+Pass	ECDSA P-256 with SHA-256 using privateKey to verify	
+Pass	ECDSA P-256 with SHA-384 using privateKey to verify	
+Pass	ECDSA P-256 with SHA-512 using privateKey to verify	
+Pass	ECDSA P-384 with SHA-1 using privateKey to verify	
+Pass	ECDSA P-384 with SHA-256 using privateKey to verify	
+Pass	ECDSA P-384 with SHA-384 using privateKey to verify	
+Pass	ECDSA P-384 with SHA-512 using privateKey to verify	
+Pass	ECDSA P-521 with SHA-1 using privateKey to verify	
+Pass	ECDSA P-521 with SHA-256 using privateKey to verify	
+Pass	ECDSA P-521 with SHA-384 using privateKey to verify	
+Pass	ECDSA P-521 with SHA-512 using privateKey to verify	
+Pass	ECDSA P-256 with SHA-1 using publicKey to sign	
+Pass	ECDSA P-256 with SHA-256 using publicKey to sign	
+Pass	ECDSA P-256 with SHA-384 using publicKey to sign	
+Pass	ECDSA P-256 with SHA-512 using publicKey to sign	
+Pass	ECDSA P-384 with SHA-1 using publicKey to sign	
+Pass	ECDSA P-384 with SHA-256 using publicKey to sign	
+Pass	ECDSA P-384 with SHA-384 using publicKey to sign	
+Pass	ECDSA P-384 with SHA-512 using publicKey to sign	
+Pass	ECDSA P-521 with SHA-1 using publicKey to sign	
+Pass	ECDSA P-521 with SHA-256 using publicKey to sign	
+Pass	ECDSA P-521 with SHA-384 using publicKey to sign	
+Pass	ECDSA P-521 with SHA-512 using publicKey to sign	
+Pass	ECDSA P-256 with SHA-1 no verify usage	
+Pass	ECDSA P-256 with SHA-256 no verify usage	
+Pass	ECDSA P-256 with SHA-384 no verify usage	
+Pass	ECDSA P-256 with SHA-512 no verify usage	
+Pass	ECDSA P-384 with SHA-1 no verify usage	
+Pass	ECDSA P-384 with SHA-256 no verify usage	
+Pass	ECDSA P-384 with SHA-384 no verify usage	
+Pass	ECDSA P-384 with SHA-512 no verify usage	
+Pass	ECDSA P-521 with SHA-1 no verify usage	
+Pass	ECDSA P-521 with SHA-256 no verify usage	
+Pass	ECDSA P-521 with SHA-384 no verify usage	
+Pass	ECDSA P-521 with SHA-512 no verify usage	
+Fail	ECDSA P-256 with SHA-1 round trip	
+Fail	ECDSA P-256 with SHA-256 round trip	
+Fail	ECDSA P-256 with SHA-384 round trip	
+Fail	ECDSA P-256 with SHA-512 round trip	
+Fail	ECDSA P-384 with SHA-1 round trip	
+Fail	ECDSA P-384 with SHA-256 round trip	
+Fail	ECDSA P-384 with SHA-384 round trip	
+Fail	ECDSA P-384 with SHA-512 round trip	
+Fail	ECDSA P-521 with SHA-1 round trip	
+Fail	ECDSA P-521 with SHA-256 round trip	
+Fail	ECDSA P-521 with SHA-384 round trip	
+Fail	ECDSA P-521 with SHA-512 round trip	
+Pass	ECDSA P-256 with SHA-1 signing with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-256 signing with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-384 signing with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-512 signing with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-1 signing with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-256 signing with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-384 signing with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-512 signing with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-1 signing with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-256 signing with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-384 signing with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-512 signing with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-1 verifying with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-256 verifying with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-384 verifying with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-512 verifying with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-1 verifying with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-256 verifying with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-384 verifying with wrong algorithm name	
+Pass	ECDSA P-384 with SHA-512 verifying with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-1 verifying with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-256 verifying with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-384 verifying with wrong algorithm name	
+Pass	ECDSA P-521 with SHA-512 verifying with wrong algorithm name	
+Pass	ECDSA P-256 with SHA-1 verification failure due to altered signature	
+Pass	ECDSA P-256 with SHA-256 verification failure due to altered signature	
+Pass	ECDSA P-256 with SHA-384 verification failure due to altered signature	
+Pass	ECDSA P-256 with SHA-512 verification failure due to altered signature	
+Pass	ECDSA P-384 with SHA-1 verification failure due to altered signature	
+Pass	ECDSA P-384 with SHA-256 verification failure due to altered signature	
+Pass	ECDSA P-384 with SHA-384 verification failure due to altered signature	
+Pass	ECDSA P-384 with SHA-512 verification failure due to altered signature	
+Fail	ECDSA P-521 with SHA-1 verification failure due to altered signature	
+Fail	ECDSA P-521 with SHA-256 verification failure due to altered signature	
+Fail	ECDSA P-521 with SHA-384 verification failure due to altered signature	
+Fail	ECDSA P-521 with SHA-512 verification failure due to altered signature	
+Pass	ECDSA P-256 with SHA-1 verification failure due to wrong hash	
+Pass	ECDSA P-256 with SHA-256 verification failure due to wrong hash	
+Pass	ECDSA P-256 with SHA-384 verification failure due to wrong hash	
+Pass	ECDSA P-256 with SHA-512 verification failure due to wrong hash	
+Pass	ECDSA P-384 with SHA-1 verification failure due to wrong hash	
+Pass	ECDSA P-384 with SHA-256 verification failure due to wrong hash	
+Pass	ECDSA P-384 with SHA-384 verification failure due to wrong hash	
+Pass	ECDSA P-384 with SHA-512 verification failure due to wrong hash	
+Fail	ECDSA P-521 with SHA-1 verification failure due to wrong hash	
+Fail	ECDSA P-521 with SHA-256 verification failure due to wrong hash	
+Fail	ECDSA P-521 with SHA-384 verification failure due to wrong hash	
+Fail	ECDSA P-521 with SHA-512 verification failure due to wrong hash	
+Pass	ECDSA P-256 with SHA-1 verification failure due to bad hash name	
+Pass	ECDSA P-256 with SHA-256 verification failure due to bad hash name	
+Pass	ECDSA P-256 with SHA-384 verification failure due to bad hash name	
+Pass	ECDSA P-256 with SHA-512 verification failure due to bad hash name	
+Pass	ECDSA P-384 with SHA-1 verification failure due to bad hash name	
+Pass	ECDSA P-384 with SHA-256 verification failure due to bad hash name	
+Pass	ECDSA P-384 with SHA-384 verification failure due to bad hash name	
+Pass	ECDSA P-384 with SHA-512 verification failure due to bad hash name	
+Pass	ECDSA P-521 with SHA-1 verification failure due to bad hash name	
+Pass	ECDSA P-521 with SHA-256 verification failure due to bad hash name	
+Pass	ECDSA P-521 with SHA-384 verification failure due to bad hash name	
+Pass	ECDSA P-521 with SHA-512 verification failure due to bad hash name	
+Pass	ECDSA P-256 with SHA-1 verification failure due to shortened signature	
+Pass	ECDSA P-256 with SHA-256 verification failure due to shortened signature	
+Pass	ECDSA P-256 with SHA-384 verification failure due to shortened signature	
+Pass	ECDSA P-256 with SHA-512 verification failure due to shortened signature	
+Pass	ECDSA P-384 with SHA-1 verification failure due to shortened signature	
+Pass	ECDSA P-384 with SHA-256 verification failure due to shortened signature	
+Pass	ECDSA P-384 with SHA-384 verification failure due to shortened signature	
+Pass	ECDSA P-384 with SHA-512 verification failure due to shortened signature	
+Fail	ECDSA P-521 with SHA-1 verification failure due to shortened signature	
+Fail	ECDSA P-521 with SHA-256 verification failure due to shortened signature	
+Fail	ECDSA P-521 with SHA-384 verification failure due to shortened signature	
+Fail	ECDSA P-521 with SHA-512 verification failure due to shortened signature	
+Pass	ECDSA P-256 with SHA-1 verification failure due to altered plaintext	
+Pass	ECDSA P-256 with SHA-256 verification failure due to altered plaintext	
+Pass	ECDSA P-256 with SHA-384 verification failure due to altered plaintext	
+Pass	ECDSA P-256 with SHA-512 verification failure due to altered plaintext	
+Pass	ECDSA P-384 with SHA-1 verification failure due to altered plaintext	
+Pass	ECDSA P-384 with SHA-256 verification failure due to altered plaintext	
+Pass	ECDSA P-384 with SHA-384 verification failure due to altered plaintext	
+Pass	ECDSA P-384 with SHA-512 verification failure due to altered plaintext	
+Fail	ECDSA P-521 with SHA-1 verification failure due to altered plaintext	
+Fail	ECDSA P-521 with SHA-256 verification failure due to altered plaintext	
+Fail	ECDSA P-521 with SHA-384 verification failure due to altered plaintext	
+Fail	ECDSA P-521 with SHA-512 verification failure due to altered plaintext	
+Pass	ECDSA P-256 with SHA-1 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-256 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-256 with SHA-1 - Signature has excess padding verification	
+Pass	ECDSA P-256 with SHA-1 - The signature is empty verification	
+Pass	ECDSA P-256 with SHA-1 - The signature is all zeroes verification	
+Pass	ECDSA P-256 with SHA-256 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-256 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-256 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-256 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-256 with SHA-256 - Signature has excess padding verification	
+Pass	ECDSA P-256 with SHA-256 - The signature is empty verification	
+Pass	ECDSA P-256 with SHA-256 - The signature is all zeroes verification	
+Pass	ECDSA P-256 with SHA-384 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-256 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-256 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-256 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-256 with SHA-384 - Signature has excess padding verification	
+Pass	ECDSA P-256 with SHA-384 - The signature is empty verification	
+Pass	ECDSA P-256 with SHA-384 - The signature is all zeroes verification	
+Pass	ECDSA P-256 with SHA-512 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-256 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-256 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-256 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-256 with SHA-512 - Signature has excess padding verification	
+Pass	ECDSA P-256 with SHA-512 - The signature is empty verification	
+Pass	ECDSA P-256 with SHA-512 - The signature is all zeroes verification	
+Pass	ECDSA P-384 with SHA-1 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-384 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-384 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-384 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-384 with SHA-1 - Signature has excess padding verification	
+Pass	ECDSA P-384 with SHA-1 - The signature is empty verification	
+Pass	ECDSA P-384 with SHA-1 - The signature is all zeroes verification	
+Pass	ECDSA P-384 with SHA-256 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-384 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-384 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-384 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-384 with SHA-256 - Signature has excess padding verification	
+Pass	ECDSA P-384 with SHA-256 - The signature is empty verification	
+Pass	ECDSA P-384 with SHA-256 - The signature is all zeroes verification	
+Pass	ECDSA P-384 with SHA-384 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-384 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-384 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-384 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification	
+Pass	ECDSA P-384 with SHA-384 - Signature has excess padding verification	
+Pass	ECDSA P-384 with SHA-384 - The signature is empty verification	
+Pass	ECDSA P-384 with SHA-384 - The signature is all zeroes verification	
+Pass	ECDSA P-384 with SHA-512 - The signature was truncated by 1 byte verification	
+Pass	ECDSA P-384 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification	
+Pass	ECDSA P-384 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification	
+Pass	ECDSA P-384 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification	
+Pass	ECDSA P-384 with SHA-512 - Signature has excess padding verification	
+Pass	ECDSA P-384 with SHA-512 - The signature is empty verification	
+Pass	ECDSA P-384 with SHA-512 - The signature is all zeroes verification	
+Fail	ECDSA P-521 with SHA-1 - The signature was truncated by 1 byte verification	
+Fail	ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-256 verification	
+Fail	ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-384 verification	
+Fail	ECDSA P-521 with SHA-1 - The signature was made using SHA-1, however verification is being done using SHA-512 verification	
+Fail	ECDSA P-521 with SHA-1 - Signature has excess padding verification	
+Fail	ECDSA P-521 with SHA-1 - The signature is empty verification	
+Fail	ECDSA P-521 with SHA-1 - The signature is all zeroes verification	
+Fail	ECDSA P-521 with SHA-256 - The signature was truncated by 1 byte verification	
+Fail	ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-1 verification	
+Fail	ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-384 verification	
+Fail	ECDSA P-521 with SHA-256 - The signature was made using SHA-256, however verification is being done using SHA-512 verification	
+Fail	ECDSA P-521 with SHA-256 - Signature has excess padding verification	
+Fail	ECDSA P-521 with SHA-256 - The signature is empty verification	
+Fail	ECDSA P-521 with SHA-256 - The signature is all zeroes verification	
+Fail	ECDSA P-521 with SHA-384 - The signature was truncated by 1 byte verification	
+Fail	ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-1 verification	
+Fail	ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-256 verification	
+Fail	ECDSA P-521 with SHA-384 - The signature was made using SHA-384, however verification is being done using SHA-512 verification	
+Fail	ECDSA P-521 with SHA-384 - Signature has excess padding verification	
+Fail	ECDSA P-521 with SHA-384 - The signature is empty verification	
+Fail	ECDSA P-521 with SHA-384 - The signature is all zeroes verification	
+Fail	ECDSA P-521 with SHA-512 - The signature was truncated by 1 byte verification	
+Fail	ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-1 verification	
+Fail	ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-256 verification	
+Fail	ECDSA P-521 with SHA-512 - The signature was made using SHA-512, however verification is being done using SHA-384 verification	
+Fail	ECDSA P-521 with SHA-512 - Signature has excess padding verification	
+Fail	ECDSA P-521 with SHA-512 - The signature is empty verification	
+Fail	ECDSA P-521 with SHA-512 - The signature is all zeroes verification	
\ No newline at end of file
diff --git a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.html b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.html
new file mode 100644
index 00000000000..da6000ccc3c
--- /dev/null
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.html
@@ -0,0 +1,17 @@
+<!doctype html>
+<meta charset=utf-8>
+<title>WebCryptoAPI: sign() and verify() Using ECDSA</title>
+<meta name="timeout" content="long">
+<script>
+self.GLOBAL = {
+  isWindow: function() { return true; },
+  isWorker: function() { return false; },
+  isShadowRealm: function() { return false; },
+};
+</script>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+<script src="ecdsa_vectors.js"></script>
+<script src="ecdsa.js"></script>
+<div id=log></div>
+<script src="../../WebCryptoAPI/sign_verify/ecdsa.https.any.js"></script>
diff --git a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.js b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.js
new file mode 100644
index 00000000000..9764cc33540
--- /dev/null
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.https.any.js
@@ -0,0 +1,6 @@
+// META: title=WebCryptoAPI: sign() and verify() Using ECDSA
+// META: script=ecdsa_vectors.js
+// META: script=ecdsa.js
+// META: timeout=long
+
+run_test();
diff --git a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.js b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.js
new file mode 100644
index 00000000000..6bf662adcc5
--- /dev/null
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa.js
@@ -0,0 +1,509 @@
+
+function run_test() {
+    setup({explicit_done: true});
+
+    var subtle = self.crypto.subtle; // Change to test prefixed implementations
+
+    // When are all these tests really done? When all the promises they use have resolved.
+    var all_promises = [];
+
+    // Source file [algorithm_name]_vectors.js provides the getTestVectors method
+    // for the algorithm that drives these tests.
+    var testVectors = getTestVectors();
+    var invalidTestVectors = getInvalidTestVectors();
+
+    // Test verification first, because signing tests rely on that working
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_true(is_verified, "Signature verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification with an altered buffer after call
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                var signature = copyBuffer(vector.signature);
+                var operation = subtle.verify(algorithm, vector.publicKey, signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_true(is_verified, "Signature verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                signature[0] = 255 - signature[0];
+                return operation;
+            }, vector.name + " verification with altered signature after call");
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification with altered signature after call");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Check for successful verification even if plaintext is altered after call.
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                var plaintext = copyBuffer(vector.plaintext);
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, plaintext)
+                .then(function(is_verified) {
+                    assert_true(is_verified, "Signature verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                plaintext[0] = 255 - plaintext[0];
+                return operation;
+            }, vector.name + " with altered plaintext after call");
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " with altered plaintext after call");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Check for failures due to using privateKey to verify.
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                return subtle.verify(algorithm, vector.privateKey, vector.signature, vector.plaintext)
+                .then(function(plaintext) {
+                    assert_unreached("Should have thrown error for using privateKey to verify in " + vector.name + ": " + err.message + "'");
+                }, function(err) {
+                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of '" + err.message + "'");
+                });
+            }, vector.name + " using privateKey to verify");
+
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " using privateKey to verify");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Check for failures due to using publicKey to sign.
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                return subtle.sign(algorithm, vector.publicKey, vector.plaintext)
+                .then(function(signature) {
+                    assert_unreached("Should have thrown error for using publicKey to sign in " + vector.name + ": " + err.message + "'");
+                }, function(err) {
+                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of '" + err.message + "'");
+                });
+            }, vector.name + " using publicKey to sign");
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " using publicKey to sign");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Check for failures due to no "verify" usage.
+    testVectors.forEach(function(originalVector) {
+        var vector = Object.assign({}, originalVector);
+
+        var promise = importVectorKeys(vector, [], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                return subtle.verify(algorithm, vector.publicKey, vector.signature, vector.plaintext)
+                .then(function(plaintext) {
+                    assert_unreached("Should have thrown error for no verify usage in " + vector.name + ": " + err.message + "'");
+                }, function(err) {
+                    assert_equals(err.name, "InvalidAccessError", "Should throw InvalidAccessError instead of '" + err.message + "'");
+                });
+            }, vector.name + " no verify usage");
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " no verify usage");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Check for successful signing and verification.
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                return subtle.sign(algorithm, vector.privateKey, vector.plaintext)
+                .then(function(signature) {
+                    // Can we verify the signature?
+                    return subtle.verify(algorithm, vector.publicKey, signature, vector.plaintext)
+                    .then(function(is_verified) {
+                        assert_true(is_verified, "Round trip verification works");
+                        return signature;
+                    }, function(err) {
+                        assert_unreached("verify error for test " + vector.name + ": " + err.message + "'");
+                    });
+                }, function(err) {
+                    assert_unreached("sign error for test " + vector.name + ": '" + err.message + "'");
+                });
+            }, vector.name + " round trip");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested signing or verifying
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " round trip");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test signing with the wrong algorithm
+    testVectors.forEach(function(vector) {
+        // Want to get the key for the wrong algorithm
+        var promise = subtle.generateKey({name: "HMAC", hash: "SHA-1"}, false, ["sign", "verify"])
+        .then(function(wrongKey) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            return importVectorKeys(vector, ["verify"], ["sign"])
+            .then(function(vectors) {
+                promise_test(function(test) {
+                    var operation = subtle.sign(algorithm, wrongKey, vector.plaintext)
+                    .then(function(signature) {
+                        assert_unreached("Signing should not have succeeded for " + vector.name);
+                    }, function(err) {
+                        assert_equals(err.name, "InvalidAccessError", "Should have thrown InvalidAccessError instead of '" + err.message + "'");
+                    });
+
+                    return operation;
+                }, vector.name + " signing with wrong algorithm name");
+
+            }, function(err) {
+                // We need a failed test if the importVectorKey operation fails, so
+                // we know we never tested verification.
+                promise_test(function(test) {
+                    assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+                }, "importVectorKeys step: " + vector.name + " signing with wrong algorithm name");
+            });
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("Generate wrong key for test " + vector.name + " failed: '" + err.message + "'");
+            }, "generate wrong key step: " + vector.name + " signing with wrong algorithm name");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification with the wrong algorithm
+    testVectors.forEach(function(vector) {
+        // Want to get the key for the wrong algorithm
+        var promise = subtle.generateKey({name: "HMAC", hash: "SHA-1"}, false, ["sign", "verify"])
+        .then(function(wrongKey) {
+            return importVectorKeys(vector, ["verify"], ["sign"])
+            .then(function(vectors) {
+                var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+                promise_test(function(test) {
+                    var operation = subtle.verify(algorithm, wrongKey, vector.signature, vector.plaintext)
+                    .then(function(signature) {
+                        assert_unreached("Verifying should not have succeeded for " + vector.name);
+                    }, function(err) {
+                        assert_equals(err.name, "InvalidAccessError", "Should have thrown InvalidAccessError instead of '" + err.message + "'");
+                    });
+
+                    return operation;
+                }, vector.name + " verifying with wrong algorithm name");
+
+            }, function(err) {
+                // We need a failed test if the importVectorKey operation fails, so
+                // we know we never tested verification.
+                promise_test(function(test) {
+                    assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+                }, "importVectorKeys step: " + vector.name + " verifying with wrong algorithm name");
+            });
+        }, function(err) {
+            promise_test(function(test) {
+                assert_unreached("Generate wrong key for test " + vector.name + " failed: '" + err.message + "'");
+            }, "generate wrong key step: " + vector.name + " verifying with wrong algorithm name");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification fails with wrong signature
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            var signature = copyBuffer(vector.signature);
+            signature[0] = 255 - signature[0];
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_false(is_verified, "Signature NOT verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification failure due to altered signature");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification failure due to altered signature");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification fails with wrong hash
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var hashName = "SHA-1";
+            if (vector.hashName === "SHA-1") {
+                hashName = "SHA-256"
+            }
+            var algorithm = {name: vector.algorithmName, hash: hashName};
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_false(is_verified, "Signature NOT verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification failure due to wrong hash");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification failure due to wrong hash");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification fails with bad hash name
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            // use the wrong name for the hash
+            var hashName = vector.hashName.substring(0, 3) + vector.hashName.substring(4);
+            var algorithm = {name: vector.algorithmName, hash: hashName};
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_unreached("Verification should throw an error");
+                }, function(err) {
+                    assert_equals(err.name, "NotSupportedError", "Correctly throws NotSupportedError for illegal hash name")
+                });
+
+                return operation;
+            }, vector.name + " verification failure due to bad hash name");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification failure due to bad hash name");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification fails with short (odd length) signature
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            var signature = vector.signature.slice(1); // Skip the first byte
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_false(is_verified, "Signature NOT verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification failure due to shortened signature");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification failure due to shortened signature");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test verification fails with wrong plaintext
+    testVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            var plaintext = copyBuffer(vector.plaintext);
+            plaintext[0] = 255 - plaintext[0];
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, plaintext)
+                .then(function(is_verified) {
+                    assert_false(is_verified, "Signature NOT verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification failure due to altered plaintext");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification failure due to altered plaintext");
+        });
+
+        all_promises.push(promise);
+    });
+
+    // Test invalid signatures
+    invalidTestVectors.forEach(function(vector) {
+        var promise = importVectorKeys(vector, ["verify"], ["sign"])
+        .then(function(vectors) {
+            var algorithm = {name: vector.algorithmName, hash: vector.hashName};
+            promise_test(function(test) {
+                var operation = subtle.verify(algorithm, vector.publicKey, vector.signature, vector.plaintext)
+                .then(function(is_verified) {
+                    assert_false(is_verified, "Signature unexpectedly verified");
+                }, function(err) {
+                    assert_unreached("Verification should not throw error " + vector.name + ": " + err.message + "'");
+                });
+
+                return operation;
+            }, vector.name + " verification");
+
+        }, function(err) {
+            // We need a failed test if the importVectorKey operation fails, so
+            // we know we never tested verification.
+            promise_test(function(test) {
+                assert_unreached("importVectorKeys failed for " + vector.name + ". Message: ''" + err.message + "''");
+            }, "importVectorKeys step: " + vector.name + " verification");
+        });
+
+        all_promises.push(promise);
+    });
+
+    promise_test(function() {
+        return Promise.all(all_promises)
+            .then(function() {done();})
+            .catch(function() {done();})
+    }, "setup");
+
+    // A test vector has all needed fields for signing and verifying, EXCEPT that the
+    // key field may be null. This function replaces that null with the Correct
+    // CryptoKey object.
+    //
+    // Returns a Promise that yields an updated vector on success.
+    function importVectorKeys(vector, publicKeyUsages, privateKeyUsages) {
+        var publicPromise, privatePromise;
+
+        if (vector.publicKey !== null) {
+            publicPromise = new Promise(function(resolve, reject) {
+                resolve(vector);
+            });
+        } else {
+            publicPromise = subtle.importKey(vector.publicKeyFormat, vector.publicKeyBuffer, {name: vector.algorithmName, namedCurve: vector.namedCurve}, false, publicKeyUsages)
+            .then(function(key) {
+                vector.publicKey = key;
+                return vector;
+            });        // Returns a copy of the sourceBuffer it is sent.
+        }
+
+        if (vector.privateKey !== null) {
+            privatePromise = new Promise(function(resolve, reject) {
+                resolve(vector);
+            });
+        } else {
+            privatePromise = subtle.importKey(vector.privateKeyFormat, vector.privateKeyBuffer, {name: vector.algorithmName, namedCurve: vector.namedCurve}, false, privateKeyUsages)
+            .then(function(key) {
+                vector.privateKey = key;
+                return vector;
+            });
+        }
+
+        return Promise.all([publicPromise, privatePromise]);
+    }
+
+    // Returns a copy of the sourceBuffer it is sent.
+    function copyBuffer(sourceBuffer) {
+        var source = new Uint8Array(sourceBuffer);
+        var copy = new Uint8Array(sourceBuffer.byteLength)
+
+        for (var i=0; i<source.byteLength; i++) {
+            copy[i] = source[i];
+        }
+
+        return copy;
+    }
+
+    function equalBuffers(a, b) {
+        if (a.byteLength !== b.byteLength) {
+            return false;
+        }
+
+        var aBytes = new Uint8Array(a);
+        var bBytes = new Uint8Array(b);
+
+        for (var i=0; i<a.byteLength; i++) {
+            if (aBytes[i] !== bBytes[i]) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    return;
+}
diff --git a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa_vectors.js b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa_vectors.js
new file mode 100644
index 00000000000..aa9b81ba8a4
--- /dev/null
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/sign_verify/ecdsa_vectors.js
@@ -0,0 +1,139 @@
+
+// ecdsa_vectors.js
+
+// Data for testing ECDSA with every curve currently in the WebCryptoAPI recommendation.
+
+// The following function returns an array of test vectors
+// for the subtleCrypto encrypt method.
+//
+// Each test vector has the following fields:
+//     name - a unique name for this vector
+//     publicKeyBuffer - an arrayBuffer with the key data
+//     publicKeyFormat - "spki" "jwk"
+//     publicKey - a CryptoKey object for the keyBuffer. INITIALLY null! You must fill this in first to use it!
+//     privateKeyBuffer - an arrayBuffer with the key data
+//     privateKeyFormat - "pkcs8" or "jwk"
+//     privateKey - a CryptoKey object for the keyBuffer. INITIALLY null! You must fill this in first to use it!
+//     algorithmName - the name of the AlgorithmIdentifier parameter to provide to encrypt
+//     namedCurve - the curve used
+//     hashName - the hash function to sign with
+//     plaintext - the text to encrypt
+//     signature - the expected signature
+function getTestVectors() {
+    var pkcs8 = {
+        "P-256": new Uint8Array([48, 129, 135, 2, 1, 0, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 4, 109, 48, 107, 2, 1, 1, 4, 32, 230, 238, 207, 158, 98, 108, 202, 142, 24, 7, 155, 146, 197, 238, 38, 158, 84, 202, 18, 142, 175, 212, 137, 71, 255, 81, 171, 160, 10, 192, 229, 214, 161, 68, 3, 66, 0, 4, 10, 5, 30, 56, 111, 103, 196, 166, 225, 229, 203, 238, 125, 55, 116, 91, 88, 142, 190, 114, 15, 117, 89, 22, 40, 111, 150, 41, 105, 122, 57, 23, 17, 216, 106, 234, 201, 103, 8, 210, 58, 38, 35, 216, 198, 237, 187, 84, 217, 164, 63, 100, 6, 105, 49, 128, 15, 53, 29, 158, 117, 235, 238, 30]),
+        "P-384": new Uint8Array([48, 129, 182, 2, 1, 0, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 34, 4, 129, 158, 48, 129, 155, 2, 1, 1, 4, 48, 2, 169, 160, 216, 153, 239, 168, 126, 117, 100, 17, 9, 7, 233, 216, 44, 33, 189, 98, 101, 163, 122, 189, 154, 111, 219, 15, 128, 236, 132, 77, 211, 161, 66, 83, 32, 214, 125, 220, 48, 245, 219, 116, 239, 185, 162, 230, 97, 161, 100, 3, 98, 0, 4, 29, 49, 157, 105, 45, 202, 95, 87, 84, 186, 123, 50, 193, 22, 66, 198, 216, 210, 180, 251, 130, 73, 195, 242, 20, 215, 30, 144, 181, 37, 41, 102, 217, 127, 123, 235, 31, 170, 177, 228, 243, 226, 96, 85, 73, 194, 238, 219, 82, 3, 41, 179, 190, 166, 181, 229, 86, 36, 161, 81, 80, 161, 105, 102, 99, 95, 25, 22, 239, 4, 221, 117, 142, 105, 64, 157, 6, 51, 203, 75, 37, 153, 65, 121, 178, 42, 118, 156, 116, 52, 54, 145, 14, 121, 153, 81]),
+        "P-521": new Uint8Array([48, 129, 238, 2, 1, 0, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 35, 4, 129, 214, 48, 129, 211, 2, 1, 1, 4, 66, 1, 83, 62, 97, 143, 152, 234, 209, 181, 19, 236, 136, 120, 200, 130, 13, 55, 122, 54, 216, 240, 63, 43, 160, 70, 201, 49, 130, 90, 61, 53, 135, 48, 192, 178, 96, 51, 219, 183, 247, 228, 163, 212, 67, 74, 3, 94, 36, 183, 7, 249, 18, 71, 102, 23, 110, 26, 240, 184, 93, 242, 46, 170, 186, 156, 37, 161, 129, 137, 3, 129, 134, 0, 4, 0, 166, 222, 236, 251, 72, 145, 23, 241, 228, 28, 196, 160, 100, 7, 61, 134, 115, 8, 110, 81, 219, 37, 8, 110, 141, 183, 100, 212, 239, 246, 10, 173, 99, 88, 253, 207, 150, 122, 198, 132, 89, 39, 94, 42, 128, 79, 142, 238, 183, 228, 196, 40, 75, 20, 81, 192, 165, 234, 118, 254, 112, 7, 172, 5, 71, 1, 197, 237, 218, 249, 168, 158, 124, 79, 220, 201, 36, 199, 55, 216, 245, 133, 218, 151, 3, 169, 84, 194, 59, 231, 193, 74, 175, 166, 102, 84, 178, 86, 119, 10, 147, 142, 127, 38, 231, 0, 198, 3, 147, 28, 123, 208, 189, 181, 208, 99, 44, 125, 30, 171, 70, 111, 9, 217, 118, 194, 74, 50, 62, 27, 124])
+    };
+
+    var spki = {
+        "P-256": new Uint8Array([48, 89, 48, 19, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 8, 42, 134, 72, 206, 61, 3, 1, 7, 3, 66, 0, 4, 10, 5, 30, 56, 111, 103, 196, 166, 225, 229, 203, 238, 125, 55, 116, 91, 88, 142, 190, 114, 15, 117, 89, 22, 40, 111, 150, 41, 105, 122, 57, 23, 17, 216, 106, 234, 201, 103, 8, 210, 58, 38, 35, 216, 198, 237, 187, 84, 217, 164, 63, 100, 6, 105, 49, 128, 15, 53, 29, 158, 117, 235, 238, 30]),
+        "P-384": new Uint8Array([48, 118, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 34, 3, 98, 0, 4, 29, 49, 157, 105, 45, 202, 95, 87, 84, 186, 123, 50, 193, 22, 66, 198, 216, 210, 180, 251, 130, 73, 195, 242, 20, 215, 30, 144, 181, 37, 41, 102, 217, 127, 123, 235, 31, 170, 177, 228, 243, 226, 96, 85, 73, 194, 238, 219, 82, 3, 41, 179, 190, 166, 181, 229, 86, 36, 161, 81, 80, 161, 105, 102, 99, 95, 25, 22, 239, 4, 221, 117, 142, 105, 64, 157, 6, 51, 203, 75, 37, 153, 65, 121, 178, 42, 118, 156, 116, 52, 54, 145, 14, 121, 153, 81]),
+        "P-521": new Uint8Array([48, 129, 155, 48, 16, 6, 7, 42, 134, 72, 206, 61, 2, 1, 6, 5, 43, 129, 4, 0, 35, 3, 129, 134, 0, 4, 0, 166, 222, 236, 251, 72, 145, 23, 241, 228, 28, 196, 160, 100, 7, 61, 134, 115, 8, 110, 81, 219, 37, 8, 110, 141, 183, 100, 212, 239, 246, 10, 173, 99, 88, 253, 207, 150, 122, 198, 132, 89, 39, 94, 42, 128, 79, 142, 238, 183, 228, 196, 40, 75, 20, 81, 192, 165, 234, 118, 254, 112, 7, 172, 5, 71, 1, 197, 237, 218, 249, 168, 158, 124, 79, 220, 201, 36, 199, 55, 216, 245, 133, 218, 151, 3, 169, 84, 194, 59, 231, 193, 74, 175, 166, 102, 84, 178, 86, 119, 10, 147, 142, 127, 38, 231, 0, 198, 3, 147, 28, 123, 208, 189, 181, 208, 99, 44, 125, 30, 171, 70, 111, 9, 217, 118, 194, 74, 50, 62, 27, 124])
+    };
+
+    // plaintext
+    var plaintext = new Uint8Array([95, 77, 186, 79, 50, 12, 12, 232, 118, 114, 90, 252, 229, 251, 210, 91, 248, 62, 90, 113, 37, 160, 140, 175, 231, 60, 62, 186, 196, 33, 119, 157, 249, 213, 93, 24, 12, 58, 233, 148, 38, 69, 225, 216, 47, 238, 140, 157, 41, 75, 60, 177, 160, 138, 153, 49, 32, 27, 60, 14, 129, 252, 71, 202, 207, 131, 21, 162, 175, 102, 50, 65, 19, 195, 182, 98, 48, 195, 70, 8, 196, 244, 89, 54, 52, 206, 2, 178, 103, 54, 34, 119, 240, 168, 64, 202, 116, 188, 61, 26, 98, 54, 149, 44, 94, 215, 170, 248, 168, 254, 203, 221, 250, 117, 132, 230, 151, 140, 234, 93, 42, 91, 159, 183, 241, 180, 140, 139, 11, 229, 138, 48, 82, 2, 117, 77, 131, 118, 16, 115, 116, 121, 60, 240, 38, 170, 238, 83, 0, 114, 125, 131, 108, 215, 30, 113, 179, 69, 221, 178, 228, 68, 70, 255, 197, 185, 1, 99, 84, 19, 137, 13, 145, 14, 163, 128, 152, 74, 144, 25, 16, 49, 50, 63, 22, 219, 204, 157, 107, 225, 104, 184, 72, 133, 56, 76, 160, 62, 18, 96, 10, 193, 194, 72, 2, 138, 243, 114, 108, 201, 52, 99, 136, 46, 168, 192, 42, 171]);
+
+    // For verification tests.
+    var signatures = {
+        "P-256": {
+            "SHA-1": new Uint8Array([172, 224, 125, 170, 52, 83, 158, 179, 85, 149, 130, 217, 59, 201, 0, 251, 237, 196, 51, 243, 218, 231, 211, 136, 157, 249, 219, 16, 140, 178, 145, 16, 177, 104, 68, 179, 88, 49, 219, 184, 212, 202, 109, 248, 110, 64, 202, 129, 7, 173, 226, 88, 194, 69, 164, 158, 120, 120, 128, 3, 115, 14, 181, 197]),
+            "SHA-256": new Uint8Array([83, 223, 63, 226, 42, 29, 106, 105, 225, 145, 197, 180, 118, 154, 109, 110, 66, 67, 47, 251, 53, 190, 203, 65, 207, 36, 19, 57, 49, 122, 124, 118, 59, 74, 222, 134, 42, 235, 180, 229, 134, 24, 205, 81, 171, 156, 100, 218, 127, 242, 126, 53, 27, 77, 249, 101, 157, 132, 244, 30, 67, 30, 64, 12]),
+            "SHA-384": new Uint8Array([235, 111, 173, 249, 151, 252, 218, 129, 123, 117, 136, 26, 162, 115, 247, 110, 169, 145, 95, 189, 228, 98, 32, 82, 34, 94, 154, 197, 47, 83, 124, 137, 215, 71, 222, 247, 135, 22, 221, 238, 77, 247, 223, 194, 42, 158, 175, 224, 76, 182, 56, 138, 97, 196, 238, 109, 42, 102, 13, 71, 1, 43, 56, 92]),
+            "SHA-512": new Uint8Array([74, 201, 175, 173, 69, 107, 160, 142, 203, 41, 225, 5, 73, 146, 6, 40, 93, 130, 129, 35, 156, 171, 190, 161, 12, 10, 234, 123, 7, 5, 112, 97, 57, 183, 15, 52, 94, 215, 79, 255, 175, 222, 66, 234, 253, 180, 62, 161, 7, 11, 249, 37, 118, 185, 13, 102, 67, 84, 101, 189, 73, 132, 110, 206])
+        },
+        "P-384": {
+            "SHA-1": new Uint8Array([101, 254, 7, 14, 195, 234, 195, 82, 80, 208, 11, 158, 230, 219, 77, 45, 173, 213, 243, 187, 185, 196, 149, 200, 103, 29, 42, 13, 43, 153, 20, 159, 178, 79, 136, 175, 7, 78, 11, 144, 50, 104, 179, 208, 237, 95, 14, 20, 104, 87, 150, 178, 143, 227, 75, 45, 142, 220, 223, 16, 132, 91, 36, 207, 121, 179, 54, 39, 216, 189, 44, 129, 98, 28, 181, 30, 3, 12, 33, 164, 58, 187, 10, 135, 64, 250, 194, 111, 133, 34, 230, 131, 195, 103, 172, 150]),
+            "SHA-256": new Uint8Array([75, 194, 223, 234, 59, 205, 164, 251, 180, 253, 146, 123, 3, 15, 155, 128, 177, 245, 210, 173, 155, 183, 170, 6, 41, 56, 105, 87, 113, 32, 178, 177, 208, 239, 17, 204, 217, 254, 208, 113, 74, 171, 54, 190, 246, 57, 40, 247, 132, 245, 60, 126, 9, 223, 147, 233, 179, 229, 176, 200, 131, 207, 114, 9, 81, 180, 254, 35, 130, 199, 132, 46, 220, 252, 212, 93, 149, 106, 114, 210, 154, 64, 48, 160, 56, 169, 0, 230, 247, 221, 133, 122, 86, 80, 211, 232]),
+            "SHA-384": new Uint8Array([13, 217, 194, 199, 240, 182, 244, 217, 50, 130, 84, 169, 2, 232, 115, 116, 179, 192, 146, 25, 94, 107, 226, 26, 161, 166, 220, 216, 235, 166, 15, 123, 11, 56, 196, 0, 109, 250, 33, 70, 212, 233, 253, 35, 220, 51, 97, 121, 151, 64, 23, 73, 58, 31, 79, 116, 238, 207, 228, 85, 190, 61, 169, 237, 153, 100, 29, 129, 97, 13, 254, 180, 104, 182, 7, 218, 148, 29, 87, 20, 231, 181, 26, 238, 44, 69, 170, 14, 156, 77, 160, 33, 178, 55, 0, 144]),
+            "SHA-512": new Uint8Array([114, 251, 219, 54, 159, 211, 76, 28, 84, 38, 77, 7, 244, 250, 205, 105, 176, 46, 66, 6, 248, 168, 187, 37, 155, 136, 42, 48, 92, 86, 253, 226, 211, 81, 7, 228, 147, 197, 60, 214, 180, 175, 11, 49, 48, 111, 77, 3, 253, 67, 207, 199, 98, 161, 3, 14, 23, 163, 215, 117, 69, 58, 18, 18, 177, 66, 159, 123, 61, 147, 6, 106, 95, 66, 161, 11, 19, 140, 209, 119, 220, 9, 97, 110, 130, 125, 89, 136, 34, 215, 141, 70, 39, 183, 84, 230])
+        },
+        "P-521": {
+            "SHA-1": new Uint8Array([1, 120, 26, 23, 166, 14, 67, 18, 105, 96, 253, 57, 110, 18, 16, 145, 108, 33, 21, 202, 68, 40, 217, 104, 56, 156, 75, 70, 193, 85, 54, 116, 206, 147, 123, 142, 33, 112, 12, 230, 9, 50, 174, 15, 87, 92, 161, 135, 221, 89, 119, 32, 219, 131, 158, 177, 242, 12, 126, 51, 148, 120, 117, 89, 220, 213, 0, 32, 126, 87, 13, 245, 199, 228, 173, 159, 192, 165, 247, 32, 101, 233, 206, 28, 158, 61, 18, 202, 94, 109, 217, 244, 79, 225, 40, 86, 27, 117, 244, 34, 108, 79, 173, 242, 61, 131, 83, 108, 198, 105, 234, 64, 152, 227, 115, 182, 203, 145, 156, 139, 92, 252, 5, 5, 166, 125, 150, 178, 118, 164, 106, 61]),
+            "SHA-256": new Uint8Array([1, 116, 219, 167, 123, 20, 215, 63, 102, 245, 113, 103, 134, 163, 229, 168, 215, 201, 49, 68, 94, 109, 50, 10, 146, 41, 217, 97, 216, 161, 179, 239, 209, 26, 94, 163, 60, 121, 73, 90, 197, 153, 187, 182, 138, 100, 26, 132, 157, 88, 216, 62, 248, 84, 204, 38, 95, 166, 201, 23, 223, 246, 238, 67, 90, 103, 1, 179, 213, 82, 125, 172, 32, 251, 10, 112, 51, 195, 254, 121, 116, 78, 172, 239, 123, 63, 252, 39, 182, 77, 200, 99, 248, 111, 66, 152, 44, 178, 34, 146, 69, 254, 157, 228, 138, 165, 158, 182, 83, 212, 73, 112, 134, 217, 17, 165, 189, 39, 14, 149, 197, 30, 126, 152, 247, 165, 134, 63, 199, 251, 6, 92]),
+            "SHA-384": new Uint8Array([1, 247, 125, 177, 229, 19, 120, 225, 23, 197, 184, 190, 200, 160, 63, 150, 87, 210, 68, 197, 78, 131, 121, 8, 191, 113, 1, 37, 95, 65, 81, 82, 93, 158, 137, 207, 127, 84, 99, 27, 51, 104, 145, 157, 56, 36, 255, 159, 127, 120, 254, 129, 35, 154, 26, 159, 222, 43, 122, 131, 233, 92, 166, 160, 202, 17, 1, 185, 139, 29, 164, 237, 0, 236, 118, 147, 103, 233, 149, 139, 128, 71, 212, 127, 146, 171, 139, 255, 150, 241, 51, 11, 249, 72, 201, 34, 9, 1, 27, 140, 219, 180, 150, 212, 100, 219, 185, 22, 114, 14, 183, 2, 189, 173, 146, 140, 153, 185, 128, 183, 101, 4, 224, 173, 28, 18, 180, 168, 87, 49, 199, 12]),
+            "SHA-512": new Uint8Array([0, 178, 202, 175, 103, 152, 81, 154, 157, 54, 219, 250, 254, 120, 107, 47, 186, 28, 194, 172, 185, 149, 147, 193, 119, 179, 110, 58, 28, 238, 183, 2, 39, 90, 226, 60, 252, 202, 10, 173, 120, 246, 182, 222, 230, 180, 113, 139, 149, 208, 209, 167, 21, 170, 51, 120, 71, 14, 80, 181, 22, 193, 142, 15, 51, 5, 1, 240, 7, 30, 106, 50, 134, 127, 167, 15, 105, 92, 211, 156, 78, 135, 225, 66, 185, 228, 19, 77, 56, 116, 11, 214, 254, 227, 84, 165, 117, 22, 126, 19, 82, 78, 148, 131, 38, 55, 145, 15, 225, 30, 83, 168, 95, 178, 27, 145, 173, 184, 27, 177, 119, 156, 78, 43, 139, 200, 124, 113, 125, 195, 80, 132])
+        }
+    }
+
+    var vectors = [];
+    ["P-256", "P-384", "P-521"].forEach(function(curveName) {
+        ["SHA-1", "SHA-256", "SHA-384", "SHA-512"].forEach(function(hashName) {
+            var vector = {
+                name: "ECDSA " + curveName + " with " + hashName,
+                publicKeyBuffer: spki[curveName],
+                publicKeyFormat: "spki",
+                publicKey: null,
+                privateKeyBuffer: pkcs8[curveName],
+                privateKeyFormat: "pkcs8",
+                privateKey: null,
+                algorithmName: "ECDSA",
+                namedCurve: curveName,
+                hashName: hashName,
+                plaintext: plaintext,
+                signature: signatures[curveName][hashName]
+            };
+
+            vectors.push(vector);
+        })
+    });
+
+    return vectors;
+}
+
+// Additional test vectors, using the same format as getTestVectors, but the
+// signatures are invalid.
+function getInvalidTestVectors() {
+    var vectors = [];
+    for (const validVector of getTestVectors()) {
+        {
+            const vector = structuredClone(validVector);
+            vector.name = `${vector.name} - The signature was truncated by 1 byte`;
+            vector.signature = vector.signature.subarray(0, vector.signature.byteLength - 1);
+            vectors.push(vector);
+        }
+
+        // The signature was made with a different algorithm
+        for (const hashName of ["SHA-1", "SHA-256", "SHA-384", "SHA-512"]) {
+            if (validVector.hashName === hashName) continue;
+            const vector = structuredClone(validVector);
+            vector.name = `${vector.name} - The signature was made using ${vector.hashName}, however verification is being done using ${hashName}`;
+            vector.hashName = hashName;
+            vectors.push(vector);
+        }
+
+        {
+            // Excess padding
+            const vector = structuredClone(validVector);
+            vector.name = `${vector.name} - Signature has excess padding`;
+
+            const r = vector.signature.subarray(0, vector.signature.byteLength / 2);
+            const s = vector.signature.subarray(vector.signature.byteLength);
+            vector.signature = new Uint8Array([
+                0, ...r,
+                0, ...s,
+            ]);
+
+            vectors.push(vector);
+        }
+
+        {
+            // Empty signature
+            const vector = structuredClone(validVector);
+            vector.name = `${vector.name} - The signature is empty`;
+            vector.signature = new Uint8Array();
+            vectors.push(vector);
+        }
+
+        {
+            // Zeroed signature
+            const vector = structuredClone(validVector);
+            vector.name = `${vector.name} - The signature is all zeroes`;
+            vector.signature = new Uint8Array(vector.signature.byteLength);
+            vectors.push(vector);
+        }
+    }
+
+    return vectors;
+}