LibWeb: Implement ECDSA.importKey and ECDSA.exportKey

Very similar implementation to ECDH. Fixes ~700 tests!
Author: https://github.com/devgianlu Commit: https://github.com/LadybirdBrowser/ladybird/commit/f0fbd50c666 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/2715
2024-12-02 17:36:21 +01:00 · 2024-12-02 17:36:21 +01:00 · f0fbd50c66 · 2024-12-03 12:21:58 +00:00
commit f0fbd50c66
parent 940cdc7cf9
7 changed files with 1498 additions and 118 deletions
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@ -2486,6 +2486,743 @@ WebIDL::ExceptionOr<JS::Value> ECDSA::verify(AlgorithmParams const& params, GC::
    return JS::Value(result);
 }

+// https://w3c.github.io/webcrypto/#ecdsa-operations
+WebIDL::ExceptionOr<GC::Ref<CryptoKey>> ECDSA::import_key(AlgorithmParams const& params, Bindings::KeyFormat key_format, CryptoKey::InternalKeyData key_data, bool extractable, Vector<Bindings::KeyUsage> const& usages)
+{
+    // NOTE: This is a parameter to the function
+    // 1. Let keyData be the key data to be imported.
+
+    auto const& normalized_algorithm = static_cast<EcKeyImportParams const&>(params);
+
+    GC::Ptr<CryptoKey> key = nullptr;
+
+    // 2. If format is "spki":
+    if (key_format == Bindings::KeyFormat::Spki) {
+        // 1. If usages contains a value which is not "verify" then throw a SyntaxError.
+        for (auto const& usage : usages) {
+            if (usage != Bindings::KeyUsage::Verify) {
+                return WebIDL::SyntaxError::create(m_realm, MUST(String::formatted("Invalid key usage '{}'", idl_enum_to_string(usage))));
+            }
+        }
+
+        // 2. Let spki be the result of running the parse a subjectPublicKeyInfo algorithm over keyData.
+        // 3. If an error occurred while parsing, then throw a DataError.
+        auto spki = TRY(parse_a_subject_public_key_info(m_realm, key_data.get<ByteBuffer>()));
+
+        // 4. If the algorithm object identifier field of the algorithm AlgorithmIdentifier field of spki
+        //    is not equal to the id-ecPublicKey object identifier defined in [RFC5480], then throw a DataError.
+        if (spki.algorithm.identifier != ::Crypto::ASN1::ec_public_key_encryption_oid)
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // 5. If the parameters field of the algorithm AlgorithmIdentifier field of spki is absent, then throw a DataError.
+        if (!spki.algorithm.ec_parameters.has_value())
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm parameters"_string);
+
+        // 6. Let params be the parameters field of the algorithm AlgorithmIdentifier field of spki.
+        auto ec_params = spki.algorithm.ec_parameters;
+
+        // 7. If params is not an instance of the ECParameters ASN.1 type defined in [RFC5480] that specifies a namedCurve, then throw a DataError.
+        // 8. Let namedCurve be a string whose initial value is undefined.
+        String named_curve;
+
+        // 9. If params is equivalent to the secp256r1 object identifier defined in [RFC5480]:
+        if (ec_params == ::Crypto::ASN1::secp256r1_oid) {
+            // Set namedCurve to "P-256".
+            named_curve = "P-256"_string;
+        }
+        // If params is equivalent to the secp384r1 object identifier defined in [RFC5480]:
+        else if (ec_params == ::Crypto::ASN1::secp384r1_oid) {
+            // Set namedCurve to "P-384".
+            named_curve = "P-384"_string;
+        }
+        // If params is equivalent to the secp521r1 object identifier defined in [RFC5480]:
+        else if (ec_params == ::Crypto::ASN1::secp521r1_oid) {
+            // Set namedCurve to "P-521".
+            named_curve = "P-521"_string;
+        }
+
+        // 10. If namedCurve is not undefined
+        if (!named_curve.is_empty()) {
+            // 1. Let publicKey be the Elliptic Curve public key identified by performing
+            //    the conversion steps defined in Section 2.3.4 of [SEC1] to the subjectPublicKey field of spki.
+            // The uncompressed point format MUST be supported.
+            auto public_key = spki.ec;
+
+            // 2. If the implementation does not support the compressed point format and a compressed point is provided, throw a DataError.
+            // 3. If a decode error occurs or an identity point is found, throw a DataError.
+            // 4. Let key be a new CryptoKey that represents publicKey.
+            // NOTE: We already did this in parse_a_subject_public_key_info
+            key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { public_key });
+        } else {
+            // Otherwise:
+            // 1. Perform any key import steps defined by other applicable specifications, passing format, spki and obtaining namedCurve and key.
+            // TODO: support 'applicable specifications'
+
+            // 2. If an error occurred or there are no applicable specifications, throw a DataError.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // 11. If namedCurve is defined, and not equal to the namedCurve member of normalizedAlgorithm, throw a DataError.
+        if (!named_curve.is_empty() && named_curve != normalized_algorithm.named_curve)
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // TODO: 12. If the public key value is not a valid point on the Elliptic Curve identified
+        //           by the namedCurve member of normalizedAlgorithm throw a DataError.
+
+        // 13. Set the [[type]] internal slot of key to "public"
+        key->set_type(Bindings::KeyType::Public);
+
+        // 14. Let algorithm be a new EcKeyAlgorithm.
+        auto algorithm = EcKeyAlgorithm::create(m_realm);
+
+        // 15. Set the name attribute of algorithm to "ECDSA".
+        algorithm->set_name("ECDSA"_string);
+
+        // 16. Set the namedCurve attribute of algorithm to namedCurve.
+        algorithm->set_named_curve(named_curve);
+
+        // 17. Set the [[algorithm]] internal slot of key to algorithm.
+        key->set_algorithm(algorithm);
+    }
+
+    // 2. If format is "pkcs8":
+    else if (key_format == Bindings::KeyFormat::Pkcs8) {
+        // 1. If usages contains a value which is not "sign" then throw a SyntaxError.
+        for (auto const& usage : usages) {
+            if (usage != Bindings::KeyUsage::Sign) {
+                return WebIDL::SyntaxError::create(m_realm, MUST(String::formatted("Invalid key usage '{}'", idl_enum_to_string(usage))));
+            }
+        }
+
+        // 2. Let privateKeyInfo be the result of running the parse a privateKeyInfo algorithm over keyData.
+        // 3. If an error occurred while parsing, then throw a DataError.
+        auto private_key_info = TRY(parse_a_private_key_info(m_realm, key_data.get<ByteBuffer>()));
+
+        // 4. If the algorithm object identifier field of the privateKeyAlgorithm PrivateKeyAlgorithm field of privateKeyInfo
+        //    is not equal to the id-ecPublicKey object identifier defined in [RFC5480], then throw a DataError.
+        if (private_key_info.algorithm.identifier != ::Crypto::ASN1::ec_public_key_encryption_oid)
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // 5. If the parameters field of the privateKeyAlgorithm PrivateKeyAlgorithmIdentifier field
+        //    of privateKeyInfo is not present, then throw a DataError.
+        if (!private_key_info.algorithm.ec_parameters.has_value())
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm parameters"_string);
+
+        // 6. Let params be the parameters field of the privateKeyAlgorithm PrivateKeyAlgorithmIdentifier field of privateKeyInfo.
+        auto ec_params = private_key_info.algorithm.ec_parameters;
+
+        // 7. If params is not an instance of the ECParameters ASN.1 type defined in [RFC5480] that specifies a namedCurve, then throw a DataError.
+        // 8. Let namedCurve be a string whose initial value is undefined.
+        String named_curve;
+
+        // 9. If params is equivalent to the secp256r1 object identifier defined in [RFC5480]:
+        if (ec_params == ::Crypto::ASN1::secp256r1_oid) {
+            // Set namedCurve to "P-256".
+            named_curve = "P-256"_string;
+        }
+        // If params is equivalent to the secp384r1 object identifier defined in [RFC5480]:
+        else if (ec_params == ::Crypto::ASN1::secp384r1_oid) {
+            // Set namedCurve to "P-384".
+            named_curve = "P-384"_string;
+        }
+        // If params is equivalent to the secp521r1 object identifier defined in [RFC5480]:
+        else if (ec_params == ::Crypto::ASN1::secp521r1_oid) {
+            // Set namedCurve to "P-521".
+            named_curve = "P-521"_string;
+        }
+
+        // 10. If namedCurve is not undefined
+        if (!named_curve.is_empty()) {
+            // 1. Let ecPrivateKey be the result of performing the parse an ASN.1 structure algorithm,
+            //    with data as the privateKey field of privateKeyInfo, structure as the ASN.1 ECPrivateKey
+            //    structure specified in Section 3 of [RFC5915], and exactData set to true.
+            // NOTE: We already did this in parse_a_private_key_info
+            // 2. If an error occurred while parsing, then throw a DataError.
+            auto& ec_private_key = private_key_info.ec;
+
+            // 3. If the parameters field of ecPrivateKey is present, and is not an instance
+            //    of the namedCurve ASN.1 type defined in [RFC5480], or does not contain
+            //    the same object identifier as the parameters field of the privateKeyAlgorithm
+            //    PrivateKeyAlgorithmIdentifier field of privateKeyInfo, throw a DataError.
+            if (ec_private_key.parameters().has_value() && *ec_private_key.parameters() != ec_params.value_or({}))
+                return WebIDL::DataError::create(m_realm, "Invalid algorithm parameters"_string);
+
+            // 4. Let key be a new CryptoKey that represents the Elliptic Curve private key identified
+            //    by performing the conversion steps defined in Section 3 of [RFC5915] using ecPrivateKey.
+            key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { ec_private_key });
+        } else {
+            // Otherwise:
+            // 1. Perform any key import steps defined by other applicable specifications, passing format, spki and obtaining namedCurve and key.
+            // TODO: support 'applicable specifications'
+
+            // 2. If an error occurred or there are no applicable specifications, throw a DataError.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // 11. If namedCurve is defined, and not equal to the namedCurve member of normalizedAlgorithm, throw a DataError.
+        if (!named_curve.is_empty() && named_curve != normalized_algorithm.named_curve)
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // TODO: 12. If the key value is not a valid point on the Elliptic Curve identified
+        //           by the namedCurve member of normalizedAlgorithm throw a DataError.
+
+        // 13. Set the [[type]] internal slot of key to "private".
+        key->set_type(Bindings::KeyType::Private);
+
+        // 14. Let algorithm be a new EcKeyAlgorithm.
+        auto algorithm = EcKeyAlgorithm::create(m_realm);
+
+        // 15. Set the name attribute of algorithm to "ECDSA".
+        algorithm->set_name("ECDSA"_string);
+
+        // 16. Set the namedCurve attribute of algorithm to namedCurve.
+        algorithm->set_named_curve(named_curve);
+
+        // 17. Set the [[algorithm]] internal slot of key to algorithm.
+        key->set_algorithm(algorithm);
+    }
+
+    // 2. If format is "jwk":
+    else if (key_format == Bindings::KeyFormat::Jwk) {
+        // 1. If keyData is a JsonWebKey dictionary: Let jwk equal keyData.
+        //    Otherwise: Throw a DataError.
+        if (!key_data.has<Bindings::JsonWebKey>())
+            return WebIDL::DataError::create(m_realm, "keyData is not a JsonWebKey dictionary"_string);
+        auto& jwk = key_data.get<Bindings::JsonWebKey>();
+
+        // 2. If the d field is present and usages contains a value which is not "sign", or,
+        //    if the d field is not present and usages contains a value which is not "verify" then throw a SyntaxError.
+        if (jwk.d.has_value()) {
+            for (auto const& usage : usages) {
+                if (usage != Bindings::KeyUsage::Sign) {
+                    return WebIDL::SyntaxError::create(m_realm, MUST(String::formatted("Invalid key usage '{}'", idl_enum_to_string(usage))));
+                }
+            }
+        } else {
+            for (auto const& usage : usages) {
+                if (usage != Bindings::KeyUsage::Verify) {
+                    return WebIDL::SyntaxError::create(m_realm, MUST(String::formatted("Invalid key usage '{}'", idl_enum_to_string(usage))));
+                }
+            }
+        }
+
+        // 3. If the kty field of jwk is not "EC", then throw a DataError.
+        if (jwk.kty != "EC"sv)
+            return WebIDL::DataError::create(m_realm, "Invalid key type"_string);
+
+        // 4. If usages is non-empty and the use field of jwk is present and is not "sig", then throw a DataError.
+        if (!usages.is_empty() && jwk.use.has_value() && *jwk.use != "sig"sv)
+            return WebIDL::DataError::create(m_realm, "Invalid key use"_string);
+
+        // 5. If the key_ops field of jwk is present, and is invalid according to the requirements of JSON Web Key [JWK],
+        //    or it does not contain all of the specified usages values, then throw a DataError.
+        TRY(validate_jwk_key_ops(m_realm, jwk, usages));
+
+        // 6. If the ext field of jwk is present and has the value false and extractable is true, then throw a DataError.
+        if (jwk.ext.has_value() && !*jwk.ext && extractable)
+            return WebIDL::DataError::create(m_realm, "Invalid extractable"_string);
+
+        // 7. Let namedCurve be a string whose value is equal to the crv field of jwk.
+        // NOTE: The spec does not say what to do if crv is missing.
+        if (!jwk.crv.has_value())
+            return WebIDL::DataError::create(m_realm, "Invalid key crv"_string);
+        auto named_curve = *jwk.crv;
+
+        // 8. If namedCurve is not equal to the namedCurve member of normalizedAlgorithm, throw a DataError.
+        if (named_curve != normalized_algorithm.named_curve)
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // 9. If namedCurve is "P-256", "P-384" or "P-521":
+        if (named_curve.is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            // 1. Let algNamedCurve be a string whose initial value is undefined.
+            String alg_named_curve;
+
+            // 2. If the alg field is not present:
+            //    Let algNamedCurve be undefined.
+            if (jwk.alg.has_value()) {
+                // If the alg field is equal to the string "ES256":
+                if (*jwk.alg == "ES256")
+                    // Let algNamedCurve be the string "P-256".
+                    alg_named_curve = "P-256"_string;
+                // If the alg field is equal to the string "ES384":
+                else if (*jwk.alg == "ES384")
+                    // Let algNamedCurve be the string "P-384".
+                    alg_named_curve = "P-384"_string;
+                // If the alg field is equal to the string "ES512":
+                else if (*jwk.alg == "ES512")
+                    // Let algNamedCurve be the string "P-521".
+                    alg_named_curve = "P-521"_string;
+                // otherwise:
+                else
+                    // throw a DataError.
+                    return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+            }
+
+            // 3. If algNamedCurve is defined, and is not equal to namedCurve, throw a DataError.
+            if (!alg_named_curve.is_empty() && alg_named_curve != named_curve)
+                return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+            size_t coord_size;
+            if (named_curve == "P-256"sv)
+                coord_size = 32;
+            else if (named_curve == "P-384"sv)
+                coord_size = 48;
+            else if (named_curve == "P-521"sv)
+                coord_size = 66;
+            else
+                VERIFY_NOT_REACHED();
+
+            // NOTE: according to Section 6.2.1 and 6.2.2 of JSON Web Algorithms [JWA], x and y are always required
+            if (!jwk.x.has_value() || !jwk.y.has_value())
+                return WebIDL::DataError::create(m_realm, "Invalid key"_string);
+
+            auto maybe_x_bytes = decode_base64url(jwk.x.value());
+            if (maybe_x_bytes.is_error()) {
+                return WebIDL::DataError::create(m_realm, "Failed to decode base64"_string);
+            }
+            auto x_bytes = maybe_x_bytes.release_value();
+            if (x_bytes.size() != coord_size)
+                return WebIDL::DataError::create(m_realm, "Invalid key size"_string);
+
+            auto maybe_y_bytes = decode_base64url(jwk.y.value());
+            if (maybe_y_bytes.is_error()) {
+                return WebIDL::DataError::create(m_realm, "Failed to decode base64"_string);
+            }
+            auto y_bytes = maybe_y_bytes.release_value();
+            if (y_bytes.size() != coord_size)
+                return WebIDL::DataError::create(m_realm, "Invalid key size"_string);
+
+            auto public_key = ::Crypto::PK::ECPublicKey<> {
+                ::Crypto::UnsignedBigInteger::import_data(x_bytes),
+                ::Crypto::UnsignedBigInteger::import_data(y_bytes),
+            };
+
+            // If the d field is present:
+            if (jwk.d.has_value()) {
+                // 1. If jwk does not meet the requirements of Section 6.2.2 of JSON Web Algorithms [JWA], then throw a DataError.
+                auto maybe_d_bytes = decode_base64url(jwk.d.value());
+                if (maybe_d_bytes.is_error()) {
+                    return WebIDL::DataError::create(m_realm, "Failed to decode base64"_string);
+                }
+                auto d_bytes = maybe_d_bytes.release_value();
+                if (d_bytes.size() != coord_size)
+                    return WebIDL::DataError::create(m_realm, "Invalid key size"_string);
+
+                // 2. Let key be a new CryptoKey object that represents the Elliptic Curve private key identified
+                //    by interpreting jwk according to Section 6.2.2 of JSON Web Algorithms [JWA].
+                auto private_key = ::Crypto::PK::ECPrivateKey<> {
+                    ::Crypto::UnsignedBigInteger::import_data(d_bytes),
+                    {},
+                    public_key,
+                };
+                key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { private_key });
+
+                // 3. Set the [[type]] internal slot of Key to "private".
+                key->set_type(Bindings::KeyType::Private);
+            } else {
+                // Otherwise:
+                // 1. If jwk does not meet the requirements of Section 6.2.1 of JSON Web Algorithms [JWA], then throw a DataError.
+                // 2. Let key be a new CryptoKey object that represents the Elliptic Curve public key identified by interpreting
+                //    jwk according to Section 6.2.1 of JSON Web Algorithms [JWA].
+                key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { public_key });
+
+                // 3. Set the [[type]] internal slot of Key to "public".
+                key->set_type(Bindings::KeyType::Public);
+            }
+        } else {
+            // 1. Perform any key import steps defined by other applicable specifications, passing format, jwk and obtaining key.
+            // TODO: support 'applicable specifications'
+
+            // 2. If an error occurred or there are no applicable specifications, throw a DataError.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // TODO: 10. If the key value is not a valid point on the Elliptic Curve identified
+        //           by the namedCurve member of normalizedAlgorithm throw a DataError.
+
+        // 11. Let algorithm be a new instance of an EcKeyAlgorithm object.
+        auto algorithm = EcKeyAlgorithm::create(m_realm);
+
+        // 12. Set the name attribute of algorithm to "ECDSA".
+        algorithm->set_name("ECDSA"_string);
+
+        // 13. Set the namedCurve attribute of algorithm to namedCurve.
+        algorithm->set_named_curve(named_curve);
+
+        // 14. Set the [[algorithm]] internal slot of key to algorithm.
+        key->set_algorithm(algorithm);
+    }
+
+    // 2. If format is "raw":
+    else if (key_format == Bindings::KeyFormat::Raw) {
+        // 1. If the namedCurve member of normalizedAlgorithm is not a named curve, then throw a DataError.
+        if (!normalized_algorithm.named_curve.is_one_of("P-256"sv, "P-384"sv, "P-521"sv))
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+
+        // 2. If usages contains a value which is not "verify" then throw a SyntaxError.
+        for (auto const& usage : usages) {
+            if (usage != Bindings::KeyUsage::Verify) {
+                return WebIDL::SyntaxError::create(m_realm, MUST(String::formatted("Invalid key usage '{}'", idl_enum_to_string(usage))));
+            }
+        }
+
+        // 3. If namedCurve is "P-256", "P-384" or "P-521":
+        if (normalized_algorithm.named_curve.is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            auto key_bytes = key_data.get<ByteBuffer>();
+
+            // 1. Let Q be the Elliptic Curve public key on the curve identified by the namedCurve
+            //          member of normalizedAlgorithm identified by performing the conversion steps
+            //          defined in Section 2.3.4 of [SEC1] to keyData.
+            // The uncompressed point format MUST be supported.
+            // 2. If the implementation does not support the compressed point format and a compressed point is provided, throw a DataError.
+            // 3. If a decode error occurs or an identity point is found, throw a DataError.
+            auto maybe_public_key = ::Crypto::PK::EC::parse_ec_key(key_bytes, false, {});
+            if (maybe_public_key.is_error())
+                return WebIDL::DataError::create(m_realm, "Failed to parse key"_string);
+
+            // 4. Let key be a new CryptoKey that represents Q.
+            key = CryptoKey::create(m_realm, CryptoKey::InternalKeyData { maybe_public_key.release_value().public_key });
+        } else {
+            // Otherwise:
+            // 1. Perform any key import steps defined by other applicable specifications, passing format, keyData and obtaining key.
+            // TODO: support 'applicable specifications'
+
+            // 2. If an error occured or there are no applicable specifications, throw a DataError.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // 4. Let algorithm be a new EcKeyAlgorithm object.
+        auto algorithm = EcKeyAlgorithm::create(m_realm);
+
+        // 5. Set the name attribute of algorithm to "ECDSA".
+        algorithm->set_name("ECDSA"_string);
+
+        // 6. Set the namedCurve attribute of algorithm to equal the namedCurve member of normalizedAlgorithm.
+        algorithm->set_named_curve(normalized_algorithm.named_curve);
+
+        // 7. Set the [[type]] internal slot of key to "public"
+        key->set_type(Bindings::KeyType::Public);
+
+        // 8. Set the [[algorithm]] internal slot of key to algorithm.
+        key->set_algorithm(algorithm);
+    }
+
+    // Otherwise:
+    else {
+        // throw a NotSupportedError.
+        return WebIDL::NotSupportedError::create(m_realm, "Invalid key format"_string);
+    }
+
+    // 3. Return key
+    return GC::Ref { *key };
+}
+
+// https://w3c.github.io/webcrypto/#ecdsa-operations
+WebIDL::ExceptionOr<GC::Ref<JS::Object>> ECDSA::export_key(Bindings::KeyFormat format, GC::Ref<CryptoKey> key)
+{
+    // NOTE: This is a parameter to the function
+    // 1. Let key be the CryptoKey to be exported.
+
+    // 2. If the underlying cryptographic key material represented by the [[handle]] internal slot of key cannot be accessed, then throw an OperationError.
+    // Note: In our impl this is always accessible
+    auto const& handle = key->handle();
+
+    GC::Ptr<JS::Object> result = nullptr;
+
+    // 3. If format is "spki":
+    if (format == Bindings::KeyFormat::Spki) {
+        // 1. If the [[type]] internal slot of key is not "public", then throw an InvalidAccessError.
+        if (key->type() != Bindings::KeyType::Public)
+            return WebIDL::InvalidAccessError::create(m_realm, "Key is not a public key"_string);
+
+        ByteBuffer data;
+        // 2. Let data be an instance of the subjectPublicKeyInfo ASN.1 structure defined in [RFC5280] with the following properties:
+        //    Set the algorithm field to the OID id-ecPublicKey defined in [RFC5480].
+        //    Set the parameters field to an instance of the ECParameters ASN.1 type defined in [RFC5480] as follows:
+        //    Set the subjectPublicKey field to keyData
+        //    If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256", "P-384" or "P-521":
+        auto& algorithm = static_cast<EcKeyAlgorithm const&>(*key->algorithm());
+        if (algorithm.named_curve().is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            //  Let keyData be the octet string that represents the Elliptic Curve public key represented by the [[handle]] internal slot
+            //  of key according to the encoding rules specified in Section 2.3.3 of [SEC1] and using the uncompressed form.
+            //  If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256":
+            //      Set parameters to the namedCurve choice with value equal to the object identifier secp256r1 defined in [RFC5480]
+            //  If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-384":
+            //      Set parameters to the namedCurve choice with value equal to the object identifier secp384r1 defined in [RFC5480]
+            //  If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-521":
+            //      Set parameters to the namedCurve choice with value equal to the object identifier secp521r1 defined in [RFC5480]
+            // NOTE: everything above happens in wrap_in_subject_public_key_info
+            auto maybe_data = handle.visit(
+                [&](::Crypto::PK::ECPublicKey<> const& public_key) -> ErrorOr<ByteBuffer> {
+                    auto public_key_bytes = TRY(public_key.to_uncompressed());
+
+                    Span<int const> ec_params;
+                    if (algorithm.named_curve() == "P-256"sv)
+                        ec_params = ::Crypto::ASN1::secp256r1_oid;
+                    else if (algorithm.named_curve() == "P-384"sv)
+                        ec_params = ::Crypto::ASN1::secp384r1_oid;
+                    else if (algorithm.named_curve() == "P-521"sv)
+                        ec_params = ::Crypto::ASN1::secp521r1_oid;
+                    else
+                        VERIFY_NOT_REACHED();
+
+                    return TRY(::Crypto::PK::wrap_in_subject_public_key_info(public_key_bytes, ::Crypto::ASN1::ec_public_key_encryption_oid, ec_params));
+                },
+                [](auto) -> ErrorOr<ByteBuffer> {
+                    VERIFY_NOT_REACHED();
+                });
+
+            if (maybe_data.is_error()) {
+                return WebIDL::DataError::create(m_realm, "Failed to encode public key"_string);
+            }
+
+            data = maybe_data.release_value();
+        } else {
+            // Otherwise:
+            // 1. Perform any key export steps defined by other applicable specifications, passing format and the namedCurve attribute
+            //    of the [[algorithm]] internal slot of key and obtaining namedCurveOid and keyData.
+            // TODO: support 'applicable specifications'
+            // 2. Set parameters to the namedCurve choice with value equal to the object identifier namedCurveOid.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // NOTE: Spec does not say anything about this.
+        result = JS::ArrayBuffer::create(m_realm, data);
+    }
+
+    // 3. If format is "pkcs8":
+    else if (format == Bindings::KeyFormat::Pkcs8) {
+        // 1. If the [[type]] internal slot of key is not "private", then throw an InvalidAccessError.
+        if (key->type() != Bindings::KeyType::Private)
+            return WebIDL::InvalidAccessError::create(m_realm, "Key is not a private key"_string);
+
+        ByteBuffer data;
+
+        // 2. Let data be an instance of the privateKeyInfo ASN.1 structure defined in [RFC5280] with the following properties:
+        //    Set the version field to 0.
+        //    Set the privateKeyAlgorithm field to an PrivateKeyAlgorithmIdentifier ASN.1 type with the following properties:
+        //      Set the algorithm field to the OID id-ecPublicKey defined in [RFC5480].
+        //      Set the privateKey field to keyData.
+        //      Set the parameters field to an instance of the ECParameters ASN.1 type defined in [RFC5480] as follows:
+        //          If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256", "P-384" or "P-521":
+        auto& algorithm = static_cast<EcKeyAlgorithm const&>(*key->algorithm());
+        if (algorithm.named_curve().is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            // Let keyData be the result of DER-encoding an instance of the ECPrivateKey structure defined
+            // in Section 3 of [RFC5915] for the Elliptic Curve private key represented by the [[handle]] internal slot
+            // of key and that conforms to the following:
+            //      The parameters field is present, and is equivalent to the parameters field of the privateKeyAlgorithm field
+            //      of this PrivateKeyInfo ASN.1 structure.
+            //      The publicKey field is present and represents the Elliptic Curve public key associated with the Elliptic Curve
+            //      private key represented by the [[handle]] internal slot of key.
+            //      If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256":
+            //          Set parameters to the namedCurve choice with value equal to the object identifier secp256r1 defined in [RFC5480]
+            //      If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-384":
+            //          Set parameters to the namedCurve choice with value equal to the object identifier secp384r1 defined in [RFC5480]
+            //       If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-521":
+            //          Set parameters to the namedCurve choice with value equal to the object identifier secp521r1 defined in [RFC5480]
+            // NOTE: everything above happens in wrap_in_private_key_info
+            auto maybe_data = handle.visit(
+                [&](::Crypto::PK::ECPrivateKey<> const& private_key) -> ErrorOr<ByteBuffer> {
+                    Span<int const> ec_params;
+                    if (algorithm.named_curve() == "P-256"sv)
+                        ec_params = ::Crypto::ASN1::secp256r1_oid;
+                    else if (algorithm.named_curve() == "P-384"sv)
+                        ec_params = ::Crypto::ASN1::secp384r1_oid;
+                    else if (algorithm.named_curve() == "P-521"sv)
+                        ec_params = ::Crypto::ASN1::secp521r1_oid;
+                    else
+                        VERIFY_NOT_REACHED();
+
+                    return TRY(::Crypto::PK::wrap_in_private_key_info(private_key, ::Crypto::ASN1::ec_public_key_encryption_oid, ec_params));
+                },
+                [](auto) -> ErrorOr<ByteBuffer> {
+                    VERIFY_NOT_REACHED();
+                });
+
+            if (maybe_data.is_error())
+                return WebIDL::DataError::create(m_realm, "Failed to encode private key"_string);
+
+            data = maybe_data.release_value();
+        } else {
+            // Otherwise:
+            // 1. Perform any key export steps defined by other applicable specifications, passing format and the namedCurve attribute
+            //    of the [[algorithm]] internal slot of key and obtaining namedCurveOid and keyData.
+            // TODO: support 'applicable specifications'
+            // 2. Set parameters to the namedCurve choice with value equal to the object identifier namedCurveOid.
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // 3. Let result be the result of creating an ArrayBuffer containing data.
+        result = JS::ArrayBuffer::create(m_realm, data);
+    }
+
+    // 3. If format is "jwt":
+    else if (format == Bindings::KeyFormat::Jwk) {
+        // 1. Let jwk be a new JsonWebKey dictionary.
+        Bindings::JsonWebKey jwk = {};
+
+        // 2. Set the kty attribute of jwk to "EC".
+        jwk.kty = "EC"_string;
+
+        // 3. If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256", "P-384" or "P-521":
+        auto& algorithm = static_cast<EcKeyAlgorithm const&>(*key->algorithm());
+        if (algorithm.named_curve().is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            // 1. If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256":
+            if (algorithm.named_curve() == "P-256"sv) {
+                // Set the crv attribute of jwk to "P-256"
+                jwk.crv = "P-256"_string;
+            }
+            // If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-384":
+            else if (algorithm.named_curve() == "P-384"sv) {
+                // Set the crv attribute of jwk to "P-384"
+                jwk.crv = "P-384"_string;
+            }
+            // If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-521":
+            else if (algorithm.named_curve() == "P-521"sv) {
+                // Set the crv attribute of jwk to "P-521"
+                jwk.crv = "P-521"_string;
+            }
+
+            auto maybe_error = handle.visit(
+                [&](::Crypto::PK::ECPublicKey<> const& public_key) -> ErrorOr<void> {
+                    // 2. Set the x attribute of jwk according to the definition in Section 6.2.1.2 of JSON Web Algorithms [JWA].
+                    auto x_bytes = TRY(ByteBuffer::create_uninitialized(public_key.x().byte_length()));
+                    auto x_size = public_key.x().export_data(x_bytes);
+                    jwk.x = TRY(encode_base64url(x_bytes.span().slice(0, x_size), AK::OmitPadding::Yes));
+
+                    // 3. Set the y attribute of jwk according to the definition in Section 6.2.1.3 of JSON Web Algorithms [JWA].
+                    auto y_bytes = TRY(ByteBuffer::create_uninitialized(public_key.y().byte_length()));
+                    auto y_size = public_key.y().export_data(y_bytes);
+                    jwk.y = TRY(encode_base64url(y_bytes.span().slice(0, y_size), AK::OmitPadding::Yes));
+
+                    return {};
+                },
+                [&](::Crypto::PK::ECPrivateKey<> const& private_key) -> ErrorOr<void> {
+                    size_t coord_size;
+                    Variant<Empty, ::Crypto::Curves::SECP256r1, ::Crypto::Curves::SECP384r1> curve;
+                    if (algorithm.named_curve() == "P-256"sv) {
+                        curve = ::Crypto::Curves::SECP256r1 {};
+                        coord_size = 256 / 8;
+                    } else if (algorithm.named_curve() == "P-384"sv) {
+                        curve = ::Crypto::Curves::SECP384r1 {};
+                        coord_size = 384 / 8;
+                    } else if (algorithm.named_curve() == "P-521"sv) {
+                        // FIXME: Support P-521
+                        return {};
+                    } else {
+                        VERIFY_NOT_REACHED();
+                    }
+
+                    auto maybe_public_key = curve.visit(
+                        [](Empty const&) -> ErrorOr<::Crypto::Curves::SECPxxxr1Point> { return Error::from_string_literal("noop error"); },
+                        [&](auto instance) { return instance.generate_public_key_point(private_key.d()); });
+
+                    auto public_key = TRY(maybe_public_key);
+                    auto public_key_bytes = TRY(public_key.to_uncompressed());
+                    VERIFY(public_key_bytes[0] == 0x04);
+
+                    // 2. Set the x attribute of jwk according to the definition in Section 6.2.1.2 of JSON Web Algorithms [JWA].
+                    jwk.x = TRY(encode_base64url(public_key_bytes.span().slice(1, coord_size), AK::OmitPadding::Yes));
+
+                    // 3. Set the y attribute of jwk according to the definition in Section 6.2.1.3 of JSON Web Algorithms [JWA].
+                    jwk.y = TRY(encode_base64url(public_key_bytes.span().slice(1 + coord_size, coord_size), AK::OmitPadding::Yes));
+
+                    return {};
+                },
+                [](auto) -> ErrorOr<void> {
+                    VERIFY_NOT_REACHED();
+                });
+
+            if (maybe_error.is_error())
+                return WebIDL::DataError::create(m_realm, "Failed to encode public key"_string);
+
+            // 4. If the [[type]] internal slot of key is "private"
+            if (key->type() == Bindings::KeyType::Private) {
+                auto maybe_error = handle.visit(
+                    [&](::Crypto::PK::ECPrivateKey<> const& private_key) -> ErrorOr<void> {
+                        // Set the d attribute of jwk according to the definition in Section 6.2.2.1 of JSON Web Algorithms [JWA].
+                        auto d_bytes = TRY(ByteBuffer::create_uninitialized(private_key.d().byte_length()));
+                        auto d_size = private_key.d().export_data(d_bytes);
+                        jwk.d = TRY(encode_base64url(d_bytes.span().slice(0, d_size), AK::OmitPadding::Yes));
+
+                        return {};
+                    },
+                    [](auto) -> ErrorOr<void> {
+                        VERIFY_NOT_REACHED();
+                    });
+
+                if (maybe_error.is_error())
+                    return WebIDL::DataError::create(m_realm, "Failed to encode private key"_string);
+            }
+        } else {
+            // 1. Perform any key export steps defined by other applicable specifications,
+            //    passing format and the namedCurve attribute of the [[algorithm]] internal slot
+            //    of key and obtaining namedCurve and a new value of jwk.
+            // TODO: support 'applicable specifications'
+
+            // 2. Set the crv attribute of jwk to namedCurve.
+            jwk.crv = algorithm.named_curve();
+        }
+
+        // 4. Set the key_ops attribute of jwk to the usages attribute of key.
+        jwk.key_ops = Vector<String> {};
+        jwk.key_ops->ensure_capacity(key->internal_usages().size());
+        for (auto const& usage : key->internal_usages())
+            jwk.key_ops->append(idl_enum_to_string(usage));
+
+        // 5. Set the ext attribute of jwk to the [[extractable]] internal slot of key.
+        jwk.ext = key->extractable();
+
+        // 6. Let result be the result of converting jwk to an ECMAScript Object, as defined by [WebIDL].
+        result = TRY(jwk.to_object(m_realm));
+    }
+
+    // 3. If format is "raw":
+    else if (format == Bindings::KeyFormat::Raw) {
+        // 1. If the [[type]] internal slot of key is not "public", then throw an InvalidAccessError.
+        if (key->type() != Bindings::KeyType::Public)
+            return WebIDL::InvalidAccessError::create(m_realm, "Key is not a public key"_string);
+
+        ByteBuffer data;
+
+        // 2. If the namedCurve attribute of the [[algorithm]] internal slot of key is "P-256", "P-384" or "P-521":
+        auto& algorithm = static_cast<EcKeyAlgorithm const&>(*key->algorithm());
+        if (algorithm.named_curve().is_one_of("P-256"sv, "P-384"sv, "P-521"sv)) {
+            // Let data be an octet string representing the Elliptic Curve point Q represented by [[handle]] internal slot
+            // of key according to [SEC1] 2.3.3 using the uncompressed format.
+            auto maybe_data = handle.visit(
+                [](::Crypto::PK::ECPublicKey<> const& public_key) -> ErrorOr<ByteBuffer> {
+                    return public_key.to_uncompressed();
+                },
+                [](auto) -> ErrorOr<ByteBuffer> {
+                    VERIFY_NOT_REACHED();
+                });
+
+            if (maybe_data.is_error())
+                return WebIDL::DataError::create(m_realm, "Failed to encode public key"_string);
+
+            data = maybe_data.release_value();
+        } else {
+            // Perform any key export steps defined by other applicable specifications, passing format and
+            // the namedCurve attribute of the [[algorithm]] internal slot of key and obtaining namedCurve and data.
+            // TODO: support 'applicable specifications'
+            return WebIDL::DataError::create(m_realm, "Invalid algorithm"_string);
+        }
+
+        // 3. Let result be the result of creating an ArrayBuffer containing data.
+        result = JS::ArrayBuffer::create(m_realm, move(data));
+    }
+
+    // Otherwise:
+    else {
+        // throw a NotSupportedError.
+        return WebIDL::NotSupportedError::create(m_realm, "Invalid key format"_string);
+    }
+
+    // 4. Return result.
+    return GC::Ref { *result };
+}
+
 // https://w3c.github.io/webcrypto/#ecdh-operations
 WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> ECDH::generate_key(AlgorithmParams const& params, bool extractable, Vector<Bindings::KeyUsage> const& key_usages)
 {
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.h
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.h
@ -470,6 +470,8 @@ public:
    virtual WebIDL::ExceptionOr<JS::Value> verify(AlgorithmParams const&, GC::Ref<CryptoKey>, ByteBuffer const&, ByteBuffer const&) override;

    virtual WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> generate_key(AlgorithmParams const&, bool, Vector<Bindings::KeyUsage> const&) override;
+    virtual WebIDL::ExceptionOr<GC::Ref<CryptoKey>> import_key(AlgorithmParams const&, Bindings::KeyFormat, CryptoKey::InternalKeyData, bool, Vector<Bindings::KeyUsage> const&) override;
+    virtual WebIDL::ExceptionOr<GC::Ref<JS::Object>> export_key(Bindings::KeyFormat, GC::Ref<CryptoKey>) override;

    static NonnullOwnPtr<AlgorithmMethods> create(JS::Realm& realm) { return adopt_own(*new ECDSA(realm)); }

--- a/Libraries/LibWeb/Crypto/SubtleCrypto.cpp
+++ b/Libraries/LibWeb/Crypto/SubtleCrypto.cpp
@ -807,8 +807,8 @@ SupportedAlgorithmsMap const& supported_algorithms()
    define_an_algorithm<ECDSA, EcdsaParams>("sign"_string, "ECDSA"_string);
    define_an_algorithm<ECDSA, EcdsaParams>("verify"_string, "ECDSA"_string);
    define_an_algorithm<ECDSA, EcKeyGenParams>("generateKey"_string, "ECDSA"_string);
-    // FIXME: define_an_algorithm<ECDSA, EcKeyImportParams>("importKey"_string, "ECDSA"_string);
-    // FIXME: define_an_algorithm<ECDSA>("exportKey"_string, "ECDSA"_string);
+    define_an_algorithm<ECDSA, EcKeyImportParams>("importKey"_string, "ECDSA"_string);
+    define_an_algorithm<ECDSA>("exportKey"_string, "ECDSA"_string);

    // https://w3c.github.io/webcrypto/#ecdh-registration
    define_an_algorithm<ECDH, EcKeyImportParams>("importKey"_string, "ECDH"_string);
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey.https.any.txt
@ -2,135 +2,135 @@ Harness status: OK

 Found 246 tests

-97 Pass
-137 Fail
-12 Optional Feature Unsupported
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [verify])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [verify])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify])
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
-Fail	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign])
-Fail	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
-Fail	Empty Usages: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
-Fail	Empty Usages: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [])
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [verify])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [verify])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [verify])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify])
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
-Fail	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
-Fail	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
-Fail	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
-Fail	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [sign])
-Fail	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
-Fail	Empty Usages: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [sign])
-Fail	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
-Fail	Empty Usages: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [verify])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [verify])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [verify])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
-Fail	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])
-Fail	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
-Fail	Empty Usages: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
-Fail	Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [verify])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [verify])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [verify])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
-Fail	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
-Fail	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
-Fail	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
-Fail	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])
-Fail	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
-Fail	Empty Usages: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])
-Fail	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
-Fail	Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [])
+174 Pass
+24 Fail
+48 Optional Feature Unsupported
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Pass	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Empty Usages: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Empty Usages: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Pass	Good parameters: P-256 bits (raw, buffer(65), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-256 bits (raw, buffer(33, compressed), {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Pass	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Good parameters: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Empty Usages: P-256 bits (pkcs8, buffer(138), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Empty Usages: P-256 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Pass	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Empty Usages: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Good parameters: P-384 bits (spki, buffer(120), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (spki, buffer(72, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Pass	Good parameters: P-384 bits (raw, buffer(97), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-384 bits (raw, buffer(49, compressed), {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Pass	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Good parameters: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Empty Usages: P-384 bits (pkcs8, buffer(185), {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Good parameters: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Empty Usages: P-384 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-384}, false, [])
 Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])
 Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify])
 Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify])
 Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [])
 Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [])
 Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [])
 Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
 Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
 Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
 Fail	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign])
 Fail	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
-Fail	Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [])
+Pass	Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, true, [])
 Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign])
 Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
-Fail	Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])
-Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])
-Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])
-Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])
-Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
-Fail	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
-Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
-Fail	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
-Fail	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
-Fail	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])
-Fail	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
-Fail	Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])
-Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])
-Fail	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
-Fail	Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, true, [])
+Pass	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Good parameters: P-521 bits (spki, buffer(158), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (spki, buffer(90, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Pass	Good parameters: P-521 bits (jwk, object(kty, crv, x, y), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Pass	Good parameters: P-521 bits (raw, buffer(133), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Optional Feature Unsupported	Good parameters: P-521 bits (raw, buffer(67, compressed), {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Pass	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Good parameters: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Empty Usages: P-521 bits (pkcs8, buffer(241), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Good parameters: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Empty Usages: P-521 bits (jwk, object(kty, crv, x, y, d), {name: ECDSA, namedCurve: P-521}, false, [])
 Pass	Good parameters: P-256 bits (spki, buffer(91), {name: ECDH, namedCurve: P-256}, true, [])
 Optional Feature Unsupported	Good parameters: P-256 bits (spki, buffer(59, compressed), {name: ECDH, namedCurve: P-256}, true, [])
 Pass	Good parameters: P-256 bits (jwk, object(kty, crv, x, y), {name: ECDH, namedCurve: P-256}, true, [])
--- a/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.txt
+++ b/Tests/LibWeb/Text/expected/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.txt
@ -0,0 +1,613 @@
+Harness status: OK
+
+Found 608 tests
+
+608 Pass
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, encrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, decrypt])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, sign])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, wrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, unwrapKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, deriveKey])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, encrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, decrypt])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, verify])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, wrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, unwrapKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, deriveKey])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign, deriveBits])
+Pass	Bad usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign, deriveBits])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [])
+Pass	Empty usages: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [])
+Pass	Empty usages: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-256}, true, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-256}, false, [verify, verify])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-384}, true, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-384}, false, [verify, verify])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
+Pass	Bad key length: importKey(spki, {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-521}, true, [verify, verify])
+Pass	Bad key length: importKey(raw, {name: ECDSA, namedCurve: P-521}, false, [verify, verify])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
+Pass	Bad key length: importKey(pkcs8, {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
+Pass	Bad key length: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, true, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-256}, false, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, true, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-384}, false, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
+Pass	Missing JWK 'x' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
+Pass	Missing JWK 'kty' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, true, [sign, sign])
+Pass	Missing JWK 'crv' parameter: importKey(jwk(private), {name: ECDSA, namedCurve: P-521}, false, [sign, sign])
+Pass	Missing algorithm name: importKey(spki, {}, true, verify)
+Pass	Missing algorithm name: importKey(spki, {}, false, verify)
+Pass	Missing algorithm name: importKey(raw, {}, true, verify)
+Pass	Missing algorithm name: importKey(raw, {}, false, verify)
+Pass	Missing algorithm name: importKey(pkcs8, {}, true, sign)
+Pass	Missing algorithm name: importKey(pkcs8, {}, false, sign)
+Pass	Missing algorithm name: importKey(jwk(private), {}, true, sign)
+Pass	Missing algorithm name: importKey(jwk(private), {}, false, sign)
--- a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.html
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.html
@ -0,0 +1,18 @@
+<!doctype html>
+<meta charset=utf-8>
+<title>WebCryptoAPI: importKey() for Failures</title>
+<meta name="timeout" content="long">
+<script>
+self.GLOBAL = {
+  isWindow: function() { return true; },
+  isWorker: function() { return false; },
+  isShadowRealm: function() { return false; },
+};
+</script>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+<script src="../util/helpers.js"></script>
+<script src="ec_importKey_failures_fixtures.js"></script>
+<script src="importKey_failures.js"></script>
+<div id=log></div>
+<script src="../../WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.js"></script>
--- a/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.js
+++ b/Tests/LibWeb/Text/input/wpt-import/WebCryptoAPI/import_export/ec_importKey_failures_ECDSA.https.any.js
@ -0,0 +1,10 @@
+// META: title=WebCryptoAPI: importKey() for Failures
+// META: timeout=long
+// META: script=../util/helpers.js
+// META: script=ec_importKey_failures_fixtures.js
+// META: script=importKey_failures.js
+
+// Setup: define the correct behaviors that should be sought, and create
+// helper functions that generate all possible test parameters for
+// different situations.
+run_test(["ECDSA"]);