SHA512 is not the same thing as P-521

[zamicol]

This is the second time I've seen "521" mistakenly used when referring to SHA-512, so I'm assuming there's a mix up with the P-521 curve and SHA-512

[zamicol]

I've looked at every other instance of "521" and everywhere else seems correct at a glance.

[csstaub]

I believe this is actually correct, the ES512 scheme (which is perhaps named confusingly) uses P-521 keys and hashes the data with SHA-512. In this case the expected bit size is to check the key size matches, and P-521 keys are 521 bits long (see line 515).

[zamicol]

Ah! Yes you are totally right. If you don't mind, I renamed "expectedBitSize" to "expectedCurve" to avoid any future confusion.