Algorithms available at runtime depend on how openssl (which could be a shared lib) has been configured.
Test such as https://github.com/crypto-browserify/crypto-browserify/blob/9730d317e2141099b8e56d2afbaf806eb616e0a3/test/sign.js#L34
should not assume all algorithms are available.
The test could either catch the exception (createSign throws with "Unknown message digest") or check crypto.getCiphers().

See also browserify/browserify-sign#37

Here's a log, and i'll PR a workaround:

# ec with sha1
# js sign and verify
ok 95 validates
# node sign and verify
crypto.js:291
  this._handle.init(algorithm);
               ^

Error: Unknown message digest
    at new Sign (crypto.js:291:16)
    at Object.Sign (crypto.js:289:12)
    at Test.<anonymous> (/<<PKGBUILDDIR>>/test/sign.js:34:31)

in this repo is the issue just that ecdsa with sha1 isn't supported or the specific curve ?

Gimme a minute :)

List of failures:

# node sign and verify
skipping unsupported scheme ecdsa-with-SHA1
# node sign and js verify
skipping unsupported scheme ecdsa-with-SHA1
# js sign and node verify
skipping unsupported scheme ecdsa-with-SHA1

ok so it looks like it's just sha1 which is the issue here so if we just change this line to be sha256 that should fix it

Do you mean replace ecdsa-with-sha1 by sha256?

It works now.

Note that it's more something about default security setup than about debian in itself.

#176 works or this repo always worked ?

#176 works. It was failing before.