LibWeb: Fix Ed448 raw key length check in importKey

Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See https://github.com/w3c/webcrypto/pull/425#discussion_r3070135408
Author: https://github.com/tete17 Commit: https://github.com/LadybirdBrowser/ladybird/commit/00e9396cfe1 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/8886 Reviewed-by: https://github.com/gmta ✅
2026-04-28 02:27:19 +02:00 · 2026-04-12 22:38:05 +02:00 · 2026-04-19 11:36:45 +00:00
parent 1c5907d87f
commit 00e9396cfe
4 changed files with 107 additions and 1 deletions
--- a/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
+++ b/Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
@@ -6665,7 +6665,9 @@ WebIDL::ExceptionOr<GC::Ref<CryptoKey>> ED448::import_key(
        auto data = move(key_data.get<ByteBuffer>());

        // 3. If the length in bits of data is not 448 then throw a DataError.
-        if (data.size() * 8 != 448)
+        // AD-HOC: The spec has a typo with the size of the key length
+        //         See spec comment: https://github.com/w3c/webcrypto/pull/425#discussion_r3070135408
+        if (data.size() * 8 != 456)
            return WebIDL::DataError::create(m_realm, "Invalid key length"_utf16);

        // 4. Let algorithm be a new KeyAlgorithm object.