eliott/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird synced 2026-04-26 09:45:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

LibWeb: Implement message signing for ML-DSA algorithm

Browse Source
This commit is contained in:
Tete17
2025-11-22 22:13:01 +01:00
committed by Jelle Raaijmakers
parent a9ade1c238
commit ef0205ec86
Notes: github-actions[bot] 2025-12-10 20:29:23 +00:00 
Author: https://github.com/tete17
Commit: https://github.com/LadybirdBrowser/ladybird/commit/ef0205ec86f
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/6935
Reviewed-by: https://github.com/R-Goc
Reviewed-by: https://github.com/gmta
3 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
Libraries/LibWeb/Crypto/CryptoAlgorithms.cpp
View File

@@ -8291,6 +8291,41 @@ WebIDL::ExceptionOr<JS::Value> HMAC::get_key_length(AlgorithmParams const& param
return JS::Value(length);
}
// https://wicg.github.io/webcrypto-modern-algos/#ml-dsa-operations-sign
WebIDL::ExceptionOr<GC::Ref<JS::ArrayBuffer>> MLDSA::sign(AlgorithmParams const& params, GC::Ref<CryptoKey> key, ByteBuffer const& message)
{
// 1. If the [[type]] internal slot of key is not "private", then throw an InvalidAccessError.
if (key->type() != Bindings::KeyType::Private)
return WebIDL::InvalidAccessError::create(m_realm, "Key is not a private key"_utf16);
// 2. Let context be the context member of normalizedAlgorithm or the empty octet string if the
// context member of normalizedAlgorithm is not present.
auto const& normalized_algorithm = static_cast<ContextParams const&>(params);
auto context = normalized_algorithm.context.value_or(ByteBuffer());
// 3. Let result be the result of performing the ML-DSA.Sign signing algorithm, as specified in
// Section 5.2 of [FIPS-204], with the parameter set indicated by the name member of normalizedAlgorithm,
// using the ML-DSA private key associated with key as sk, message as M and context as ctx.
VERIFY(key->handle().has<::Crypto::PK::MLDSAPrivateKey>());
auto lattice = [&] {
if (params.name == "ML-DSA-44")
return ::Crypto::PK::MLDSA(::Crypto::PK::MLDSASize::MLDSA44, key->handle().get<::Crypto::PK::MLDSAPrivateKey>(), context);
if (params.name == "ML-DSA-65")
return ::Crypto::PK::MLDSA(::Crypto::PK::MLDSASize::MLDSA65, key->handle().get<::Crypto::PK::MLDSAPrivateKey>(), context);
if (params.name == "ML-DSA-87")
return ::Crypto::PK::MLDSA(::Crypto::PK::MLDSASize::MLDSA87, key->handle().get<::Crypto::PK::MLDSAPrivateKey>(), context);
VERIFY_NOT_REACHED();
}();
auto const maybe_result = lattice.sign(message);
// 4. If the ML-DSA.Sign algorithm returned an error, return an OperationError.
if (maybe_result.is_error())
return WebIDL::OperationError::create(m_realm, "Failed to sign message"_utf16);
// 5. Return result.
return JS::ArrayBuffer::create(m_realm, maybe_result.value());
}
// https://wicg.github.io/webcrypto-modern-algos/#ml-dsa-operations-generate-key
WebIDL::ExceptionOr<Variant<GC::Ref<CryptoKey>, GC::Ref<CryptoKeyPair>>> MLDSA::generate_key(AlgorithmParams const& params, bool extractable, Vector<Bindings::KeyUsage> const& usages)
{