mirror of
https://github.com/servo/servo
synced 2026-05-15 03:16:47 +02:00
37cce14548
This patch adds the cryptographic algorithm Ed25519 support to `SubtleCrypto` interface, covering the "sign", "verify", "generateKey", "importKey" and "exportKey" operations. One may notice that the following related WPT tests do not pass in this patch. They are caused by the unimplemented Step 2 and 3 of the "verify" operation (https://w3c.github.io/webcrypto/#ed25519-operations-verify) of Ed25519, which check whether the key represents an invalid point or a small-order element on the Elliptic Curve of Ed25519. ```plaintext [Ed25519 Verification checks with small-order key of order - Test 0] [Ed25519 Verification checks with small-order key of order - Test 1] [Ed25519 Verification checks with small-order key of order - Test 2] [Ed25519 Verification checks with small-order key of order - Test 12] [Ed25519 Verification checks with small-order key of order - Test 13] ``` The specification mentions that not all implementation perform this check. There is also a discussion on it at specification level (https://github.com/WICG/webcrypto-secure-curves/issues/27). As of today, Chrome, Edge, Firefox and Safari do not implement it, and do not pass those tests [1]. Meanwhile, the `aws-lc-rs` crate does not provide relevant code. We may leave it unimplemented for now, and decide what to do later. [1] https://wpt.fyi/results/WebCryptoAPI/sign_verify/eddsa_small_order_points.https.any.html?run_id=4820942170882048&run_id=6289205228732416&run_id=5178672043786240&run_id=5113794717286400 Testing: Pass WPT tests that were expected to fail. Fixes: Part of #39060 --------- Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>