Skip to content

script: Implement derive bits operation of ECDH #40333

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 5, 2025
Merged

script: Implement derive bits operation of ECDH #40333

merged 4 commits into from
Nov 5, 2025

Conversation

@kkoyung
Copy link
Member

@kkoyung kkoyung commented Nov 1, 2025

Finish adding ECDH support to WebCrypto API. This patch implements derive bits operation of ECDH.

Testing: Pass some WPT tests that were expected to fail.
Fixes: Part of #39060

@kkoyung kkoyung requested a review from gterzian as a code owner November 1, 2025 05:54
@servo-highfive servo-highfive added the S-awaiting-review There is new code that needs to be reviewed. label Nov 1, 2025
@servo-highfive servo-highfive removed the S-awaiting-review There is new code that needs to be reviewed. label Nov 3, 2025
@arihant2math arihant2math added the S-awaiting-review There is new code that needs to be reviewed. label Nov 3, 2025
arihant2math
arihant2math reviewed Nov 3, 2025
View reviewed changes
components/script/dom/subtlecrypto/ecdh_operation.rs Outdated
let secret_length = secret.len();
secret[secret_length - 1] &= mask;
}
Ok(secret[..length.div_ceil(8) as usize].to_vec())
Copy link
Contributor

@arihant2math arihant2math Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: This be de-duplicated from the previous occurrence.

Copy link
Member Author

@kkoyung kkoyung Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch. The resizing of secret at L267 is redundant since it has been done before.

jdm
jdm approved these changes Nov 4, 2025
View reviewed changes
Copy link
Member

@jdm jdm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine, but I'd like to understand the remaining test failure.

tests/wpt/meta/WebCryptoAPI/derive_bits_keys/ecdh_bits.https.any.js.ini
[P-521 mismatched curves]
expected: FAIL

[P-521 public property of algorithm is not an ECDSA public key]
Copy link
Member

@jdm jdm Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we still fail this subtest?

Copy link
Member Author

@kkoyung kkoyung Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test tries to derive a key with an ECDSA public key rather than an ECDH public key, and expects step 4 throw an InvalidAccessError. However, we have not yet implemented key import operation of ECDSA, so this test cannot reach step 4 to get an InvalidAccessError.

@servo-highfive servo-highfive removed the S-awaiting-review There is new code that needs to be reviewed. label Nov 4, 2025
@jdm jdm added this pull request to the merge queue Nov 5, 2025
@servo-highfive servo-highfive added the S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. label Nov 5, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 5, 2025
@servo-highfive servo-highfive added S-tests-failed The changes caused existing tests to fail. and removed S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. labels Nov 5, 2025
@kkoyung
Implement derive bits operation of ECDH
1c9b612 
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
@kkoyung
Update WPT expectation of passed tests
981a821 
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
@kkoyung
Remove repeated resizing of secret
71a6328 
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
@kkoyung
Add CanGc argument to dictionary_from_jsval
bf76e79 
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
@servo-highfive servo-highfive added S-awaiting-review There is new code that needs to be reviewed. and removed S-tests-failed The changes caused existing tests to fail. labels Nov 5, 2025
@kkoyung
Copy link
Member Author

kkoyung commented Nov 5, 2025

I rebased on the main branch, and added the CanGc argument introduced in recent PR #40404

@jdm jdm added this pull request to the merge queue Nov 5, 2025
@servo-highfive servo-highfive added the S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. label Nov 5, 2025
Merged via the queue into servo:main with commit ffe9c45 Nov 5, 2025
35 checks passed
@servo-highfive servo-highfive removed the S-awaiting-merge The PR is in the process of compiling and running tests on the automated CI. label Nov 5, 2025
@kkoyung kkoyung deleted the ecdh-derive-bits branch November 5, 2025 06:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jdm jdm jdm approved these changes

@gterzian gterzian Awaiting requested review from gterzian gterzian is a code owner

+1 more reviewer

@arihant2math arihant2math arihant2math approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

S-awaiting-review There is new code that needs to be reviewed.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kkoyung @jdm @arihant2math @servo-highfive