Conversation
tete17
suggested changes
Apr 12, 2026
| </li> | ||
| <li> | ||
| <p> | ||
| If the [= length in bits =] of |data| is not 448 then [= exception/throw =] a {{DataError}}. |
There was a problem hiding this comment.
Suggested change
| If the [= length in bits =] of |data| is not 448 then [= exception/throw =] a {{DataError}}. | |
| If the [= length in bits =] of |data| is not 456 then [= exception/throw =] a {{DataError}}. |
| </li> | ||
| <li> | ||
| <p> | ||
| If the [= length in bits =] of |data| is not 448 then [= exception/throw =] a {{DataError}}. |
There was a problem hiding this comment.
Suggested change
| If the [= length in bits =] of |data| is not 448 then [= exception/throw =] a {{DataError}}. | |
| If the [= length in bits =] of |data| is not 456 then [= exception/throw =] a {{DataError}}. |
tete17
added a commit
to tete17/ladybird
that referenced
this pull request
Apr 12, 2026
Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See w3c/webcrypto#425 (comment)
tete17
added a commit
to tete17/ladybird
that referenced
this pull request
Apr 13, 2026
Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See w3c/webcrypto#425 (comment)
tete17
added a commit
to tete17/ladybird
that referenced
this pull request
Apr 13, 2026
Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See w3c/webcrypto#425 (comment)
tete17
added a commit
to tete17/ladybird
that referenced
this pull request
Apr 17, 2026
Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See w3c/webcrypto#425 (comment)
gmta
pushed a commit
to LadybirdBrowser/ladybird
that referenced
this pull request
Apr 19, 2026
Ed448 public keys are 57 bytes (456 bits), not 56 bytes (448 bits). The curve is named "Ed448" after its 448-bit prime field, but per RFC 8032 Section 5.2.5, the parameter b=456 and both private and public keys are 57 bytes. This caused importKey to reject valid raw Ed448 public keys with a DataError. Note: The spec incorrectly says "not 448" for this check. See w3c/webcrypto#425 (comment)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is not intended to be merged now, but rather to have a placeholder for the code and discussion after we archive https://github.com/WICG/webcrypto-secure-curves/ (and until we have sufficient implementer support to merge it here).
Preview | Diff