fix(crypto): add WebCrypto ML-KEM key material

crates/perry-runtime/src/buffer/header.rs

@@ -362,6 +362,10 @@ fn default_crypto_key_usages(algo: u8, kind: u8) -> u32 {
     const DERIVE_BITS: u32 = 1 << 5;
     const WRAP_KEY: u32 = 1 << 6;
     const UNWRAP_KEY: u32 = 1 << 7;
+    const ENCAPSULATE_BITS: u32 = 1 << 8;
+    const DECAPSULATE_BITS: u32 = 1 << 9;
+    const ENCAPSULATE_KEY: u32 = 1 << 10;
+    const DECAPSULATE_KEY: u32 = 1 << 11;
 
     match (algo, kind) {
         (1, 1) => SIGN | VERIFY,
@@ -373,6 +377,8 @@ fn default_crypto_key_usages(algo: u8, kind: u8) -> u32 {
         (9 | 11, 2) => DERIVE_KEY | DERIVE_BITS,
         (13, 2) => DECRYPT | UNWRAP_KEY,
         (13, 3) => ENCRYPT | WRAP_KEY,
+        (30 | 31 | 32, 2) => DECAPSULATE_BITS | DECAPSULATE_KEY,
+        (30 | 31 | 32, 3) => ENCAPSULATE_BITS | ENCAPSULATE_KEY,
         _ => 0,
     }
 }

crates/perry-runtime/src/object/field_get_set.rs

@@ -22,6 +22,10 @@ const CRYPTO_USAGE_DERIVE_KEY: u32 = 1 << 4;
 const CRYPTO_USAGE_DERIVE_BITS: u32 = 1 << 5;
 const CRYPTO_USAGE_WRAP_KEY: u32 = 1 << 6;
 const CRYPTO_USAGE_UNWRAP_KEY: u32 = 1 << 7;
+const CRYPTO_USAGE_ENCAPSULATE_BITS: u32 = 1 << 8;
+const CRYPTO_USAGE_DECAPSULATE_BITS: u32 = 1 << 9;
+const CRYPTO_USAGE_ENCAPSULATE_KEY: u32 = 1 << 10;
+const CRYPTO_USAGE_DECAPSULATE_KEY: u32 = 1 << 11;
 
 unsafe fn crypto_key_property_value(addr: usize, key_bytes: &[u8]) -> Option<JSValue> {
     let (algo, hash, kind, extractable, usages) = crate::buffer::crypto_key_meta(addr)?;
@@ -82,6 +86,9 @@ fn crypto_key_algorithm_name(algo: u8) -> &'static str {
         12 => "RSASSA-PKCS1-v1_5",
         13 => "RSA-OAEP",
         14 => "RSA-PSS",
+        30 => "ML-KEM-512",
+        31 => "ML-KEM-768",
+        32 => "ML-KEM-1024",
         _ => "",
     }
 }
@@ -120,6 +127,10 @@ unsafe fn crypto_key_usages_value(usages: u32) -> JSValue {
         (CRYPTO_USAGE_DERIVE_BITS, "deriveBits"),
         (CRYPTO_USAGE_WRAP_KEY, "wrapKey"),
         (CRYPTO_USAGE_UNWRAP_KEY, "unwrapKey"),
+        (CRYPTO_USAGE_ENCAPSULATE_BITS, "encapsulateBits"),
+        (CRYPTO_USAGE_DECAPSULATE_BITS, "decapsulateBits"),
+        (CRYPTO_USAGE_ENCAPSULATE_KEY, "encapsulateKey"),
+        (CRYPTO_USAGE_DECAPSULATE_KEY, "decapsulateKey"),
     ];
     let count = entries.iter().filter(|(bit, _)| usages & *bit != 0).count();
     let mut arr = crate::array::js_array_alloc(count as u32);

crates/perry-stdlib/Cargo.toml

@@ -219,7 +219,7 @@ bundled-mongodb = ["dep:mongodb", "dep:bson", "dep:futures-util", "async-runtime
 # bindings so the well-known flip (#466 Phase 4 step 2) can route them
 # to perry-ext-bcrypt / perry-ext-argon2 without taking the rest of
 # the crypto surface offline.
-crypto = ["dep:sha2", "dep:sha1", "dep:sha3", "dep:rsa-sha1", "dep:md-5", "dep:hex", "dep:hmac", "dep:aes", "dep:cbc", "dep:ecb", "dep:ctr", "dep:scrypt", "dep:pbkdf2", "dep:base64", "dep:x25519-dalek", "dep:ed25519-dalek", "dep:aes-gcm", "dep:ghash", "dep:aes-kw", "dep:hkdf", "dep:p256", "dep:x509-cert", "async-runtime", "ids", "bundled-bcrypt", "bundled-argon2", "bundled-jsonwebtoken", "bundled-ethers"]
+crypto = ["dep:sha2", "dep:sha1", "dep:sha3", "dep:rsa-sha1", "dep:md-5", "dep:hex", "dep:hmac", "dep:aes", "dep:cbc", "dep:ecb", "dep:ctr", "dep:scrypt", "dep:pbkdf2", "dep:base64", "dep:x25519-dalek", "dep:ed25519-dalek", "dep:aes-gcm", "dep:ghash", "dep:aes-kw", "dep:hkdf", "dep:p256", "dep:x509-cert", "dep:ml-kem", "async-runtime", "ids", "bundled-bcrypt", "bundled-argon2", "bundled-jsonwebtoken", "bundled-ethers"]
 bundled-bcrypt = ["dep:bcrypt", "async-runtime"]
 bundled-argon2 = ["dep:argon2", "async-runtime"]
 bundled-jsonwebtoken = ["dep:jsonwebtoken", "dep:p256", "dep:rsa", "dep:spki"]
@@ -387,6 +387,7 @@ ghash = { version = "0.5", optional = true }
 # `crypto` umbrella so it tracks the rest of the symmetric surface.
 aes-kw = { version = "0.3.0", optional = true }
 hkdf = { version = "0.13", optional = true }
+ml-kem = { version = "0.3.2", features = ["pkcs8"], optional = true }
 
 # Compression
 flate2 = { version = "1.0", optional = true }