From 4be391948fa0878f490bf2542843f95813bf2fef Mon Sep 17 00:00:00 2001
From: "Node.js GitHub Bot" <github-bot@iojs.org>
Date: Fri, 29 May 2026 14:13:38 +0000
Subject: [PATCH 1/2] test: update WPT for WebCryptoAPI to 0c413fb56b

---
 test/fixtures/wpt/README.md                   |  2 +-
 .../getPublicKey.tentative.https.any.js       | 36 +++++++++++++++++++
 .../supports-modern.tentative.https.any.js    | 13 +++----
 .../supports.tentative.https.any.js           | 15 ++++----
 test/fixtures/wpt/versions.json               |  2 +-
 5 files changed, 53 insertions(+), 15 deletions(-)

diff --git a/test/fixtures/wpt/README.md b/test/fixtures/wpt/README.md
index b8486fc5705fc3..c889fd59f32f06 100644
--- a/test/fixtures/wpt/README.md
+++ b/test/fixtures/wpt/README.md
@@ -34,7 +34,7 @@ Last update:
 - wasm/jsapi: https://github.com/web-platform-tests/wpt/tree/288c467d35/wasm/jsapi
 - wasm/webapi: https://github.com/web-platform-tests/wpt/tree/fd1b23eeaa/wasm/webapi
 - web-locks: https://github.com/web-platform-tests/wpt/tree/10a122a6bc/web-locks
-- WebCryptoAPI: https://github.com/web-platform-tests/wpt/tree/97bbc7247a/WebCryptoAPI
+- WebCryptoAPI: https://github.com/web-platform-tests/wpt/tree/0c413fb56b/WebCryptoAPI
 - webidl: https://github.com/web-platform-tests/wpt/tree/63ca529a02/webidl
 - webidl/ecmascript-binding/es-exceptions: https://github.com/web-platform-tests/wpt/tree/2f96fa1996/webidl/ecmascript-binding/es-exceptions
 - webmessaging/broadcastchannel: https://github.com/web-platform-tests/wpt/tree/6495c91853/webmessaging/broadcastchannel
diff --git a/test/fixtures/wpt/WebCryptoAPI/getPublicKey.tentative.https.any.js b/test/fixtures/wpt/WebCryptoAPI/getPublicKey.tentative.https.any.js
index 1b151345c3416d..73e4ad8231b04c 100644
--- a/test/fixtures/wpt/WebCryptoAPI/getPublicKey.tentative.https.any.js
+++ b/test/fixtures/wpt/WebCryptoAPI/getPublicKey.tentative.https.any.js
@@ -61,6 +61,42 @@ const algorithms = [
         generateKeyParams: { name: "X25519" },
         usages: ["deriveKey", "deriveBits"],
         publicKeyUsages: []
+    },
+    {
+        name: "ML-DSA-44",
+        generateKeyParams: { name: "ML-DSA-44" },
+        usages: ["sign", "verify"],
+        publicKeyUsages: ["verify"]
+    },
+    {
+        name: "ML-DSA-65",
+        generateKeyParams: { name: "ML-DSA-65" },
+        usages: ["sign", "verify"],
+        publicKeyUsages: ["verify"]
+    },
+    {
+        name: "ML-DSA-87",
+        generateKeyParams: { name: "ML-DSA-87" },
+        usages: ["sign", "verify"],
+        publicKeyUsages: ["verify"]
+    },
+    {
+        name: "ML-KEM-512",
+        generateKeyParams: { name: "ML-KEM-512" },
+        usages: ["encapsulateBits", "encapsulateKey", "decapsulateBits", "decapsulateKey"],
+        publicKeyUsages: ["encapsulateBits", "encapsulateKey"]
+    },
+    {
+        name: "ML-KEM-768",
+        generateKeyParams: { name: "ML-KEM-768" },
+        usages: ["encapsulateBits", "encapsulateKey", "decapsulateBits", "decapsulateKey"],
+        publicKeyUsages: ["encapsulateBits", "encapsulateKey"]
+    },
+    {
+        name: "ML-KEM-1024",
+        generateKeyParams: { name: "ML-KEM-1024" },
+        usages: ["encapsulateBits", "encapsulateKey", "decapsulateBits", "decapsulateKey"],
+        publicKeyUsages: ["encapsulateBits", "encapsulateKey"]
     }
 ];
 
diff --git a/test/fixtures/wpt/WebCryptoAPI/supports-modern.tentative.https.any.js b/test/fixtures/wpt/WebCryptoAPI/supports-modern.tentative.https.any.js
index 709ffcd43e2962..ca23b782317762 100644
--- a/test/fixtures/wpt/WebCryptoAPI/supports-modern.tentative.https.any.js
+++ b/test/fixtures/wpt/WebCryptoAPI/supports-modern.tentative.https.any.js
@@ -6,30 +6,30 @@
 const modernAlgorithms = {
   // Asymmetric algorithms
   'ML-DSA-44': {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
   },
   'ML-DSA-65': {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
   },
   'ML-DSA-87': {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
   },
   'ML-KEM-512': {
     operations: [
       'generateKey', 'importKey', 'encapsulateKey', 'encapsulateBits',
-      'decapsulateKey', 'decapsulateBits'
+      'decapsulateKey', 'decapsulateBits', 'getPublicKey'
     ],
   },
   'ML-KEM-768': {
     operations: [
       'generateKey', 'importKey', 'encapsulateKey', 'encapsulateBits',
-      'decapsulateKey', 'decapsulateBits'
+      'decapsulateKey', 'decapsulateBits', 'getPublicKey'
     ],
   },
   'ML-KEM-1024': {
     operations: [
       'generateKey', 'importKey', 'encapsulateKey', 'encapsulateBits',
-      'decapsulateKey', 'decapsulateBits'
+      'decapsulateKey', 'decapsulateBits', 'getPublicKey'
     ],
   },
 
@@ -54,6 +54,7 @@ const operations = [
   'encapsulateBits',
   'decapsulateKey',
   'decapsulateBits',
+  'getPublicKey',
 ];
 
 // Test that supports method exists and is a static method
diff --git a/test/fixtures/wpt/WebCryptoAPI/supports.tentative.https.any.js b/test/fixtures/wpt/WebCryptoAPI/supports.tentative.https.any.js
index 921212a0c21dfa..ac3a32c741000c 100644
--- a/test/fixtures/wpt/WebCryptoAPI/supports.tentative.https.any.js
+++ b/test/fixtures/wpt/WebCryptoAPI/supports.tentative.https.any.js
@@ -6,7 +6,7 @@
 const standardAlgorithms = {
   // Asymmetric algorithms
   'RSASSA-PKCS1-v1_5': {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
     keyGenParams: {
       name: 'RSASSA-PKCS1-v1_5',
       modulusLength: 2048,
@@ -17,7 +17,7 @@ const standardAlgorithms = {
     signParams: { name: 'RSASSA-PKCS1-v1_5' },
   },
   'RSA-PSS': {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
     keyGenParams: {
       name: 'RSA-PSS',
       modulusLength: 2048,
@@ -28,7 +28,7 @@ const standardAlgorithms = {
     signParams: { name: 'RSA-PSS', saltLength: 32 },
   },
   'RSA-OAEP': {
-    operations: ['generateKey', 'importKey', 'encrypt', 'decrypt'],
+    operations: ['generateKey', 'importKey', 'encrypt', 'decrypt', 'getPublicKey'],
     keyGenParams: {
       name: 'RSA-OAEP',
       modulusLength: 2048,
@@ -39,13 +39,13 @@ const standardAlgorithms = {
     encryptParams: { name: 'RSA-OAEP' },
   },
   ECDSA: {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
     keyGenParams: { name: 'ECDSA', namedCurve: 'P-256' },
     importParams: { name: 'ECDSA', namedCurve: 'P-256' },
     signParams: { name: 'ECDSA', hash: 'SHA-256' },
   },
   ECDH: {
-    operations: ['generateKey', 'importKey', 'deriveBits'],
+    operations: ['generateKey', 'importKey', 'deriveBits', 'getPublicKey'],
     keyGenParams: { name: 'ECDH', namedCurve: 'P-256' },
     importParams: { name: 'ECDH', namedCurve: 'P-256' },
     deriveBitsParams: {
@@ -58,12 +58,12 @@ const standardAlgorithms = {
     },
   },
   Ed25519: {
-    operations: ['generateKey', 'importKey', 'sign', 'verify'],
+    operations: ['generateKey', 'importKey', 'sign', 'verify', 'getPublicKey'],
     keyGenParams: null,
     signParams: { name: 'Ed25519' },
   },
   X25519: {
-    operations: ['generateKey', 'importKey', 'deriveBits'],
+    operations: ['generateKey', 'importKey', 'deriveBits', 'getPublicKey'],
     keyGenParams: null,
     deriveBitsParams: {
       name: 'X25519',
@@ -152,6 +152,7 @@ const operations = [
   'decrypt',
   'deriveBits',
   'digest',
+  'getPublicKey',
 ];
 
 // Test that supports method exists and is a static method
diff --git a/test/fixtures/wpt/versions.json b/test/fixtures/wpt/versions.json
index 8d1f153c4104b6..216dd0edf5c798 100644
--- a/test/fixtures/wpt/versions.json
+++ b/test/fixtures/wpt/versions.json
@@ -96,7 +96,7 @@
     "path": "web-locks"
   },
   "WebCryptoAPI": {
-    "commit": "97bbc7247a16231f4744a47a1d9b3d29633d5292",
+    "commit": "0c413fb56b9da8bf27502c866a3d60f93981804d",
     "path": "WebCryptoAPI"
   },
   "webidl": {

From d8a4cfdf835e3d96b1c2458ea24cf3ea85c7fa8c Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Fri, 29 May 2026 16:18:52 +0200
Subject: [PATCH 2/2] fixup! test: update WPT for WebCryptoAPI to 0c413fb56b

---
 test/wpt/status/WebCryptoAPI.cjs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/test/wpt/status/WebCryptoAPI.cjs b/test/wpt/status/WebCryptoAPI.cjs
index c31831a6ea6a12..20b8f1ed8f650a 100644
--- a/test/wpt/status/WebCryptoAPI.cjs
+++ b/test/wpt/status/WebCryptoAPI.cjs
@@ -62,6 +62,7 @@ if (!hasOpenSSL(3, 5) && !process.features.openssl_is_boringssl) {
     'sign_verify/mldsa.tentative.https.any.js');
 
   skipSubtests(
+    ['getPublicKey.tentative.https.any.js', /ml-(?:kem|dsa)/i],
     ['supports-modern.tentative.https.any.js', /ml-(?:kem|dsa)/i]);
 }
 
@@ -88,6 +89,7 @@ if (process.features.openssl_is_boringssl) {
     ['encap_decap/encap_decap_keys.tentative.https.any.js', /ml-kem-512/i],
     ['generateKey/failures_ML-KEM.tentative.https.any.js', /ml-kem-512/i],
     ['generateKey/successes_ML-KEM.tentative.https.any.js', /ml-kem-512/i],
+    ['getPublicKey.tentative.https.any.js', /ml-kem-512/i],
     ['import_export/ML-KEM_importKey.tentative.https.any.js', /ml-kem-512/i],
     ['serialization/mlkem.tentative.https.any.js', /ml-kem-512/i],
     ['supports-modern.tentative.https.any.js', /ml-kem-512/i]);