Missing clamping when generating x25519 KeyPair on web platform #220
Description
The key pair created using brower version X25519.newKeyPair() is not clamped where X25519.newKeyPairFromSeed(seed) is. This has the consequence that:
final generated = await X25519.newKeyPair();
final skBytes = await baseKeyPair.extractPrivateKeyBytes();
final recreated = await algorithm.newKeyPairFromSeed(skBytes);-> generated != recreated
It is possible to achieve stability by modifying browser /x25519.dart code like this:
@override
Future<SimpleKeyPair> newKeyPair() async {
late web_crypto.Jwk jwk;
try {
final jsCryptoKey = await web_crypto.generateKeyWhenKeyPair(
_jsAlgorithm, true.toJS, ['deriveBits'.toJS].toJS);
jwk = await web_crypto.exportKeyWhenJwk(jsCryptoKey.privateKey);
} catch (e) {
final fallback = _fallback;
if (fallback != null) {
return fallback.newKeyPair();
}
throw StateError('$runtimeType.newKeyPair(...) failed: $e');
}
final keyPair = SimpleKeyPairData(
Uint8List.fromList(web_crypto.base64UrlDecode(jwk.d!.toDart)),
publicKey: SimplePublicKey(
Uint8List.fromList(web_crypto.base64UrlDecode(jwk.x!.toDart)),
type: KeyPairType.x25519,
),
type: KeyPairType.x25519,
);
final seed = await keyPair.extractPrivateKeyBytes();
return newKeyPairFromSeed(seed);
}