fix(webcrypto): fix ed25519 keypair gen (#1985)

2026-02-12 11:59:00 +00:00 · 2023-02-04 02:24:35 -06:00
parent 76f72517ff
commit 7db87fe0cb
3 changed files with 35 additions and 10 deletions
--- a/src/bun.js/bindings/webcrypto/CryptoKeyOKP.cpp
+++ b/src/bun.js/bindings/webcrypto/CryptoKeyOKP.cpp
@@ -37,19 +37,20 @@ namespace WebCore {
 static const ASCIILiteral X25519 { "X25519"_s };
 static const ASCIILiteral Ed25519 { "Ed25519"_s };

-static constexpr size_t keySizeInBytesFromNamedCurve(CryptoKeyOKP::NamedCurve curve)
+static constexpr size_t keySizeInBytesFromNamedCurve(CryptoKeyOKP::NamedCurve curve, CryptoKeyType type)
 {
    switch (curve) {
    case CryptoKeyOKP::NamedCurve::X25519:
-    case CryptoKeyOKP::NamedCurve::Ed25519:
        return 32;
+    case CryptoKeyOKP::NamedCurve::Ed25519:
+        return type == CryptoKeyType::Private ? 64 : 32;
    }
    return 32;
 }

 RefPtr<CryptoKeyOKP> CryptoKeyOKP::create(CryptoAlgorithmIdentifier identifier, NamedCurve curve, CryptoKeyType type, KeyMaterial&& platformKey, bool extractable, CryptoKeyUsageBitmap usages)
 {
-    if (platformKey.size() != keySizeInBytesFromNamedCurve(curve))
+    if (platformKey.size() != keySizeInBytesFromNamedCurve(curve, type))
        return nullptr;
    return adoptRef(*new CryptoKeyOKP(identifier, curve, type, WTFMove(platformKey), extractable, usages));
 }
--- a/src/bun.js/bindings/webcrypto/CryptoKeyOKP.h
+++ b/src/bun.js/bindings/webcrypto/CryptoKeyOKP.h
@@ -75,6 +75,9 @@ private:
    String generateJwkD() const;
    String generateJwkX() const;

+    String getEd25519PublicFromPrivate() const;
+    String getX25519PublicFromPrivate() const;
+
    static bool isPlatformSupportedCurve(NamedCurve);
    static std::optional<CryptoKeyPair> platformGeneratePair(CryptoAlgorithmIdentifier, NamedCurve, bool extractable, CryptoKeyUsageBitmap);
    Vector<uint8_t> platformExportRaw() const;
--- a/src/bun.js/bindings/webcrypto/CryptoKeyOKPOpenSSL.cpp
+++ b/src/bun.js/bindings/webcrypto/CryptoKeyOKPOpenSSL.cpp
@@ -46,17 +46,19 @@ std::optional<CryptoKeyPair> CryptoKeyOKP::platformGeneratePair(CryptoAlgorithmI
    if (namedCurve != NamedCurve::Ed25519)
        return {};

-    uint8_t public_key[X25519_PUBLIC_VALUE_LEN], private_key[X25519_PRIVATE_KEY_LEN];
+    uint8_t public_key[ED25519_PUBLIC_KEY_LEN], private_key[ED25519_PRIVATE_KEY_LEN];

-    if (identifier == CryptoAlgorithmIdentifier::Ed25519) {
+    bool isEd25519 = identifier == CryptoAlgorithmIdentifier::Ed25519;
+    if (isEd25519) {
        ED25519_keypair(public_key, private_key);
    } else {
        X25519_keypair(public_key, private_key);
    }
+
    bool isPublicKeyExtractable = true;
    auto publicKey = CryptoKeyOKP::create(identifier, namedCurve, CryptoKeyType::Public, Vector<uint8_t>(public_key), isPublicKeyExtractable, usages);
    ASSERT(publicKey);
-    auto privateKey = CryptoKeyOKP::create(identifier, namedCurve, CryptoKeyType::Private, Vector<uint8_t>(private_key), extractable, usages);
+    auto privateKey = CryptoKeyOKP::create(identifier, namedCurve, CryptoKeyType::Private, Vector<uint8_t>(private_key, isEd25519 ? ED25519_PRIVATE_KEY_LEN : X25519_PRIVATE_KEY_LEN), extractable, usages);
    ASSERT(privateKey);
    return CryptoKeyPair { WTFMove(publicKey), WTFMove(privateKey) };
 }
@@ -295,6 +297,25 @@ String CryptoKeyOKP::generateJwkD() const
    return base64URLEncodeToString(m_data);
 }

+String CryptoKeyOKP::getEd25519PublicFromPrivate() const
+{
+    uint8_t publicKey[ED25519_PUBLIC_KEY_LEN];
+    uint8_t privateKey[ED25519_PRIVATE_KEY_LEN];
+
+    ED25519_keypair_from_seed(publicKey, privateKey, m_data.data());
+
+    return base64URLEncodeToString(Span<const uint8_t> { publicKey, sizeof(publicKey) });
+}
+
+String CryptoKeyOKP::getX25519PublicFromPrivate() const
+{
+    uint8_t publicKey[X25519_PUBLIC_VALUE_LEN];
+
+    X25519_public_from_private(publicKey, m_data.data());
+
+    return base64URLEncodeToString(Span<const uint8_t> { publicKey, sizeof(publicKey) });
+}
+
 String CryptoKeyOKP::generateJwkX() const
 {
    if (type() == CryptoKeyType::Public)
@@ -302,11 +323,11 @@ String CryptoKeyOKP::generateJwkX() const

    ASSERT(type() == CryptoKeyType::Private);

-    uint8_t publicKey[ED25519_PUBLIC_KEY_LEN];
-    uint8_t privateKey[ED25519_PRIVATE_KEY_LEN];
-    ED25519_keypair_from_seed(publicKey, privateKey, m_data.data());
+    if (namedCurve() == NamedCurve::Ed25519)
+        return getEd25519PublicFromPrivate();

-    return base64URLEncodeToString(Span<const uint8_t> { publicKey, sizeof(publicKey) });
+    ASSERT(namedCurve() == NamedCurve::X25519);
+    return getX25519PublicFromPrivate();
 }

 Vector<uint8_t> CryptoKeyOKP::platformExportRaw() const