Skip to content

[v6] Use WebCrypto for ed25519 and x25519 when available #1782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
larabr merged 4 commits into from
Aug 21, 2024
Merged

[v6] Use WebCrypto for ed25519 and x25519 when available #1782

larabr merged 4 commits into from
Aug 21, 2024

Conversation

@larabr
Copy link
Collaborator

@larabr larabr commented Jul 15, 2024
edited
Loading

Support for curve25519 in WebCrypto has shipped by Safari, and is behind experimental flags in other major browsers (see https://wpt.fyi/results/WebCryptoAPI/generateKey?label=master&label=experimental&aligned&q=25519 for support).

The tweetnacl import is still inlined as the library is always used for key validation (until the curve is more widely implemented natively).

  • Update README info about curve (native impl. used when available)

@larabr larabr force-pushed the v6-eddsa-webcrypto branch from 712fe9c to a6b41c5 Compare July 16, 2024 07:27
@larabr larabr requested a review from twiss August 2, 2024 14:13
twiss
twiss reviewed Aug 13, 2024
View reviewed changes
@larabr larabr force-pushed the v6-eddsa-webcrypto branch from 81b5136 to dd28e0a Compare August 14, 2024 14:27
@larabr larabr force-pushed the v6-eddsa-webcrypto branch from dd28e0a to 5c58334 Compare August 14, 2024 14:29
@larabr larabr requested a review from twiss August 19, 2024 10:16
@larabr larabr merged commit 79014f0 into openpgpjs:v6 Aug 21, 2024
@larabr
Copy link
Collaborator Author

larabr commented Aug 21, 2024
edited
Loading

Randomly failing CI tests on Safari as part of EdDSA WebCrypto's key generation assumed to be due to bad randomness/insufficient entropy, see e.g. https://stackoverflow.com/questions/26021181/not-enough-entropy-to-support-dev-random-in-docker-containers-running-in-boot2d .

Edit: will try to repro / investigate this further and find a fix as the CI is consistently (but randomly) failing.

larabr added a commit that referenced this pull request Sep 9, 2024
@larabr
Fix regression in x25519 (legacy) key generation: store clamped secre…
dbde77b 
…t scalar

Fixes regression from changes in #1782, as the spec mandates that
legacy x25519 store the secret scalar already clamped.
Keys generated using v6.0.0-beta.3 are still expected to be functional,
since the scalar is to be clamped before computing the ECDH shared secret.
larabr added a commit that referenced this pull request Sep 9, 2024
@larabr
Fix regression in x25519 (legacy) key generation: store clamped secre…
8d80333 
…t scalar

Fixes regression from changes in #1782, as the spec mandates that
legacy x25519 store the secret scalar already clamped.
Keys generated using v6.0.0-beta.3 are still expected to be functional,
since the scalar is to be clamped before computing the ECDH shared secret.
@larabr
Copy link
Collaborator Author

larabr commented Sep 12, 2024

We've temporarily reverted WebCrypto usage for X25519 (ccb040a) as Firefox has released support in v130, but something is broken with JWK imports:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@twiss twiss twiss approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@larabr @twiss