Skip to content
This repository has been archived by the owner on Jan 22, 2025. It is now read-only.

[experimental] Validate that the public key generated from createKeyPairFromBytes() belongs to the private key #2289

Closed
steveluscher opened this issue Mar 12, 2024 · 1 comment · Fixed by #2329
Closed

[experimental] Validate that the public key generated from createKeyPairFromBytes() belongs to the private key #2289

steveluscher opened this issue Mar 12, 2024 · 1 comment · Fixed by #2329
Labels
enhancement New feature or request
Milestone
Release Technolog...

Comments

@steveluscher
Copy link
Contributor

steveluscher commented Mar 12, 2024
edited
Loading

Motivation

Presently, when you pass 64 bytes of key material to createKeyPairFromBytes(), we don't validate that the public key part of the key pair actually belongs to the private key.

Signing a message using a public key other than that which belongs to the private key can result in a leak of the private key bytes to someone.

This is generally not a problem with our APIs because they only take the private key and message as an argument, and derive the public key internally; the worst thing that can happen is for verification of the resulting message to fail because you're holding a public key that doesn't correspond to the private key you signed the message with.

Someone who uses a mismatching key pair from createKeyPairFromBytes() with other code though could end up in the scenario described above.

Details

  1. Throw unless the public key and private key produced by createKeyPairFromBytes() form a pair. Since there's no API in SubtleCrypto to derive an Ed25519 public key from a private key, the best we can do here is to sign a message with the private key and ensure that it verifies with the public key.
  2. Offer a createKeyPairFromBytes_DANGEROUSLY_SKIP_VALIDATION() method that performs no validation.
@steveluscher steveluscher added the enhancement New feature or request label Mar 12, 2024
@luu-alex luu-alex mentioned this issue Mar 16, 2024
Merged
steveluscher pushed a commit that referenced this issue Mar 26, 2024
Validate that the public key generated from createKeyPairFromBytes() …
478443f 
…belongs to the private key (#2329)

This PR addresses #2289 

updated `createKeyPairFromBytes`. Adds a validation check to verify the public and private key by signing data and verifying that the signed data matches the public key.

Adds error code for public/private key mismatches.

Included in this PR is testcases to test the possible errors within these functions and creating a successful keypair from a 64-byte array.
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 9, 2024

Because there has been no activity on this issue for 7 days since it was closed, it has been automatically locked. Please open a new issue if it requires a follow up.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 9, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
Release Technology Preview 3
1 participant
@steveluscher