Creating an OKP with JWKFactory creates too long a private key for signing

[moderndeveloperllc]

Describe the bug
When using JWKFactory::createOKPKey(Ed25519) a 64 byte secret key is created. When used to sign a token, a SodiumException is thrown:

seed should be SODIUM_CRYPTO_SIGN_SEEDBYTES bytes

Note that the constant is defined as 32. Your tests for OKP creation and signing use a manually created 32 byte private key d.

PHP Version: 7.3.2

To Reproduce
Steps to reproduce the behavior:

$key = JWKFactory::createOKPKey('Ed25519');
$algorithmManager = AlgorithmManager::create([new EdDSA()]);
$jwsBuilder = new JWSBuilder(new StandardConverter(), $algorithmManager);

$jwtSigned = $jwsBuilder
            ->create()
            ->withPayload('')
            ->addSignature(
                $key,
                [
                    'crit' => ['exp', 'aud'],
                    'alg'  => ''EdDSA',
                ]
            )
            ->build();

Expected behavior
The token to be signed.

[moderndeveloperllc]

Is it correct that in createOKPKey you are creating the key pair:

case 'Ed25519':
                $keyPair = \sodium_crypto_sign_keypair();
                $d = \sodium_crypto_sign_secretkey($keyPair);
                $x = \sodium_crypto_sign_publickey($keyPair);

And then recreating that secret key in Jose\Component\Signature\Algorithm\EdDSA:

        $secret = Base64Url::decode($key->get('d'));
        $keyPair = \sodium_crypto_sign_seed_keypair($secret);
        $secretKey = \sodium_crypto_sign_secretkey($keyPair);

Isn't d already the secret key? Can it not just be

$secretKey = Base64Url::decode($key->get('d'));

In verify right below that you are doing $public = Base64Url::decode($key->get('x'));

[Spomky]

See #168 and v1.3.2

[github-actions]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.