Skip to content

Add X25519 generateKey overload to SubtleCrypto #62961

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kairosci wants to merge 1 commit into from
Closed

Add X25519 generateKey overload to SubtleCrypto #62961

kairosci wants to merge 1 commit into from
+4 −0

Conversation

@kairosci
Copy link

@kairosci kairosci commented Jan 7, 2026
edited
Loading

Summary

This PR adds a specific overload for the X25519 key exchange algorithm to the SubtleCrypto.generateKey() method, following the same pattern as the existing Ed25519 overload.

Changes

Added the following overload to SubtleCrypto interface in both dom.generated.d.ts and webworker.generated.d.ts:

generateKey(algorithm: "X25519" | { name: "X25519" }, extractable: boolean, keyUsages: ReadonlyArray<"deriveBits" | "deriveKey">): Promise<CryptoKeyPair>;

Rationale

X25519 is used for key derivation (ECDH), so it uses deriveBits and deriveKey as valid keyUsages, unlike Ed25519 which uses sign and verify.

This allows TypeScript to correctly infer CryptoKeyPair as the return type when using X25519, eliminating the need for type assertions or instanceof checks:

// Before: keyPair is CryptoKey | CryptoKeyPair, requires type assertion
const keyPair = await crypto.subtle.generateKey({ name: "X25519" }, true, ["deriveKey"]);

// After: keyPair is CryptoKeyPair, publicKey is directly accessible
const keyPair = await crypto.subtle.generateKey({ name: "X25519" }, true, ["deriveKey"]);
const publicKey = keyPair.publicKey; // No error!

@kairosci
Add X25519 generateKey overload to SubtleCrypto
9a19f3d 
This adds a specific overload for the X25519 key exchange algorithm
following the same pattern as the existing Ed25519 overload.

X25519 is used for key derivation (ECDH), so it uses 'deriveBits' and
'deriveKey' as valid keyUsages, unlike Ed25519 which uses 'sign' and
'verify'.

This allows TypeScript to correctly infer CryptoKeyPair as the return
type when using X25519, eliminating the need for type assertions.

Fixes microsoft#62926
@github-project-automation github-project-automation bot moved this to Not started in PR Backlog Jan 7, 2026
@typescript-bot typescript-bot added the For Backlog Bug PRs that fix a backlog bug label Jan 7, 2026
@typescript-bot
Copy link
Collaborator

typescript-bot commented Jan 7, 2026

It looks like you've sent a pull request to update some generated declaration files related to the DOM. These files aren't meant to be edited by hand, as they are synchronized with files in the TypeScript-DOM-lib-generator repository. You can read more here. For house-keeping purposes, this pull request will be closed.

@github-project-automation github-project-automation bot moved this from Not started to Done in PR Backlog Jan 7, 2026
@kairosci kairosci deleted the fix/add-x25519-generatekey-overload branch January 7, 2026 21:29
@typescript-bot
Copy link
Collaborator

typescript-bot commented Jan 8, 2026

This PR doesn't have any linked issues. Please open an issue that references this PR. From there we can discuss and prioritise.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

For Backlog Bug PRs that fix a backlog bug

Projects

PR Backlog
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kairosci @typescript-bot