From c0f57dffb25d0e974320d05276c8bb0faaf55981 Mon Sep 17 00:00:00 2001
From: larabr <7375870+larabr@users.noreply.github.com>
Date: Fri, 29 Sep 2023 16:13:31 +0200
Subject: [PATCH] Do not clamp generated private key in X25519 (new format)

This was required by legacy ECDH over curve25519, but not for the new format.
Relevant spec: https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-curve25519legacy-ecdh-secre
---
 src/crypto/public_key/elliptic/ecdh_x.js | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/crypto/public_key/elliptic/ecdh_x.js b/src/crypto/public_key/elliptic/ecdh_x.js
index 136dc1c4..3b66c0c0 100644
--- a/src/crypto/public_key/elliptic/ecdh_x.js
+++ b/src/crypto/public_key/elliptic/ecdh_x.js
@@ -27,8 +27,6 @@ export async function generate(algo) {
     case enums.publicKey.x25519: {
       // k stays in little-endian, unlike legacy ECDH over curve25519
       const k = getRandomBytes(32);
-      k[0] &= 248;
-      k[31] = (k[31] & 127) | 64;
       const { publicKey: A } = nacl.box.keyPair.fromSecretKey(k);
       return { A, k };
     }