Can PKCE be implemented with both server and client generating public and private keys? Is it worth it? What I think is this flow:
- Client generates private and public key
- Client sends public key to server
- Server generates private and public key, generates random secret and encrypts secret with clients public key
- Server sends back to client encrypted secret and servers public key
- Client decrypts secret with his secret key, encrypts it again with servers public key and sends encrypted secret back to server
- Server decrypts secret with his private key and check if generated and now decrypted secret are the same
Am I missing something? Is this bad approach? Is this encryprtion/decryption/generating keys heavy to compute?
Your algorithm seems to be as secure as the PKCE standard. I don't think there's any additional value in encrypting the random strings. You also add one roundtrip to the server, as in PKCE it is the client who generates the initial random string.
Encrypting consumes resources and it's simple to implement it wrong. You also need support for encryption algorithms on both the server and the client side. Thus, I think it's just redundant to try to add that encryption to a proven standard.