Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(api): Add Ed25519 sign/verify SubtleCrypto algo #22033

Merged
merged 3 commits into from
Feb 1, 2024

Conversation

bsmth
Copy link
Member

@bsmth bsmth commented Jan 26, 2024

Summary

Currently the spec states:

Because the underlying cryptographic implementations will vary between conforming user agents... this specification does not dictate a mandatory set of algorithms that MUST be implemented. Instead, it defines a common set of bindings that can be used in an algorithm-independent manner...

There are a list of recommendations for implementers:

In order to promote interoperability for developers, this specification includes a list of suggested algorithms. These are considered to be the most widely used algorithms in practice at the time of writing, and therefore provide a good starting point for initial implementations of this specification. The suggested algorithms are:

HMAC using SHA-1
HMAC using SHA-256
RSASSA-PKCS1-v1_5 using SHA-1
RSA-PSS using SHA-256 and MGF1 with SHA-256.
RSA-OAEP using SHA-256 and MGF1 with SHA-256.
ECDSA using P-256 curve and SHA-256
AES-CBC

I've added a sub-feature for an algo which is not part of this recommendation, but is available in multiple engines.

Standardization status:

There's a WICG draft for Curve25519 and Curve448 in Web Crypto here

Test results and supporting details

Node repro:

async function generateAndSignKey() {
  const algorithm = { name: "Ed25519" };
  const encoder = new TextEncoder();
  const cryptoKey = await crypto.subtle.generateKey(
    algorithm,
    true,
    ["sign", "verify"]
  );

  console.log(
    await crypto.subtle.sign(
      algorithm,
      cryptoKey.privateKey,
      new Uint8Array([255])
    )
  );
}

generateAndSignKey();

output:

(node:27247) ExperimentalWarning: The Ed25519 Web Crypto API algorithm is an experimental feature and might change at any time
(Use `node --trace-warnings ...` to show where the warning was created)
ArrayBuffer {
  [Uint8Contents]: <bd 47 7d 05...
//
node --version
v20.11.0

Related issues

@github-actions github-actions bot added the data:api Compat data for Web APIs. https://developer.mozilla.org/docs/Web/API label Jan 26, 2024
@guest271314
Copy link

Bun also supports Ed25519 algorithm via import { webcrypto } from "node:crypto".

@bsmth
Copy link
Member Author

bsmth commented Jan 26, 2024

Bun also supports Ed25519 algorithm via import { webcrypto } from "node:crypto".

Bun is not (yet?) included in Browsers/Engines here. See #18484

@guest271314

This comment was marked as abuse.

@bsmth

This comment was marked as resolved.

@guest271314

This comment was marked as abuse.

@mdn mdn locked as too heated and limited conversation to collaborators Jan 28, 2024
Copy link
Member

@Elchi3 Elchi3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @bsmth, some inline comments for you to look at. They apply to all for additions; I only commented on the first one.

api/SubtleCrypto.json Outdated Show resolved Hide resolved
api/SubtleCrypto.json Outdated Show resolved Hide resolved
api/SubtleCrypto.json Outdated Show resolved Hide resolved
@bsmth
Copy link
Member Author

bsmth commented Jan 30, 2024

Thanks a lot, will take a look at your comments shortly 👍🏻

Copy link
Member

@Elchi3 Elchi3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @bsmth, looks great to me! 👍

@Elchi3 Elchi3 merged commit c2761cb into mdn:main Feb 1, 2024
6 checks passed
@bsmth bsmth deleted the 30886-subtlecrypto-algos branch February 1, 2024 12:42
@bsmth
Copy link
Member Author

bsmth commented Feb 1, 2024

Thank you! 🙏🏻

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
data:api Compat data for Web APIs. https://developer.mozilla.org/docs/Web/API
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants