feat: es crypto features to nodejs and browser

[lukasjhan]

I implement

• Ed25519 and ES256 signer and verifier for crypto-nodejs
• ES256 signer and verifier for crypto-browser (not tested)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.54%. Comparing base (e105ef2) to head (b0a453e).
Report is 4 commits behind head on next.

Additional details and impacted files

@@            Coverage Diff             @@
##             next     #106      +/-   ##
==========================================
+ Coverage   94.96%   95.54%   +0.57%     
==========================================
  Files          21       21              
  Lines        1529     1705     +176     
  Branches      235      246      +11     
==========================================
+ Hits         1452     1629     +177     
  Misses         72       72              
+ Partials        5        4       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[lukasjhan]

hmm.. I have no idea how to test browser crypto subtle module. Any ideas?

[cre8]

hmm.. I have no idea how to test browser crypto subtle module. Any ideas?

It depends on the test framework and I read that vitest with jsdom does not support the crypto apis... I tested it manually by running a crypress test with angular because then it is using a chrome instance in the background

[lukasjhan]

@cre8 Yeah, we definitely use some framework that use headless chrome(or other browser)

How about trying this? https://playwright.dev/

[cre8]

@cre8 Yeah, we definitely use some framework that use headless chrome(or other browser)

How about trying this? https://playwright.dev/

I can take a look at this

[lukasjhan]

@cre8 Yeah, we definitely use some framework that use headless chrome(or other browser)
How about trying this? https://playwright.dev/

I can take a look at this

Thank you :)

[lukasjhan]

I want to support Ed25519 and ES256 as JWK but,

browser - doesn't seem to support Ed25519 natively.
node - bad jwk support

I turned this PR to draft and keep working on it.

[lukasjhan]

In nodejs I used webcrypto

but it is only support node >= 20. I tested in node 18 it failed.

[lukasjhan]

@cre8 Looks like test are working well ;)

[cre8]

@lukasjhan I think we need to support ES256 since it's the only algorithm supported by both platforms. Of course we can implement dozens of others, but in the first place we should have one algorithm people can use in both environments to sign and verify credentials.

Are you sure with the support? According to the docs webcrypto is supported since v15.

[cre8]

@lukasjhan I implemented a matrix check in #111 and it allowed to run the node test on version 16, 18 and 20 (more details in the last PR message).

To update the errors in the test, please add the same skip conditions as I have done with the others. I am not sure if we can skip it by wrapping it in a if statement or just return a standard test so the file is not empty.

[lukasjhan]

@cre8 I applied your matrix check :)
I remove Ed25519 in nodejs-crypto package. Like you said, At first let's supporting ES256

[cre8]

LGTM

[cre8]

Is PEM the correct way to go? I would suggest to use JWKs.

[cre8]

Same like browser, using JWK

[cre8]

When we use the available methods from import { subtle } from 'node:crypto';, the function code is identical with the browser one and we would have more reusable code.

See: https://nodejs.org/api/webcrypto.html

[cre8]

Is jose still required? @lukasjhan I don't see any usage of the imported methods here

[cre8]

since we included tests, we can delete this dummy test, can't we?

[cre8]

do we need this here?