crypto: add SubtleCrypto.supports feature detection in Web Crypto API

[panva]

Early draft implementation of SubtleCrypto.supports.

While today we support all the methods and algorithms, this method will become really useful for interop when modern webcrypto algorithms are going to start popping up that will depend on new OpenSSL versions, such as ML-DSA that may not be immediately available in distributions with linked OpenSSL.

cc @twiss

This will remain a draft PR until this work is accepted by WICG as a proposal for the addition of its content to the Web Cryptography API.

[nodejs-github-bot]

Review requested:

• @nodejs/crypto

[panva]

#57273 will allow the implementation to share validation code with the actual algorithm operations.

[jasnell]

If I am understanding the implementation here correctly, "supports" is based largely on JS-level validation of the input arguments. It would be possible, however, for Node.js to be compiled against a different version of Openssl that does not actually have support for an algorithm that the JS side claims to support, correct? For instance, Ed448 is not supported by Node.js builds using BoringSSL but, unless I'm misunderstanding the implementation here, this might still claim that Ed448 is supported on such builds? Is that accurate or did I miss something?

Btw, very happy to see this!

[panva]

@jasnell I did think of this. With everything being tied into the "normalize algorithm" routine, all it would take to make the algorithms conditional based on the underlying crypto lib support (both execution as well as their status in the supports API) is doing something similar to what we do for adding experimental algorithms here

Therefore if we get the signal from internalBinding('crypto') that something isn't supported, we can make supports as well as the actual SubtleCrypto methods fail/false in JS before it gets to C++