-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: es crypto features to nodejs and browser #106
Conversation
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## next #106 +/- ##
==========================================
+ Coverage 94.96% 95.54% +0.57%
==========================================
Files 21 21
Lines 1529 1705 +176
Branches 235 246 +11
==========================================
+ Hits 1452 1629 +177
Misses 72 72
+ Partials 5 4 -1 ☔ View full report in Codecov by Sentry. |
hmm.. I have no idea how to test browser crypto subtle module. Any ideas? |
It depends on the test framework and I read that vitest with jsdom does not support the crypto apis... I tested it manually by running a crypress test with angular because then it is using a chrome instance in the background |
@cre8 Yeah, we definitely use some framework that use headless chrome(or other browser) How about trying this? https://playwright.dev/ |
I can take a look at this |
Thank you :) |
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
I want to support Ed25519 and ES256 as JWK but, browser - doesn't seem to support Ed25519 natively. I turned this PR to draft and keep working on it. |
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]>
In nodejs I used webcrypto but it is only support node >= 20. I tested in node 18 it failed. |
Signed-off-by: Lukas.J.Han <[email protected]>
@cre8 Looks like test are working well ;) |
@lukasjhan I think we need to support ES256 since it's the only algorithm supported by both platforms. Of course we can implement dozens of others, but in the first place we should have one algorithm people can use in both environments to sign and verify credentials. Are you sure with the support? According to the docs webcrypto is supported since v15. |
Signed-off-by: Mirko Mollik <[email protected]>
@lukasjhan I implemented a matrix check in #111 and it allowed to run the node test on version 16, 18 and 20 (more details in the last PR message). To update the errors in the test, please add the same skip conditions as I have done with the others. I am not sure if we can skip it by wrapping it in a if statement or just return a standard test so the file is not empty. |
Signed-off-by: Lukas <[email protected]>
Signed-off-by: Lukas <[email protected]>
Signed-off-by: Lukas <[email protected]>
Signed-off-by: Lukas <[email protected]>
@cre8 I applied your matrix check :) |
Signed-off-by: Lukas.J.Han <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
); | ||
|
||
// Convert to PEM format | ||
const publicKey = spkiToPEM(exportedPublicKey); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is PEM the correct way to go? I would suggest to use JWKs.
packages/node-crypto/src/crypto.ts
Outdated
generateKeyPair: () => { | ||
return generateKeyPairSync('ed25519', { | ||
publicKeyEncoding: { | ||
type: 'spki', // Recommended format for public key |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same like browser, using JWK
packages/node-crypto/src/crypto.ts
Outdated
createPrivateKey, | ||
createPublicKey, | ||
generateKeyPairSync, | ||
} from 'crypto'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When we use the available methods from import { subtle } from 'node:crypto';
, the function code is identical with the browser one and we would have more reusable code.
packages/node-crypto/src/crypto.ts
Outdated
exportPKCS8, | ||
exportSPKI, | ||
KeyLike, | ||
} from 'jose'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is jose still required? @lukasjhan I don't see any usage of the imported methods here
@@ -1,5 +1,5 @@ | |||
import { describe, expect, test } from 'vitest'; | |||
import { generateSalt, digest } from '../crypto'; | |||
import { generateSalt, digest, ES256, Ed25519 } from '../index'; | |||
|
|||
describe('This file is for utility functions', () => { | |||
test('crypto', () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since we included tests, we can delete this dummy test, can't we?
packages/node-crypto/package.json
Outdated
@@ -18,6 +18,9 @@ | |||
"test:node": "vitest run ./src/test/*.spec.ts", | |||
"test:cov": "vitest run --coverage" | |||
}, | |||
"dependencies": { | |||
"jose": "^5.2.2" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we need this here?
…#106) Signed-off-by: Lukas.J.Han <[email protected]> Signed-off-by: Mirko Mollik <[email protected]> Signed-off-by: Lukas <[email protected]> Co-authored-by: Mirko Mollik <[email protected]>
Signed-off-by: Lukas.J.Han <[email protected]> Signed-off-by: Mirko Mollik <[email protected]> Signed-off-by: Lukas <[email protected]> Co-authored-by: Mirko Mollik <[email protected]>
I implement