Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WebCrypto roadmap #11690

Closed
lucacasonato opened this issue Aug 13, 2021 · 26 comments
Closed

WebCrypto roadmap #11690

lucacasonato opened this issue Aug 13, 2021 · 26 comments
Assignees
Labels
feat new feature (which has been agreed to/accepted) help wanted community help requested web related to Web APIs

Comments

@lucacasonato
Copy link
Member

lucacasonato commented Aug 13, 2021

Spec: https://w3c.github.io/webcrypto

This is the global tracking issue for WebCrypto API implementation.

See the status of the entire API surface:

@johnspurlock
Copy link
Contributor

Please consider adding ED25519 to this list.

Cloudflare Workers recently added this non-yet-standard algorithm since it was requested so often by developers writing Discord integrations.

The operations they support are sign, verify, generateKey, exportKey, and importKey.

Support for this would be nice for folks wanting to write cross-worker-platform code with similar crypto support and performance characteristics.

@lucacasonato
Copy link
Member Author

lucacasonato commented Aug 14, 2021

I will bring this up with the webcrypto working group at W3C. It seems like a logical addition. We won't act prior to standardization though.

@panva
Copy link
Contributor

panva commented Aug 14, 2021

I applaud this overview. Thank you

@panva
Copy link
Contributor

panva commented Aug 15, 2021

As far as urgency goes, given my wishful target of supporting JWS formatted JWTs first the most important missing piece is SubtleCrypto.importKey jwk, spki, and pkcs8 format support for RSASSA-PKCS1-v1_5, RSA-PSS, and ECDSA keys. Immediately followed by ECDSA verification, then encryption (AES-GCM, AES-CBC).

I would also like to note that importKey for HMAC is only partially complete as the jwk format is not supported yet, only raw.

@panva
Copy link
Contributor

panva commented Aug 17, 2021

@littledivy I'm working on a deno-specific publish and build process for jose - that is pure TS export and autopublish to https://deno.land/x/jose.

While the implementation is incomplete it is not possible to use the package without --no-check due to the missing types.

Would it be possible to make it so that the WebCrypto interface would be complete and type-defined whilst the actual missing implementations simply throwing throw new DOMException("Not implemented", "NotSupportedError")?

It's global type interfaces such as HmacKeyAlgorithm, RsaKeyAlgorithm, EcKeyAlgorithm, RsaHashedImportParams, AesKeyGenParams completely missing as well as importKey being hardcoded to format "raw" at the moment rather than the KeyFormat enum that's making my universal bundled module not work when default type checking is enabled in deno.

In order for an implementation to be portable the types should follow lib.dom.d.ts from TS.

@littledivy
Copy link
Member

littledivy commented Aug 19, 2021

@panva Yeah missing types can be annoying but I think that they should match reality. cc @lucacasonato

btw HmacKeyAlgorithm, RsaKeyAlgorithm and EcKeyAlgorithm should be fixed in #11738

also lib.dom.d.ts too has harcoded "raw" in importKey while KeyFormat is declared but not used in the decl

importKey(format: "raw" | "pkcs8" | "spki", keyData: Int8Array | Int16Array | Int32Array | Uint8Array | Uint16Array | Uint32Array | Uint8ClampedArray | Float32Array | Float64Array | DataView | ArrayBuffer, algorithm: AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | DhImportKeyParams | AesKeyAlgorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey>;

@panva
Copy link
Contributor

panva commented Aug 19, 2021

I would very much prefer the types to be complete to allow for portable implementations, that went out of their way to be fully built using TS and prepared to be consumed in Deno in through deno.land/x, to be used without having to instruct users to disable their precious type checking.

@panva
Copy link
Contributor

panva commented Aug 19, 2021

ad importKey, that would appear to be a mistake on lib.dom.d.ts part, see https://www.w3.org/TR/WebCryptoAPI/#subtlecrypto-interface

it has little impact tho since they have an overload for each of the enum values.

@cryptographix
Copy link
Contributor

cryptographix commented Dec 8, 2021

@seanwykes let me know if you need a tester, as there's likely not much else I can help with when it comes to crypto, but I have at least have become a sponsor of the project 👍

@oles thanks for the offer, it'll be great if you can test #13013 - the PR includes JWK for EC and RSA - you can find the source branch here if you're ok with building deno, otherwise, let me know.

I've done some preliminary testing of RSA-PSS JWK and signed JWT using jose.

@panva
Copy link
Contributor

panva commented Dec 9, 2021

@seanwykes @oles needs P-256 ECDSA to sign an ES256 JWT. I already know the sign/verify operations work fine in jose, its just the key material imports that are missing for JWS/JWT to kick in and be usable.

@cryptographix
Copy link
Contributor

@seanwykes @oles needs P-256 ECDSA to sign an ES256 JWT. I already know the sign/verify operations work fine in jose, its just the key material imports that are missing for JWS/JWT to kick in and be usable.

So should be ready to go, the JWK key imports are already implemented in #13013.

@panva
Copy link
Contributor

panva commented Dec 9, 2021

@seanwykes nice. In case you want to run the full suite of jose tests under Deno, this is how you might do that.

git clone --depth 1 --branch v4.3.7 https://github.com/panva/jose.git
cd jose
deno test --reload --jobs --allow-net --allow-read test-deno # replace deno with your local build

At the moment, with deno 1.16.4, the results look like this: test result: FAILED. 73 passed; 73 failed

@lucacasonato
Copy link
Member Author

@lucacasonato the table is lacking SubtleCrypto.importKey breakdown by format value. It would appear importKey is almost done when that's not the case.

Updated :-)

@oles
Copy link

oles commented Dec 9, 2021

@panva success over at #13013 with both key import and signing!

Thank you for the pointers and the library, and thank you @seanwykes for your work on this - let me know if there's something more you'd like for me to test or help out with 👍

@lucacasonato
Copy link
Member Author

@panva JOSE test suite on current main branch: test result: FAILED. 100 passed; 46 failed.

ECDSA & ECDH imports / exports are coming very soon.

@panva
Copy link
Contributor

panva commented Dec 15, 2021

@lucacasonato I was checking that yesterday, great progress! much props to yourself, @seanwykes, @littledivy and anyone else participating in the effort.

I'd like to think the jose test suite is a good interoperability resource in addition to the web platform tests.

@littledivy
Copy link
Member

~98.1% of the WebCrypto APIs are now part of Deno v1.18.0 🎉

Thank you to @seanwykes and everyone involved in this nearly 6 month long effort!
Let's open new issue trackers for pending features (like p512 curve and non 96 bit ivs). Closing :-)

@panva
Copy link
Contributor

panva commented Jan 20, 2022

Let me join in the congratulations. @littledivy @seanwykes @lucacasonato thank you for these amazing efforts!


From a pending features perspective (JOSE completeness-wise) I'm looking at general P-521 support, P-384 ECDH. It'd be great to plan for Curve25519 and Curve448, either through adding this draft support or following Node.js and CF Workers in adding the NODE- prefixed versions until said draft is adopted as an official extension.

@cryptographix
Copy link
Contributor

And here's my personal thank you to @littledivy, @lucacasonato and @bartlomieju for your patience and technical guidance for a Deno / Rust newbie. I've learnt a lot from you guys!

@diachedelic
Copy link
Contributor

I have created an issue for P-521 support (#14766) and another for deriveBits which fails with P-384 key (#14765).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feat new feature (which has been agreed to/accepted) help wanted community help requested web related to Web APIs
Projects
None yet
Development

No branches or pull requests

9 participants