tessl/npm-peculiar--webcrypto
A WebCrypto polyfill for Node.js that provides comprehensive cryptographic operations using standard Web Crypto API
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
modern-cryptography.mddocs/
Modern Cryptography
Next-generation cryptographic algorithms including EdDSA signatures and Curve25519 key agreement (requires Node.js ≥14).
Capabilities
EdDSA (Edwards-curve Digital Signature Algorithm)
Modern signature algorithm using Edwards curves for enhanced security and performance.
/**
* EdDSA key generation parameters
*/
interface EdDsaKeyGenParams extends Algorithm {
name: "EdDSA";
namedCurve: "Ed25519" | "Ed448";
}
/**
* EdDSA signing/verification parameters
*/
interface EdDsaParams extends Algorithm {
name: "EdDSA";
}Usage Example:
// Generate Ed25519 key pair
const keyPair = await crypto.subtle.generateKey(
{ name: "EdDSA", namedCurve: "Ed25519" },
true,
["sign", "verify"]
);
// Sign with EdDSA
const data = new TextEncoder().encode("Message for EdDSA signature");
const signature = await crypto.subtle.sign(
{ name: "EdDSA" },
keyPair.privateKey,
data
);
// Verify EdDSA signature
const isValid = await crypto.subtle.verify(
{ name: "EdDSA" },
keyPair.publicKey,
signature,
data
);ECDH-ES (Elliptic Curve Diffie-Hellman Ephemeral Static)
Modern key agreement using Curve25519 and Curve448 for secure key exchange.
/**
* ECDH-ES key generation parameters
*/
interface EcdhEsKeyGenParams extends Algorithm {
name: "ECDH-ES";
namedCurve: "X25519" | "X448";
}
/**
* ECDH-ES key derivation parameters
*/
interface EcdhEsKeyDeriveParams extends Algorithm {
name: "ECDH-ES";
public: CryptoKey; // Other party's public key
}Usage Example:
// Generate X25519 key pairs
const aliceKeys = await crypto.subtle.generateKey(
{ name: "ECDH-ES", namedCurve: "X25519" },
false,
["deriveKey", "deriveBits"]
);
const bobKeys = await crypto.subtle.generateKey(
{ name: "ECDH-ES", namedCurve: "X25519" },
false,
["deriveKey", "deriveBits"]
);
// Derive shared secret
const sharedKey = await crypto.subtle.deriveKey(
{ name: "ECDH-ES", public: bobKeys.publicKey },
aliceKeys.privateKey,
{ name: "AES-GCM", length: 256 },
false,
["encrypt", "decrypt"]
);
// Alternative: derive raw bits
const sharedBits = await crypto.subtle.deriveBits(
{ name: "ECDH-ES", public: bobKeys.publicKey },
aliceKeys.privateKey,
256
);Ed25519 Provider
Specialized Ed25519 implementation with enhanced features.
/**
* Ed25519 key generation parameters
*/
interface Ed25519KeyGenParams extends Algorithm {
name: "Ed25519";
}
/**
* Ed25519 signing/verification parameters
*/
interface Ed25519Params extends Algorithm {
name: "Ed25519";
}X25519 Provider
Specialized X25519 key agreement implementation.
/**
* X25519 key generation parameters
*/
interface X25519KeyGenParams extends Algorithm {
name: "X25519";
}
/**
* X25519 key derivation parameters
*/
interface X25519KeyDeriveParams extends Algorithm {
name: "X25519";
public: CryptoKey; // Other party's public key
}Supported Curves
EdDSA Curves
- Ed25519: 255-bit Edwards curve for signatures (equivalent to ~3072-bit RSA)
- Ed448: 448-bit Edwards curve for signatures (equivalent to ~7680-bit RSA)
ECDH-ES Curves
- X25519: 255-bit Montgomery curve for key agreement
- X448: 448-bit Montgomery curve for key agreement
Key Classes
EdDSA Key Classes
class EdPrivateKey extends AsymmetricKey {
public algorithm: EdKeyAlgorithm;
public type: "private";
public usages: KeyUsage[];
public extractable: boolean;
}
class EdPublicKey extends AsymmetricKey {
public algorithm: EdKeyAlgorithm;
public type: "public";
public usages: KeyUsage[];
public extractable: boolean;
}
interface EdKeyAlgorithm extends KeyAlgorithm {
name: "EdDSA" | "ECDH-ES";
namedCurve: "Ed25519" | "Ed448" | "X25519" | "X448";
}Ed25519 Specific Key Classes
class Ed25519PrivateKey extends Ed25519CryptoKey {
public algorithm: Ed25519KeyAlgorithm;
public type: "private";
public usages: KeyUsage[];
public extractable: boolean;
}
class Ed25519PublicKey extends Ed25519CryptoKey {
public algorithm: Ed25519KeyAlgorithm;
public type: "public";
public usages: KeyUsage[];
public extractable: boolean;
}
class Ed25519CryptoKey extends AsymmetricKey {
public algorithm: Ed25519KeyAlgorithm;
}
interface Ed25519KeyAlgorithm extends KeyAlgorithm {
name: "Ed25519" | "X25519";
namedCurve: "Ed25519" | "X25519";
}Key Import/Export
Modern cryptographic keys support multiple import/export formats:
Ed25519/Ed448 Keys:
- JWK: JSON Web Key format with curve parameters
- SPKI: SubjectPublicKeyInfo for public keys
- PKCS#8: Private key format
- Raw: For public keys only (32 bytes for Ed25519, 56 bytes for Ed448)
X25519/X448 Keys:
- JWK: JSON Web Key format
- SPKI: SubjectPublicKeyInfo for public keys
- PKCS#8: Private key format
- Raw: For public keys only (32 bytes for X25519, 56 bytes for X448)
Usage Example:
// Export Ed25519 public key as raw bytes
const publicKeyBytes = await crypto.subtle.exportKey(
"raw",
keyPair.publicKey
);
// Import Ed25519 public key from raw bytes
const importedPublicKey = await crypto.subtle.importKey(
"raw",
publicKeyBytes,
{ name: "EdDSA", namedCurve: "Ed25519" },
true,
["verify"]
);
// Export private key as PKCS#8
const privateKeyPkcs8 = await crypto.subtle.exportKey(
"pkcs8",
keyPair.privateKey
);Platform Requirements
Modern cryptography features require:
- Node.js ≥14: For EdDSA and ECDH-ES algorithms
- Native Support: Algorithms use Node.js native crypto capabilities
- Curve Availability: All curves are supported on compatible Node.js versions
Security Benefits
Modern cryptographic algorithms provide several advantages:
- Enhanced Security: Resistance to timing attacks and improved mathematical foundations
- Performance: Faster operations compared to equivalent-strength traditional algorithms
- Simplicity: Reduced parameter complexity and fewer configuration options
- Future-Proof: Designed to withstand advances in cryptanalysis and quantum computing threats
Install with Tessl CLI
npx tessl i tessl/npm-peculiar--webcrypto