refactor: backport the Ed25519 JWS Algorithm Identifier support

Author: panva

package.json

@@ -13,6 +13,7 @@
     "detached",
     "ec",
     "ecdsa",
+    "ed25519",
     "eddsa",
     "edge",
     "electron",

src/jwks/local.ts

@@ -93,12 +93,7 @@ class LocalJWKSet {
         candidate = jwk.key_ops.includes('verify')
       }
 
-      // filter out non-applicable OKP Sub Types
-      if (candidate && alg === 'EdDSA') {
-        candidate = jwk.crv === 'Ed25519'
-      }
-
-      // filter out non-applicable EC curves
+      // filter out non-applicable curves / sub types
       if (candidate) {
         switch (alg) {
           case 'ES256':
@@ -110,11 +105,9 @@ class LocalJWKSet {
           case 'ES512':
             candidate = jwk.crv === 'P-521'
             break
-          case 'Ed25519':
-            candidate = jwk.crv === 'Ed25519'
-            break
+          case 'Ed25519': // Fall through
           case 'EdDSA':
-            candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448'
+            candidate = jwk.crv === 'Ed25519'
             break
         }
       }

src/key/generate_key_pair.ts

@@ -125,6 +125,7 @@ export async function generateKeyPair(
       algorithm = { name: 'ECDSA', namedCurve: 'P-521' }
       keyUsages = ['sign', 'verify']
       break
+    case 'Ed25519': // Fall through
     case 'EdDSA': {
       keyUsages = ['sign', 'verify']
       algorithm = { name: 'Ed25519' }

src/lib/asn1.ts

@@ -129,10 +129,7 @@ const genericImport = async (
       keyUsages = isPublic ? [] : ['deriveBits']
       break
     }
-    case 'Ed25519':
-      algorithm = { name: 'Ed25519' }
-      keyUsages = isPublic ? ['verify'] : ['sign']
-      break
+    case 'Ed25519': // Fall through
     case 'EdDSA':
       algorithm = { name: 'Ed25519' }
       keyUsages = isPublic ? ['verify'] : ['sign']

src/lib/crypto_key.ts

@@ -66,14 +66,11 @@ export function checkSigCryptoKey(key: types.CryptoKey, alg: string, usage: KeyU
       if (actual !== expected) throw unusable(`SHA-${expected}`, 'algorithm.hash')
       break
     }
+    case 'Ed25519': // Fall through
     case 'EdDSA': {
       if (!isAlgorithm(key.algorithm, 'Ed25519')) throw unusable('Ed25519')
       break
     }
-    case 'Ed25519': {
-      if (!isAlgorithm(key.algorithm, 'Ed25519')) throw unusable('Ed25519')
-      break
-    }
     case 'ES256':
     case 'ES384':
     case 'ES512': {

src/lib/jwk_to_key.ts

@@ -66,10 +66,7 @@ function subtleMapping(jwk: types.JWK): {
     }
     case 'OKP': {
       switch (jwk.alg) {
-        case 'Ed25519':
-          algorithm = { name: 'Ed25519' }
-          keyUsages = jwk.d ? ['sign'] : ['verify']
-          break
+        case 'Ed25519': // Fall through
         case 'EdDSA':
           algorithm = { name: 'Ed25519' }
           keyUsages = jwk.d ? ['sign'] : ['verify']

src/lib/normalize_key.ts

@@ -76,7 +76,7 @@ const handleKeyObject = (keyObject: ConvertableKeyObject, alg: string) => {
   }
 
   if (keyObject.asymmetricKeyType === 'ed25519') {
-    if (alg !== 'EdDSA') {
+    if (alg !== 'EdDSA' && alg !== 'Ed25519') {
       throw new TypeError('given KeyObject instance cannot be used for this algorithm')
     }
 

src/lib/subtle_dsa.ts

@@ -19,8 +19,7 @@ export default (alg: string, algorithm: KeyAlgorithm | EcKeyAlgorithm) => {
     case 'ES384':
     case 'ES512':
       return { hash, name: 'ECDSA', namedCurve: (algorithm as EcKeyAlgorithm).namedCurve }
-    case 'Ed25519':
-      return { name: 'Ed25519' }
+    case 'Ed25519': // Fall through
     case 'EdDSA':
       return { name: 'Ed25519' }
     default:

tap/jwk.ts

@@ -28,6 +28,7 @@ export default (
         (env.isGecko && env.isBrowserVersionAtLeast(130)) ||
         (env.isBlink && env.isBrowserVersionAtLeast(133)),
     ],
+    ['Ed25519', KEYS.Ed25519.jwk, !env.isBlink],
     ['EdDSA', KEYS.Ed25519.jwk, !env.isBlink],
     ['ES256', KEYS.P256.jwk, true],
     ['ES384', KEYS.P384.jwk, true],

tap/jws.ts

@@ -13,6 +13,7 @@ export default (
 
   type Vector = [string, boolean] | [string, boolean, jose.GenerateKeyPairOptions]
   const algorithms: Vector[] = [
+    ['Ed25519', !env.isBlink],
     ['EdDSA', !env.isBlink],
     ['ES256', true],
     ['ES384', true],