llrt icon indicating copy to clipboard operation
llrt copied to clipboard
verified publisher icon awslabs

SubtleCrypto

Open richarddavison opened this issue 2 years ago • 13 comments

https://w3c.github.io/webcrypto/#dfn-SubtleCrypto https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto?retiredLocale=sv-SE

### Related issues
- [ ] https://github.com/awslabs/llrt/issues/125
- [ ] https://github.com/awslabs/llrt/issues/208

richarddavison avatar Feb 20 '24 19:02 richarddavison

~~Missing crypto.createVerify is also a blocker~~ to use aws-jwt-verify.

edit) I found aws-jwt-verify has web browser support (doc), so we should be able to use the package after LLRT will implement SubtleCrypto.

tmokmss avatar Mar 21 '24 13:03 tmokmss

~Missing crypto.createVerify is also a blocker~ to use aws-jwt-verify.

edit) I found aws-jwt-verify has web browser support (doc), so we should be able to use the package after LLRT will implement SubtleCrypto.

https://www.npmjs.com/package/jose will be out of the box compatible as soon as SubtleCrypto is implemented as well.

panva avatar Apr 19 '24 19:04 panva

Hi @richarddavison do we have any ETAs on the crypto implementation? I'm unable to migrate my codebase to LLRT because I'm blocked due to SubtleCrypto and RSA.

ShivamJoker avatar May 13 '24 20:05 ShivamJoker

Hi @richarddavison do we have any ETAs on the crypto implementation? I'm unable to migrate my codebase to LLRT because I'm blocked due to SubtleCrypto and RSA.

Hi @ShivamJoker! Thanks for your patience. We are working on it so should be weeks rather than months. It's not a super complex API, but you'd have to hang on for a bit longer 🙂

richarddavison avatar May 13 '24 21:05 richarddavison

@richarddavison I was looking into this as well as we'd like to provide a Web Crypto API for our customers. If there's anything I can help with, let me know! I can allocate some time to contribute.

It may also be helpful to use the WebCryptoAPI web-platform-tests once we merge https://github.com/awslabs/llrt/pull/447 which adds the WPT test harness.

stephencroberts avatar Jul 08 '24 15:07 stephencroberts

@stephencroberts that would be fantastic. We appreciate all the help we could get 👌 Here is a reference implementation (not using the same JS engine, but contains all the algorithms we need so we can take a lot a inspiration from there) https://github.com/lagonapp/lagon/blob/main/crates/runtime_crypto/src/lib.rs

richarddavison avatar Jul 09 '24 13:07 richarddavison

@richarddavison Is there a work-in-progress somewhere or would I start with what's in main?

stephencroberts avatar Jul 09 '24 14:07 stephencroberts

@richarddavison Is there a work-in-progress somewhere or would I start with what's in main?

Please start of main and create a draft PR as soon as you have something even if it’s far from complete so we can “tag along” 🙂

richarddavison avatar Jul 09 '24 17:07 richarddavison

FYI @richarddavison, this is on the back burner for now for us, so someone else is free to pick this up. If/when it becomes a priority again for us, I can revisit it.

stephencroberts avatar Jul 15 '24 19:07 stephencroberts

Also looking to implement an auth use case - the methods that would help would be importKey, verify, sign, generateKey, and exportKey - all from SubtleCrypto.

I've looked at contributing but unfortunately I'm too out of my depth with Rust atm.

dreamorosi avatar Jul 20 '24 21:07 dreamorosi