@microsoft/ccf-app 3.0.0-dev6 → 3.0.0-rc1

package/consensus.d.ts

@@ -1,13 +1,13 @@
 /**
- * @inheritDoc CCFConsensus.getLastCommittedTxId;
+ * @inheritDoc global!CCFConsensus.getLastCommittedTxId
  */
 export declare const getLastCommittedTxId: () => import("./global.js").TransactionId;
 /**
- * @inheritDoc CCFConsensus.getStatusForTxId;
+ * @inheritDoc global!CCFConsensus.getStatusForTxId
  */
 export declare const getStatusForTxId: (view: number, seqno: number) => import("./global.js").TransactionStatus;
 /**
- * @inheritDoc CCFConsensus.getViewForSeqno;
+ * @inheritDoc global!CCFConsensus.getViewForSeqno
  */
 export declare const getViewForSeqno: (seqno: number) => number | null;
 export { TransactionStatus } from "./global";

package/consensus.js

@@ -8,14 +8,14 @@
  */
 import { ccf } from "./global.js";
 /**
- * @inheritDoc CCFConsensus.getLastCommittedTxId;
+ * @inheritDoc global!CCFConsensus.getLastCommittedTxId
  */
 export const getLastCommittedTxId = ccf.consensus.getLastCommittedTxId.bind(ccf.consensus);
 /**
- * @inheritDoc CCFConsensus.getStatusForTxId;
+ * @inheritDoc global!CCFConsensus.getStatusForTxId
  */
 export const getStatusForTxId = ccf.consensus.getStatusForTxId.bind(ccf.consensus);
 /**
- * @inheritDoc CCFConsensus.getViewForSeqno;
+ * @inheritDoc global!CCFConsensus.getViewForSeqno
  */
 export const getViewForSeqno = ccf.consensus.getViewForSeqno.bind(ccf.consensus);

package/crypto.d.ts

@@ -1,33 +1,57 @@
 /**
- * @inheritDoc CCF.generateAesKey
+ * @inheritDoc global!CCF.generateAesKey
  */
 export declare const generateAesKey: (size: number) => ArrayBuffer;
 /**
- * @inheritDoc CCF.generateRsaKeyPair
+ * @inheritDoc global!CCF.generateRsaKeyPair
  */
 export declare const generateRsaKeyPair: (size: number, exponent?: number | undefined) => import("./global.js").CryptoKeyPair;
 /**
- * @inheritDoc CCF.generateEcdsaKeyPair
+ * @inheritDoc global!CCF.generateEcdsaKeyPair
  */
 export declare const generateEcdsaKeyPair: (curve: string) => import("./global.js").CryptoKeyPair;
 /**
- * @inheritDoc CCF.wrapKey
+ * @inheritDoc global!CCF.generateEcdsaKeyPair
+ */
+export declare const generateEddsaKeyPair: (curve: string) => import("./global.js").CryptoKeyPair;
+/**
+ * @inheritDoc global!CCF.wrapKey
  */
 export declare const wrapKey: (key: ArrayBuffer, wrappingKey: ArrayBuffer, wrapAlgo: import("./global.js").WrapAlgoParams) => ArrayBuffer;
 /**
- * @inheritDoc CCFCrypto.verifySignature
+ * @inheritDoc global!CCFCrypto.verifySignature
+ */
+export declare const sign: (algorithm: import("./global.js").SigningAlgorithm, key: string, plaintext: ArrayBuffer) => ArrayBuffer;
+/**
+ * @inheritDoc global!CCFCrypto.verifySignature
  */
-export declare const verifySignature: (algorithm: import("./global.js").SigningAlgorithm, key: string, signature: ArrayBuffer, data: ArrayBuffer) => boolean;
+export declare const verifySignature: (algorithm: import("./global.js").SigningAlgorithm, key: string, signature: ArrayBuffer, plaintext: ArrayBuffer) => boolean;
 /**
- * @inheritDoc CCF.digest
+ * @inheritDoc global!CCFCrypto.digest
  */
-export declare const digest: (algorithm: "SHA-256", data: ArrayBuffer) => ArrayBuffer;
+export declare const digest: (algorithm: "SHA-256", plaintext: ArrayBuffer) => ArrayBuffer;
 /**
- * @inheritDoc CCF.isValidX509CertBundle
+ * @inheritDoc global!CCFCrypto.isValidX509CertBundle
  */
 export declare const isValidX509CertBundle: (pem: string) => boolean;
 /**
- * @inheritDoc CCF.isValidX509CertChain
+ * @inheritDoc global!CCFCrypto.isValidX509CertChain
  */
 export declare const isValidX509CertChain: (chain: string, trusted: string) => boolean;
-export { WrapAlgoParams, AesKwpParams, RsaOaepParams, RsaOaepAesKwpParams, CryptoKeyPair, DigestAlgorithm, SigningAlgorithm, RsaPkcsParams, EcdsaParams, } from "./global";
+/**
+ * @inheritDoc global!CCFCrypto.pubPemToJwk
+ */
+export declare const pubPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyECPublic;
+/**
+ * @inheritDoc global!CCFCrypto.pemToJwk
+ */
+export declare const pemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyECPrivate;
+/**
+ * @inheritDoc global!CCFCrypto.pubRsaPemToJwk
+ */
+export declare const pubRsaPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyRSAPublic;
+/**
+ * @inheritDoc global!CCFCrypto.rsaPemToJwk
+ */
+export declare const rsaPemToJwk: (pem: string, kid?: string | undefined) => import("./global.js").JsonWebKeyRSAPrivate;
+export { WrapAlgoParams, AesKwpParams, RsaOaepParams, RsaOaepAesKwpParams, CryptoKeyPair, DigestAlgorithm, SigningAlgorithm, } from "./global";

package/crypto.js

@@ -15,34 +15,58 @@
  */
 import { ccf } from "./global.js";
 /**
- * @inheritDoc CCF.generateAesKey
+ * @inheritDoc global!CCF.generateAesKey
  */
-export const generateAesKey = ccf.generateAesKey;
+export const generateAesKey = ccf.crypto.generateAesKey;
 /**
- * @inheritDoc CCF.generateRsaKeyPair
+ * @inheritDoc global!CCF.generateRsaKeyPair
  */
-export const generateRsaKeyPair = ccf.generateRsaKeyPair;
+export const generateRsaKeyPair = ccf.crypto.generateRsaKeyPair;
 /**
- * @inheritDoc CCF.generateEcdsaKeyPair
+ * @inheritDoc global!CCF.generateEcdsaKeyPair
  */
-export const generateEcdsaKeyPair = ccf.generateEcdsaKeyPair;
+export const generateEcdsaKeyPair = ccf.crypto.generateEcdsaKeyPair;
 /**
- * @inheritDoc CCF.wrapKey
+ * @inheritDoc global!CCF.generateEcdsaKeyPair
  */
-export const wrapKey = ccf.wrapKey;
+export const generateEddsaKeyPair = ccf.crypto.generateEddsaKeyPair;
 /**
- * @inheritDoc CCFCrypto.verifySignature
+ * @inheritDoc global!CCF.wrapKey
+ */
+export const wrapKey = ccf.crypto.wrapKey;
+/**
+ * @inheritDoc global!CCFCrypto.verifySignature
+ */
+export const sign = ccf.crypto.sign;
+/**
+ * @inheritDoc global!CCFCrypto.verifySignature
  */
 export const verifySignature = ccf.crypto.verifySignature;
 /**
- * @inheritDoc CCF.digest
+ * @inheritDoc global!CCFCrypto.digest
+ */
+export const digest = ccf.crypto.digest;
+/**
+ * @inheritDoc global!CCFCrypto.isValidX509CertBundle
+ */
+export const isValidX509CertBundle = ccf.crypto.isValidX509CertBundle;
+/**
+ * @inheritDoc global!CCFCrypto.isValidX509CertChain
+ */
+export const isValidX509CertChain = ccf.crypto.isValidX509CertChain;
+/**
+ * @inheritDoc global!CCFCrypto.pubPemToJwk
+ */
+export const pubPemToJwk = ccf.crypto.pubPemToJwk;
+/**
+ * @inheritDoc global!CCFCrypto.pemToJwk
  */
-export const digest = ccf.digest;
+export const pemToJwk = ccf.crypto.pemToJwk;
 /**
- * @inheritDoc CCF.isValidX509CertBundle
+ * @inheritDoc global!CCFCrypto.pubRsaPemToJwk
  */
-export const isValidX509CertBundle = ccf.isValidX509CertBundle;
+export const pubRsaPemToJwk = ccf.crypto.pubRsaPemToJwk;
 /**
- * @inheritDoc CCF.isValidX509CertChain
+ * @inheritDoc global!CCFCrypto.rsaPemToJwk
  */
-export const isValidX509CertChain = ccf.isValidX509CertChain;
+export const rsaPemToJwk = ccf.crypto.rsaPemToJwk;

package/endpoints.d.ts

@@ -221,11 +221,11 @@ export interface Response<T extends ResponseBodyType<T> = any> {
  */
 export declare type EndpointFn<A extends JsonCompatible<A> = any, B extends ResponseBodyType<B> = any> = (request: Request<A>) => Response<B>;
 /**
- * @inheritDoc CCF.rpc.setApplyWrites
+ * @inheritDoc global!CCFRpc.setApplyWrites
  */
 export declare const setApplyWrites: (force: boolean) => void;
 /**
- * @inheritDoc CCF.rpc.setClaimsDigest
+ * @inheritDoc global!CCFRpc.setClaimsDigest
  */
 export declare const setClaimsDigest: (digest: ArrayBuffer) => void;
 export {};

package/endpoints.js

@@ -8,10 +8,10 @@
  */
 import { ccf } from "./global.js";
 /**
- * @inheritDoc CCF.rpc.setApplyWrites
+ * @inheritDoc global!CCFRpc.setApplyWrites
  */
 export const setApplyWrites = ccf.rpc.setApplyWrites.bind(ccf.rpc);
 /**
- * @inheritDoc CCF.rpc.setClaimsDigest
+ * @inheritDoc global!CCFRpc.setClaimsDigest
  */
 export const setClaimsDigest = ccf.rpc.setClaimsDigest.bind(ccf.rpc);

package/global.d.ts

@@ -164,47 +164,179 @@ export interface RsaOaepAesKwpParams {
 export declare type WrapAlgoParams = RsaOaepParams | AesKwpParams | RsaOaepAesKwpParams;
 export interface CryptoKeyPair {
     /**
-     * RSA private key in PEM encoding.
+     * Private key in PEM encoding.
      */
     privateKey: string;
     /**
-     * RSA public key in PEM encoding.
+     * Public key in PEM encoding.
      */
     publicKey: string;
 }
-/**
- * RSASSA-PKCS1-v1_5 signature algorithm parameters.
- */
-export interface RsaPkcsParams {
-    name: "RSASSA-PKCS1-v1_5";
-    hash: DigestAlgorithm;
+export declare type AlgorithmName = "RSASSA-PKCS1-v1_5" | "ECDSA" | "EdDSA";
+export declare type DigestAlgorithm = "SHA-256";
+export interface SigningAlgorithm {
+    name: AlgorithmName;
+    /**
+     * Digest algorithm. It's necessary for "RSASSA-PKCS1-v1_5" and "ECDSA"
+     */
+    hash?: DigestAlgorithm;
 }
 /**
- * ECDSA signature algorithm parameters.
- *
- * Note: ECDSA signatures are assumed to be encoded according
- * to the Web Crypto API specification, which is the same
- * format used in JSON Web Tokens and more generally known
- * as IEEE P1363 encoding.
+ * Interfaces for JSON Web Key objects, as per [RFC7517](https://www.rfc-editor.org/rfc/rfc751).
  */
-export interface EcdsaParams {
-    name: "ECDSA";
-    hash: DigestAlgorithm;
+export interface JsonWebKey {
+    /**
+     * Key type.
+     */
+    kty: string;
+    /**
+     * Key ID.
+     */
+    kid?: string;
+}
+export interface JsonWebKeyECPublic extends JsonWebKey {
+    /**
+     * Elliptic curve identifier.
+     */
+    crv: string;
+    /**
+     * Base64url-encoded x coordinate.
+     */
+    x: string;
+    /**
+     * Base64url-encoded y coordinate.
+     */
+    y: string;
+}
+export interface JsonWebKeyECPrivate extends JsonWebKeyECPublic {
+    /**
+     * Base64url-encoded d coordinate.
+     */
+    d: string;
+}
+export interface JsonWebKeyRSAPublic extends JsonWebKey {
+    /**
+     * Base64url-encoded modulus.
+     */
+    n: string;
+    /**
+     * Base64url-encoded exponent.
+     */
+    e: string;
+}
+export interface JsonWebKeyRSAPrivate extends JsonWebKeyRSAPublic {
+    /**
+     * Private exponent.
+     */
+    d: string;
+    /**
+     * Additional exponents.
+     */
+    p: string;
+    q: string;
+    dp: string;
+    dq: string;
+    qi: string;
 }
-export declare type SigningAlgorithm = RsaPkcsParams | EcdsaParams;
-export declare type DigestAlgorithm = "SHA-256";
 export interface CCFCrypto {
+    /**
+     * Generate a signature.
+     *
+     * @param algorithm Signing algorithm and parameters
+     * @param key A PEM-encoded private key
+     * @param plaintext Input data that will be signed
+     * @throws Will throw an error if the key is not compatible with the
+     *  signing algorithm or if an unknown algorithm is used.
+     */
+    sign(algorithm: SigningAlgorithm, key: string, plaintext: ArrayBuffer): ArrayBuffer;
     /**
      * Returns whether digital signature is valid.
      *
      * @param algorithm Signing algorithm and parameters
      * @param key A PEM-encoded public key or X.509 certificate
      * @param signature Signature to verify
-     * @param data Data that was signed
+     * @param plaintext Input data that was signed
      * @throws Will throw an error if the key is not compatible with the
      *  signing algorithm or if an unknown algorithm is used.
      */
-    verifySignature(algorithm: SigningAlgorithm, key: string, signature: ArrayBuffer, data: ArrayBuffer): boolean;
+    verifySignature(algorithm: SigningAlgorithm, key: string, signature: ArrayBuffer, plaintext: ArrayBuffer): boolean;
+    /**
+     * Generate an AES key.
+     *
+     * @param size The length in bits of the key to generate. 128, 192, or 256.
+     */
+    generateAesKey(size: number): ArrayBuffer;
+    /**
+     * Generate an RSA key pair.
+     *
+     * @param size The length in bits of the RSA modulus. Minimum: 2048.
+     * @param exponent The public exponent. Default: 65537.
+     */
+    generateRsaKeyPair(size: number, exponent?: number): CryptoKeyPair;
+    /**
+     * Generate an ECDSA key pair.
+     *
+     * @param curve The name of the curve, one of "secp256r1", "secp256k1", "secp384r1".
+     */
+    generateEcdsaKeyPair(curve: string): CryptoKeyPair;
+    /**
+     * Generate an EdDSA key pair.
+     *
+     * @param curve The name of the curve. Currently only "curve25519" is supported.
+     */
+    generateEddsaKeyPair(curve: string): CryptoKeyPair;
+    /**
+     * Wraps a key using a wrapping key.
+     *
+     * Constraints on the `key` and `wrappingKey` parameters depend
+     * on the wrapping algorithm that is used (`wrapAlgo`).
+     */
+    wrapKey(key: ArrayBuffer, wrappingKey: ArrayBuffer, wrapAlgo: WrapAlgoParams): ArrayBuffer;
+    /**
+     * Generate a digest (hash) of the given data.
+     */
+    digest(algorithm: DigestAlgorithm, plaintext: ArrayBuffer): ArrayBuffer;
+    /**
+     * Returns whether a string is a PEM-encoded bundle of X.509 certificates.
+     *
+     * A bundle consists of one or more certificates.
+     * Certificates in the bundle do not have to be related to each other.
+     * Validation is only syntactical, properties like validity dates are not evaluated.
+     */
+    isValidX509CertBundle(pem: string): boolean;
+    /**
+     * Returns whether a certificate chain is valid given a set of trusted certificates.
+     * The chain and trusted certificates are PEM-encoded bundles of X.509 certificates.
+     */
+    isValidX509CertChain(chain: string, trusted: string): boolean;
+    /**
+     * Converts an elliptic curve public key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem Elliptic curve public key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pubPemToJwk(pem: string, kid?: string): JsonWebKeyECPublic;
+    /**
+     * Converts an elliptic curve private key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem Elliptic curve private key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pemToJwk(pem: string, kid?: string): JsonWebKeyECPrivate;
+    /**
+     * Converts an RSA public key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem RSA public key as PEM
+     * @param kid Key identifier (optional)
+     */
+    pubRsaPemToJwk(pem: string, kid?: string): JsonWebKeyRSAPublic;
+    /**
+     * Converts an RSA private key as PEM to JSON Web Key (JWK) object.
+     *
+     * @param pem RSA private key as PEM
+     * @param kid Key identifier (optional)
+     */
+    rsaPemToJwk(pem: string, kid?: string): JsonWebKeyRSAPrivate;
 }
 export interface CCFRpc {
     /**
@@ -309,46 +441,38 @@ export interface CCF {
      */
     bufToJsonCompatible<T extends JsonCompatible<T>>(v: ArrayBuffer): T;
     /**
-     * Generate an AES key.
-     *
-     * @param size The length in bits of the key to generate. 128, 192, or 256.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateAesKey
      */
     generateAesKey(size: number): ArrayBuffer;
     /**
-     * Generate an RSA key pair.
-     *
-     * @param size The length in bits of the RSA modulus. Minimum: 2048.
-     * @param exponent The public exponent. Default: 65537.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateRsaKeyPair
      */
     generateRsaKeyPair(size: number, exponent?: number): CryptoKeyPair;
     /**
-     * Generate an ECDSA key pair.
-     *
-     * @param curve The name of the curve, one of "secp256r1", "secp256k1", "secp384r1".
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.generateEcdsaKeyPair
      */
     generateEcdsaKeyPair(curve: string): CryptoKeyPair;
     /**
-     * Wraps a key using a wrapping key.
-     *
-     * Constraints on the `key` and `wrappingKey` parameters depend
-     * on the wrapping algorithm that is used (`wrapAlgo`).
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.wrapKey
      */
     wrapKey(key: ArrayBuffer, wrappingKey: ArrayBuffer, wrapAlgo: WrapAlgoParams): ArrayBuffer;
     /**
-     * Generate a digest (hash) of the given data.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.digest
      */
     digest(algorithm: DigestAlgorithm, data: ArrayBuffer): ArrayBuffer;
     /**
-     * Returns whether a string is a PEM-encoded bundle of X.509 certificates.
-     *
-     * A bundle consists of one or more certificates.
-     * Certificates in the bundle do not have to be related to each other.
-     * Validation is only syntactical, properties like validity dates are not evaluated.
+     * @deprecated
+     * @see crypto.isValidX509CertBundle
      */
     isValidX509CertBundle(pem: string): boolean;
     /**
-     * Returns whether a certificate chain is valid given a set of trusted certificates.
-     * The chain and trusted certificates are PEM-encoded bundles of X.509 certificates.
+     * @deprecated This method has been moved to ccf.crypto namespace
+     * @see crypto.isValidX509CertChain
      */
     isValidX509CertChain(chain: string, trusted: string): boolean;
     crypto: CCFCrypto;

package/historical.d.ts

@@ -3,11 +3,11 @@
  */
 export declare const historicalState: import("./global.js").HistoricalState | undefined;
 /**
- * @inheritDoc CCFHistorical.getStateRange
+ * @inheritDoc global!CCFHistorical.getStateRange
  */
 export declare const getStateRange: (handle: number, startSeqno: number, endSeqno: number, secondsUntilExpiry: number) => import("./global.js").HistoricalState[] | null;
 /**
- * @inheritDoc CCFHistorical.dropCachedStates
+ * @inheritDoc global!CCFHistorical.dropCachedStates
  */
 export declare const dropCachedStates: (handle: number) => boolean;
 export { HistoricalState, Receipt, Proof, ProofElement } from "./global";

package/historical.js

@@ -33,10 +33,10 @@ import { ccf } from "./global.js";
  */
 export const historicalState = ccf.historicalState;
 /**
- * @inheritDoc CCFHistorical.getStateRange
+ * @inheritDoc global!CCFHistorical.getStateRange
  */
 export const getStateRange = ccf.historical.getStateRange.bind(ccf.historical);
 /**
- * @inheritDoc CCFHistorical.dropCachedStates
+ * @inheritDoc global!CCFHistorical.dropCachedStates
  */
 export const dropCachedStates = ccf.historical.dropCachedStates.bind(ccf.historical);

package/openenclave.d.ts

@@ -1,5 +1,5 @@
 /**
- * @inheritDoc OpenEnclave.verifyOpenEnclaveEvidence
+ * @inheritDoc global!OpenEnclave.verifyOpenEnclaveEvidence
  */
 export declare const verifyOpenEnclaveEvidence: (format: string | undefined, evidence: ArrayBuffer, endorsements?: ArrayBuffer | undefined) => import("./global").EvidenceClaims;
 export { EvidenceClaims } from "./global";

package/openenclave.js

@@ -7,6 +7,6 @@
  */
 import { openenclave } from "./global";
 /**
- * @inheritDoc OpenEnclave.verifyOpenEnclaveEvidence
+ * @inheritDoc global!OpenEnclave.verifyOpenEnclaveEvidence
  */
 export const verifyOpenEnclaveEvidence = openenclave.verifyOpenEnclaveEvidence;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@microsoft/ccf-app",
-  "version": "3.0.0-dev6",
+  "version": "3.0.0-rc1",
   "description": "CCF app support package",
   "main": "index.js",
   "files": [
@@ -19,12 +19,14 @@
   "license": "Apache-2.0",
   "devDependencies": {
     "@types/chai": "^4.2.15",
+    "@types/jsrsasign": "^10.5.4",
     "@types/mocha": "^10.0.0",
     "@types/node": "^18.0.0",
     "@types/node-forge": "^1.0.0",
     "chai": "^4.3.4",
     "colors": "1.4.0",
     "cross-env": "^7.0.3",
+    "jsrsasign": "^10.5.27",
     "mocha": "^10.0.0",
     "node-forge": "^1.2.0",
     "ts-node": "^10.4.0",

package/polyfill.js

@@ -14,8 +14,9 @@
  *
  * @module
  */
-import * as crypto from "crypto";
+import * as jscrypto from "crypto";
 import { TextEncoder, TextDecoder } from "util";
+import * as rs from "jsrsasign";
 // JavaScript's Map uses reference equality for non-primitive types,
 // whereas CCF compares the content of the ArrayBuffer.
 // To achieve CCF's semantics, all keys are base64-encoded.
@@ -91,12 +92,48 @@ class CCFPolyfill {
             },
         };
         this.crypto = {
+            sign(algorithm, key, data) {
+                let padding = undefined;
+                const privKey = jscrypto.createPrivateKey(key);
+                if (privKey.asymmetricKeyType == "rsa") {
+                    if (algorithm.name === "RSASSA-PKCS1-v1_5") {
+                        padding = jscrypto.constants.RSA_PKCS1_PADDING;
+                    }
+                    else {
+                        throw new Error("incompatible signing algorithm for given key type");
+                    }
+                }
+                else if (privKey.asymmetricKeyType == "ec") {
+                    if (algorithm.name !== "ECDSA") {
+                        throw new Error("incompatible signing algorithm for given key type");
+                    }
+                }
+                else if (privKey.asymmetricKeyType == "ed25519") {
+                    if (algorithm.name !== "EdDSA") {
+                        throw new Error("incompatible signing algorithm for given key type");
+                    }
+                }
+                else {
+                    throw new Error("unrecognized signing algorithm");
+                }
+                if (algorithm.name === "EdDSA") {
+                    return jscrypto.sign(null, new Uint8Array(data), privKey);
+                }
+                const hashAlg = algorithm.hash.replace("-", "").toLowerCase();
+                const signer = jscrypto.createSign(hashAlg);
+                signer.update(new Uint8Array(data));
+                return signer.sign({
+                    key: privKey,
+                    dsaEncoding: "ieee-p1363",
+                    padding: padding,
+                });
+            },
             verifySignature(algorithm, key, signature, data) {
                 let padding = undefined;
-                const pubKey = crypto.createPublicKey(key);
+                const pubKey = jscrypto.createPublicKey(key);
                 if (pubKey.asymmetricKeyType == "rsa") {
                     if (algorithm.name === "RSASSA-PKCS1-v1_5") {
-                        padding = crypto.constants.RSA_PKCS1_PADDING;
+                        padding = jscrypto.constants.RSA_PKCS1_PADDING;
                     }
                     else {
                         throw new Error("incompatible signing algorithm for given key type");
@@ -107,11 +144,19 @@ class CCFPolyfill {
                         throw new Error("incompatible signing algorithm for given key type");
                     }
                 }
+                else if (pubKey.asymmetricKeyType == "ed25519") {
+                    if (algorithm.name !== "EdDSA") {
+                        throw new Error("incompatible signing algorithm for given key type");
+                    }
+                }
                 else {
                     throw new Error("unrecognized signing algorithm");
                 }
+                if (algorithm.name === "EdDSA") {
+                    return jscrypto.verify(null, new Uint8Array(data), pubKey, new Uint8Array(signature));
+                }
                 const hashAlg = algorithm.hash.replace("-", "").toLowerCase();
-                const verifier = crypto.createVerify(hashAlg);
+                const verifier = jscrypto.createVerify(hashAlg);
                 verifier.update(new Uint8Array(data));
                 return verifier.verify({
                     key: pubKey,
@@ -119,6 +164,189 @@ class CCFPolyfill {
                     padding: padding,
                 }, new Uint8Array(signature));
             },
+            generateAesKey(size) {
+                return nodeBufToArrBuf(jscrypto.randomBytes(size / 8));
+            },
+            generateRsaKeyPair(size, exponent) {
+                const rsaKeyPair = jscrypto.generateKeyPairSync("rsa", {
+                    modulusLength: size,
+                    publicExponent: exponent,
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return rsaKeyPair;
+            },
+            generateEcdsaKeyPair(curve) {
+                var curve_name = curve;
+                if (curve == "secp256r1")
+                    curve_name = "prime256v1";
+                const ecdsaKeyPair = jscrypto.generateKeyPairSync("ec", {
+                    namedCurve: curve_name,
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return ecdsaKeyPair;
+            },
+            generateEddsaKeyPair(curve) {
+                // `type` is always "ed25519" because currently only "curve25519" is supported for `curve`.
+                const type = "ed25519";
+                const ecdsaKeyPair = jscrypto.generateKeyPairSync(type, {
+                    publicKeyEncoding: {
+                        type: "spki",
+                        format: "pem",
+                    },
+                    privateKeyEncoding: {
+                        type: "pkcs8",
+                        format: "pem",
+                    },
+                });
+                return ecdsaKeyPair;
+            },
+            wrapKey(key, wrappingKey, parameters) {
+                if (parameters.name === "RSA-OAEP") {
+                    return nodeBufToArrBuf(jscrypto.publicEncrypt({
+                        key: Buffer.from(wrappingKey),
+                        oaepHash: "sha256",
+                        oaepLabel: parameters.label
+                            ? new Uint8Array(parameters.label)
+                            : undefined,
+                        padding: jscrypto.constants.RSA_PKCS1_OAEP_PADDING,
+                    }, new Uint8Array(key)));
+                }
+                else if (parameters.name === "AES-KWP") {
+                    const iv = Buffer.from("A65959A6", "hex"); // defined in RFC 5649
+                    const cipher = jscrypto.createCipheriv("id-aes256-wrap-pad", new Uint8Array(wrappingKey), iv);
+                    return nodeBufToArrBuf(Buffer.concat([cipher.update(new Uint8Array(key)), cipher.final()]));
+                }
+                else if (parameters.name === "RSA-OAEP-AES-KWP") {
+                    const randomAesKey = this.generateAesKey(parameters.aesKeySize);
+                    const wrap1 = this.wrapKey(randomAesKey, wrappingKey, {
+                        name: "RSA-OAEP",
+                        label: parameters.label,
+                    });
+                    const wrap2 = this.wrapKey(key, randomAesKey, {
+                        name: "AES-KWP",
+                    });
+                    return nodeBufToArrBuf(Buffer.concat([Buffer.from(wrap1), Buffer.from(wrap2)]));
+                }
+                else {
+                    throw new Error("unsupported wrapAlgo.name");
+                }
+            },
+            digest(algorithm, data) {
+                if (algorithm === "SHA-256") {
+                    return nodeBufToArrBuf(jscrypto.createHash("sha256").update(new Uint8Array(data)).digest());
+                }
+                else {
+                    throw new Error("unsupported algorithm");
+                }
+            },
+            isValidX509CertBundle(pem) {
+                if ("X509Certificate" in jscrypto) {
+                    const sep = "-----END CERTIFICATE-----";
+                    const items = pem.split(sep);
+                    if (items.length === 1) {
+                        return false;
+                    }
+                    const pems = items.slice(0, -1).map((p) => p + sep);
+                    for (const [i, p] of pems.entries()) {
+                        try {
+                            new jscrypto.X509Certificate(p);
+                        }
+                        catch (e) {
+                            console.error(`cert ${i} is not valid: ${e.message}`);
+                            console.error(p);
+                            return false;
+                        }
+                    }
+                    return true;
+                }
+                else {
+                    throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
+                }
+            },
+            isValidX509CertChain(chain, trusted) {
+                if (!("X509Certificate" in jscrypto)) {
+                    throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
+                }
+                try {
+                    const toX509Array = (pem) => {
+                        const sep = "-----END CERTIFICATE-----";
+                        const items = pem.split(sep);
+                        if (items.length === 1) {
+                            return [];
+                        }
+                        const pems = items.slice(0, -1).map((p) => p + sep);
+                        const arr = pems.map((pem) => new jscrypto.X509Certificate(pem));
+                        return arr;
+                    };
+                    const certsChain = toX509Array(chain);
+                    const certsTrusted = toX509Array(trusted);
+                    if (certsChain.length === 0) {
+                        throw new Error("chain cannot be empty");
+                    }
+                    for (let i = 0; i < certsChain.length - 1; i++) {
+                        if (!certsChain[i].checkIssued(certsChain[i + 1])) {
+                            throw new Error(`chain[${i}] is not issued by chain[${i + 1}]`);
+                        }
+                    }
+                    for (const certChain of certsChain) {
+                        for (const certTrusted of certsTrusted) {
+                            if (certChain.fingerprint === certTrusted.fingerprint) {
+                                return true;
+                            }
+                            if (certChain.verify(certTrusted.publicKey)) {
+                                return true;
+                            }
+                        }
+                    }
+                    throw new Error("none of the chain certificates are identical to or issued by a trusted certificate");
+                }
+                catch (e) {
+                    console.error(`certificate chain validation failed: ${e.message}`);
+                    return false;
+                }
+            },
+            pubPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            pemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            pubRsaPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
+            rsaPemToJwk(pem, kid) {
+                let jwk = rs.KEYUTIL.getJWK(rs.KEYUTIL.getKey(pem));
+                if (kid !== undefined) {
+                    jwk.kid = kid;
+                }
+                return jwk;
+            },
         };
     }
     strToBuf(s) {
@@ -134,144 +362,25 @@ class CCFPolyfill {
         return JSON.parse(this.bufToStr(v));
     }
     generateAesKey(size) {
-        return nodeBufToArrBuf(crypto.randomBytes(size / 8));
+        return this.crypto.generateAesKey(size);
     }
     generateRsaKeyPair(size, exponent) {
-        const rsaKeyPair = crypto.generateKeyPairSync("rsa", {
-            modulusLength: size,
-            publicExponent: exponent,
-            publicKeyEncoding: {
-                type: "spki",
-                format: "pem",
-            },
-            privateKeyEncoding: {
-                type: "pkcs8",
-                format: "pem",
-            },
-        });
-        return rsaKeyPair;
+        return this.crypto.generateRsaKeyPair(size, exponent);
     }
     generateEcdsaKeyPair(curve) {
-        var curve_name = curve;
-        if (curve == "secp256r1")
-            curve_name = "prime256v1";
-        const ecdsaKeyPair = crypto.generateKeyPairSync("ec", {
-            namedCurve: curve_name,
-            publicKeyEncoding: {
-                type: "spki",
-                format: "pem",
-            },
-            privateKeyEncoding: {
-                type: "pkcs8",
-                format: "pem",
-            },
-        });
-        return ecdsaKeyPair;
+        return this.crypto.generateEcdsaKeyPair(curve);
     }
     wrapKey(key, wrappingKey, parameters) {
-        if (parameters.name === "RSA-OAEP") {
-            return nodeBufToArrBuf(crypto.publicEncrypt({
-                key: Buffer.from(wrappingKey),
-                oaepHash: "sha256",
-                oaepLabel: parameters.label
-                    ? new Uint8Array(parameters.label)
-                    : undefined,
-                padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
-            }, new Uint8Array(key)));
-        }
-        else if (parameters.name === "AES-KWP") {
-            const iv = Buffer.from("A65959A6", "hex"); // defined in RFC 5649
-            const cipher = crypto.createCipheriv("id-aes256-wrap-pad", new Uint8Array(wrappingKey), iv);
-            return nodeBufToArrBuf(Buffer.concat([cipher.update(new Uint8Array(key)), cipher.final()]));
-        }
-        else if (parameters.name === "RSA-OAEP-AES-KWP") {
-            const randomAesKey = this.generateAesKey(parameters.aesKeySize);
-            const wrap1 = this.wrapKey(randomAesKey, wrappingKey, {
-                name: "RSA-OAEP",
-                label: parameters.label,
-            });
-            const wrap2 = this.wrapKey(key, randomAesKey, {
-                name: "AES-KWP",
-            });
-            return nodeBufToArrBuf(Buffer.concat([Buffer.from(wrap1), Buffer.from(wrap2)]));
-        }
-        else {
-            throw new Error("unsupported wrapAlgo.name");
-        }
+        return this.crypto.wrapKey(key, wrappingKey, parameters);
     }
     digest(algorithm, data) {
-        if (algorithm === "SHA-256") {
-            return nodeBufToArrBuf(crypto.createHash("sha256").update(new Uint8Array(data)).digest());
-        }
-        else {
-            throw new Error("unsupported algorithm");
-        }
+        return this.crypto.digest(algorithm, data);
     }
     isValidX509CertBundle(pem) {
-        if ("X509Certificate" in crypto) {
-            const sep = "-----END CERTIFICATE-----";
-            const items = pem.split(sep);
-            if (items.length === 1) {
-                return false;
-            }
-            const pems = items.slice(0, -1).map((p) => p + sep);
-            for (const [i, p] of pems.entries()) {
-                try {
-                    new crypto.X509Certificate(p);
-                }
-                catch (e) {
-                    console.error(`cert ${i} is not valid: ${e.message}`);
-                    console.error(p);
-                    return false;
-                }
-            }
-            return true;
-        }
-        else {
-            throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
-        }
+        return this.crypto.isValidX509CertBundle(pem);
     }
     isValidX509CertChain(chain, trusted) {
-        if (!("X509Certificate" in crypto)) {
-            throw new Error("X509 validation unsupported, Node.js version too old (< 15.6.0)");
-        }
-        try {
-            const toX509Array = (pem) => {
-                const sep = "-----END CERTIFICATE-----";
-                const items = pem.split(sep);
-                if (items.length === 1) {
-                    return [];
-                }
-                const pems = items.slice(0, -1).map((p) => p + sep);
-                const arr = pems.map((pem) => new crypto.X509Certificate(pem));
-                return arr;
-            };
-            const certsChain = toX509Array(chain);
-            const certsTrusted = toX509Array(trusted);
-            if (certsChain.length === 0) {
-                throw new Error("chain cannot be empty");
-            }
-            for (let i = 0; i < certsChain.length - 1; i++) {
-                if (!certsChain[i].checkIssued(certsChain[i + 1])) {
-                    throw new Error(`chain[${i}] is not issued by chain[${i + 1}]`);
-                }
-            }
-            for (const certChain of certsChain) {
-                for (const certTrusted of certsTrusted) {
-                    if (certChain.fingerprint === certTrusted.fingerprint) {
-                        return true;
-                    }
-                    if (certChain.verify(certTrusted.publicKey)) {
-                        return true;
-                    }
-                }
-            }
-            throw new Error("none of the chain certificates are identical to or issued by a trusted certificate");
-        }
-        catch (e) {
-            console.error(`certificate chain validation failed: ${e.message}`);
-            return false;
-        }
+        return this.crypto.isValidX509CertChain(chain, trusted);
     }
 }
 globalThis.ccf = new CCFPolyfill();