Refactor Key Management in @web5/crypto and add @web5/crypto-aws-kms

[frankhinek]

Summary

This PR is largely focused on implementing the proposal in #271. Refer to that issue for more context.

Changes

@web5/crypto

• Removal of the class inheritance based algorithms-api and child classes.
• New CryptoApi interface and modular types for KeyGenerator, Signer, Cipher, Hasher, etc. introduced as proposed in Refactor Key Management in @web5/crypto #271.
• LocalKmsCrypto added that provides an implementation of CryptoApi that uses a local key store (memory is the default but can be customized to use a persistent store).
• Algorithm support retained for AES-CTR, AES-GCM, ECDSA, EdDSA, and SHA-2.
• JOSE portion of the library restructured to make way for expanded support to come for JWT, JWS, and JWE.
• Bump version to 0.3.0 due to breaking changes and need to incrementally update dependent Web5 JS packages.
• Bump crypto dependencies:
  • @noble/ciphers from 0.4.0 to 0.4.1
  • @noble/curves from 1.2.0 to 1.3.2
  • @noble/hashes from 1.3.2to1.3.3`
• Remove @types/ed2curve development dependency since ed2curve was removed a while ago.
• Test coverage remains at 100% -- only appears to have dropped due to type only files in the jose directory, which will be covered once JWT, JWS, and JWE functionality is added.

@web5/crypto-aws-kms

• New package that provides an implementation of CryptoApi that uses AWS KMS for remote storage of keys and signing operations
• Features mirror those of the existing Web5 KT AwsKeyManager implementation:
  • Generating ES256K private keys secured by AWS KMS.
  • Signing data with ECDSA secp256k1 using AWS KMS.
  • Local verification of ECDSA signatures.
• Designed to be extensible so that support for additional key operations and algorithms can be added.

@web5/common

• Improve type usage in LevelStore to support callers modifying the key / value types.
• Add ability to specify a custom store for LevelStore.

@web5/api, @web5/crypto, @web5/dids

• Bump deprecated sinon package from 15.0.2 to 16.1.3

@web5/agent, @web5/credentials

• Corrected missing dev dependency: [email protected]

@web5/*

• Updated root tsconfig.json compiler options lib from ES6 to ES2022.

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[github-actions]

TBDocs Report

✅ No errors or warnings

@web5/api

• Project entry file: packages/api/src/index.ts

---

TBDocs Report Updated at 2024-01-04T14:34:08Z bb70273

[codecov]

Codecov Report

Merging #360 (8158687) into main (3567f0e) will decrease coverage by 1.10%.
The diff coverage is 92.71%.

❗ Current head 8158687 differs from pull request most recent head bb70273. Consider uploading reports for the commit bb70273 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #360      +/-   ##
==========================================
- Coverage   92.79%   91.69%   -1.10%     
==========================================
  Files          71       67       -4     
  Lines       16477    18176    +1699     
  Branches     1525     1534       +9     
==========================================
+ Hits        15290    16667    +1377     
- Misses       1165     1487     +322     
  Partials       22       22              

Components	Coverage Δ
agent	88.08% <100.00%> (ø)
api	96.93% <ø> (ø)
common	98.57% <100.00%> (+0.78%)	⬆️
credentials	∅ <ø> (∅)
crypto	94.54% <91.12%> (-5.46%)	⬇️
dids	92.24% <ø> (ø)
identity-agent	56.81% <0.00%> (ø)
crypto-aws-kms	100.00% <100.00%> (∅)
proxy-agent	58.43% <0.00%> (ø)
user-agent	55.22% <0.00%> (ø)

[mistermoe]

💯 🏅

[nitro-neal]

Great job, few minor things. I'll look over it again in detail but overall looks good!