Support Ed25519 and Ed25519ph

[zamicol]

Paul currently supports Ed25519. We're hoping Paul will implement Ed25519ph soon: https://github.com/paulmillr/noble-ed25519/issues/63

The W3C Web Cryptography API recommendation also omits Ed25519, so an external package that implements the Ed25519 primitive is used. The upcoming update FIPS 186-5 specifies Ed25519 support. (https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft.pdf, section 7.8) Hopefully this will motivate Javascript to include Ed25519.

See also the Ed25519 Tool

• https://github.com/Cyphrme/ed25519_tool/issues/1
• https://cyphr.me/ed25519_tool/ed.html
• https://github.com/Cyphrme/ed25519_tool

[zamicol]

Also consider https://stackoverflow.com/questions/75008138/can-subtlecrypto-verify-use-a-digest-instead-of-the-original-message/75008139#75008139

May be reason enough to move to noble-curves fully after release.

We may have multiple "back end" support as well, but SubtleCrypto will be limited in capability.

[zamicol]

Also, we'll preserve the current style somewhere so that we have a SubtleCrypto backend that can be used.