Update to Mocha v10 in tests, declare lib as module and add exports to package.json

Mocha v10 requires the lib to be esm compliant.
ESM mandates the use of file extensions in imports, so to minimize the
changes (for now), we rely on the flag `experimental-specifier-resolution=node`
and on `ts-node` (needed only for Node 20).

Breaking changes:
downstream bundlers might be affected by the package.json changes depending on
how they load the library.
NB: legacy package.json entrypoints are still available.

src/crypto/cmac.js

@@ -2,7 +2,6 @@
  * @fileoverview This module implements AES-CMAC on top of
  * native AES-CBC using either the WebCrypto API or Node.js' crypto API.
  * @module crypto/cmac
- * @private
  */
 
 import { AES_CBC } from '@openpgp/asmcrypto.js/dist_es8/aes/cbc';

src/crypto/mode/eax.js

@@ -19,7 +19,6 @@
  * @fileoverview This module implements AES-EAX en/decryption on top of
  * native AES-CTR using either the WebCrypto API or Node.js' crypto API.
  * @module crypto/mode/eax
- * @private
  */
 
 import { AES_CTR } from '@openpgp/asmcrypto.js/dist_es8/aes/ctr';

src/crypto/mode/index.js

@@ -1,7 +1,6 @@
 /**
  * @fileoverview Cipher modes
  * @module crypto/mode
- * @private
  */
 
 import * as cfb from './cfb';

src/crypto/public_key/elliptic/ecdsa.js

@@ -280,7 +280,7 @@ async function nodeVerify(curve, hashAlgo, { r, s }, message, publicKey) {
 
 /* eslint-disable no-invalid-this */
 
-const asn1 = nodeCrypto ? require('asn1.js') : undefined;
+const asn1 = nodeCrypto ? util.nodeRequire('asn1.js') : undefined;
 
 const ECDSASignature = nodeCrypto ?
   asn1.define('ECDSASignature', function() {

src/crypto/public_key/rsa.js

@@ -30,7 +30,7 @@ import enums from '../../enums';
 
 const webCrypto = util.getWebCrypto();
 const nodeCrypto = util.getNodeCrypto();
-const asn1 = nodeCrypto ? require('asn1.js') : undefined;
+const asn1 = nodeCrypto ? util.nodeRequire('asn1.js') : undefined;
 
 /* eslint-disable no-invalid-this */
 const RSAPrivateKey = nodeCrypto ? asn1.define('RSAPrivateKey', function () {

src/key/subkey.js

@@ -1,6 +1,5 @@
 /**
  * @module key/Subkey
- * @private
  */
 
 import enums from '../enums';

src/util.js

@@ -24,6 +24,7 @@
  */
 
 import * as stream from '@openpgp/web-stream-tools';
+import { createRequire } from 'module'; // Must be stripped in browser built
 import { getBigInteger } from './biginteger';
 import enums from './enums';
 
@@ -39,6 +40,8 @@ const util = {
     return typeof data === 'string' || data instanceof String;
   },
 
+  nodeRequire: createRequire(import.meta.url),
+
   isArray: function(data) {
     return data instanceof Array;
   },
@@ -396,11 +399,11 @@ const util = {
    * @returns {Object} The crypto module or 'undefined'.
    */
   getNodeCrypto: function() {
-    return require('crypto');
+    return this.nodeRequire('crypto');
   },
 
   getNodeZlib: function() {
-    return require('zlib');
+    return this.nodeRequire('zlib');
   },
 
   /**
@@ -409,7 +412,7 @@ const util = {
    * @returns {Function} The Buffer constructor or 'undefined'.
    */
   getNodeBuffer: function() {
-    return (require('buffer') || {}).Buffer;
+    return (this.nodeRequire('buffer') || {}).Buffer;
   },
 
   getHardwareConcurrency: function() {
@@ -417,7 +420,7 @@ const util = {
       return navigator.hardwareConcurrency || 1;
     }
 
-    const os = require('os'); // Assume we're on Node.js.
+    const os = this.nodeRequire('os'); // Assume we're on Node.js.
     return os.cpus().length;
   },