Create WebCrypto provider for HMAC
eheasley opened this issue · comments
This provider will use WebCrypto's SubtleCrypto.sign
method to perform HMAC operations. It will need to handle incremental updating and input validation itself since the actual WebCrypto function won't be called until the HMAC is finalized.
See examples at https://github.com/diafygi/webcrypto-examples
There is an initial solution available at https://github.com/devpaul/crypto/tree/hmac based on code from PR #9. Tests pass on Chrome and FireFox. Safari gives up before really connecting to the proxy.
I am hoping this will give us a chance to compare the node and webcrypto implementations and ensure our APIs will provide a consistent user experience between platforms.
Note that this uses the latest spec for CryptoKey and MDN is not up-to-date at the time of this writing. For instance, the hash algorithm can be supplied as a string or an object: https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#algorithm-dictionary.
Once PR #9 has been merged I'll cherry-pick out my changes and reapply them into another branch that will be submitted for review.
P.S. I found these tests to be a useful reference: https://chromium.googlesource.com/chromium/blink/+/949530d6cba5e6943ce1b1502b602ae97b9bd557/LayoutTests/crypto/sign-verify.html