Fix HMAC JWK import length handling#303
Conversation
8e351d9 to
554da8c
Compare
554da8c to
b22f865
Compare
|
Sorry, I accidentally clicked the close button. I have reopened the PR. |
Keep both the upstream js_interop import and the HMAC JWK base64Url import in the JS implementation.
c8c9ea2 to
c4479da
Compare
|
@jonasfj I resolved all conflicts. |
HamdaanAliQuatil
left a comment
There was a problem hiding this comment.
I checked this against the normative HMAC import steps and left the details in #302. Unlike hash or curve, length is applied after the JWK has been decoded: the imported key consists of the first length bits.
That means the current validation-only implementation, particularly the test rejecting non-zero discarded bits, would encode behavior that differs from Web Crypto. I think we should settle the expected behavior in #302 before merging this.
|
Thanks for the clarification and for checking the HMAC import steps against the Web Crypto spec. I updated the PR so JWK import now follows the same behavior as raw import: it decodes The regression test now covers the raw/JWK parity case for |
Fixes #302.
What changed
lengththrough HMAC JWK import.lengthafter decodingjwk.k, matching Web Crypto HMAC import steps.Testing
/Users/apple/flutter/bin/dart run lib/src/testing/regression/issue_302_hmac_jwk_length.dart/Users/apple/flutter/bin/dart test test/webcrypto_test.dart/Users/apple/flutter/bin/dart analyze