webcrypto.dart
webcrypto.dart copied to clipboard
google
Cross-platform implementation of Web Cryptography APIs
The code in dartdoc examples mixes imports and statement-level code. Ideally it would contain self-contained code that one could copy and run for one-self. And that we could extract programmatically...
Documentation for AES-GCM should discourage AES-192 and encourage nonce size 96 (12 bytes). This follows documentation from BoringSSL: https://boringssl.googlesource.com/boringssl/+/HEAD/include/openssl/aead.h?pli=1 I don't think we should make these recommendations without appropriate sources....
The attempt in https://github.com/google/webcrypto.dart/pull/52 caused regression in https://github.com/google/webcrypto.dart/issues/80. Thus it was reverted in https://github.com/google/webcrypto.dart/pull/94. Ideas for how to enable and properly test LTO for Android are welcome.
It would be awesome if we could figure out how to run tests under valgrind, even if we can only do it in one configuration.
`.github/workflows/test.yml` contains: ```yaml # TODO: Enable macos desktop when supported #- run: flutter test integration_test/webcrypto_test.dart -d macos # working-directory: ./example ``` We really should enable integration tests on macos desktop....
We wrap all (or almost all) FFI code in `_Scope`, thus, it might make sense to review all usage of `_Scope` to see if we can augment `_Scope` such that...
BoringCrypto exposes `ERR_clear_error()` which clears the thread-local error stack. For any function in BoringCrypto which may set error state, we **must** read the error stack, before we do any async/await,...
Whenever we create a CBS object, it's usually because we're feeding some data into BoringCrypto. If all the data is not read, this usually indicates invalid data. If importing a...
Logic in https://github.com/google/webcrypto.dart/issues/58 should be tested, but tests can probably not be written with `TestRunner`. Maybe, if we do https://github.com/google/webcrypto.dart/issues/55, we can do this here.