Jonas Finnemann Jensen
Jonas Finnemann Jensen
We should use `final class` for everything in the public API. **Motiviation**: * This package is **not** attempting to offer abstractions over cryptographic APIs. * We don't want others to...
It's sad when `print(HmacSecretKey.generateKey(Hash.sha256))` shows `Instance of '_HmacSecretKey'`. Perhaps we should override the `toString()` method on all the private classes. The user doesn't need to know about `_HmacSecretKey`, since it's...
Try creating a trivial PR changing nothing and see that iOS integration tests fails half the time. We could probably try to debug by using a Mac with iOS, or...
Documentation for AES-GCM should discourage AES-192 and encourage nonce size 96 (12 bytes). This follows documentation from BoringSSL: https://boringssl.googlesource.com/boringssl/+/HEAD/include/openssl/aead.h?pli=1 I don't think we should make these recommendations without appropriate sources....
The attempt in https://github.com/google/webcrypto.dart/pull/52 caused regression in https://github.com/google/webcrypto.dart/issues/80. Thus it was reverted in https://github.com/google/webcrypto.dart/pull/94. Ideas for how to enable and properly test LTO for Android are welcome.
It would be awesome if we could figure out how to run tests under valgrind, even if we can only do it in one configuration.
`.github/workflows/test.yml` contains: ```yaml # TODO: Enable macos desktop when supported #- run: flutter test integration_test/webcrypto_test.dart -d macos # working-directory: ./example ``` We really should enable integration tests on macos desktop....
We wrap all (or almost all) FFI code in `_Scope`, thus, it might make sense to review all usage of `_Scope` to see if we can augment `_Scope` such that...
BoringCrypto exposes `ERR_clear_error()` which clears the thread-local error stack. For any function in BoringCrypto which may set error state, we **must** read the error stack, before we do any async/await,...