search

PeculiarVentures / webcrypto-core

A input validation layer for WebCrypto polyfills.
MIT License
28 stars 13 forks source link

Allow to pass additional arugments to a subtle function #28

Closed beejones closed 4 years ago

beejones commented 4 years ago

Hi, I am using your package to build a subtle API for using hardware security services such as Key Vault. If one wants to generate a key on such a service, one wants to specify the name of the new key and as such pass an additional optional parameter to generateKey. The method checkRequiredArguments is very strict on killing this option.

protected checkRequiredArguments(args: IArguments, size: number, methodName: string) { if (args.length !== size) { throw new TypeError(Failed to execute '${methodName}' on 'SubtleCrypto': ${size} arguments required, but only ${args.length} present); } }

Would it be possible to allow additional arguments (args.length > size) to these functions or do you envision another way to pass additional parameters. The only other way I saw was to pass additional props in algorithm but this is not a clean solution.

Thanks

microshine commented 4 years ago

Hi The simplest way to do it (without core module update) is to override checkRequiredArguments function for SubtleCrypto class

export class SubtleCryptoEx extends SubtleCrypto {
  public checkRequiredArguments(args: IArguments, size: number, methodName: string) {
    // nothing
  }
}

or 

  public checkRequiredArguments(args: IArguments, size: number, methodName: string) {
    // ignore size from core implementation and use yours
    switch (methodName) {
      case "generateKey":
        return super.checkRequiredArguments(args, 4, "generateKey"); // +1 extra argument
      case "hash":
        // ...
    }
  }
rmhrisk commented 4 years ago

This is a neat project. Will you be open sourcing it? We will need something like it in the near future. Specifically interested in Azure and GCP cloud HSM support.

beejones commented 4 years ago

@rmhrisk It already is. See https://github.com/microsoft/VerifiableCredentials-Crypto-SDK-Typescript

@microshine Thanks I will give this a try.

beejones commented 4 years ago

@rmhrisk have a look to this sample: https://github.com/microsoft/VerifiableCredentials-Crypto-SDK-Typescript/blob/master/libs/sdk/tests/signing.spec.ts It illustrates the same code running on node (your lib) and key vault.

rmhrisk commented 4 years ago

Neat. We may end up taking at least "inspiration" in our own package that doesn't carry the other verifiable credential related elements. Thanks for sharing!