@@ -14,10 +14,14 @@ An implementation of the W3C Web Cryptography API specification (https://www.w3.
1414- [ Getting started] ( #getting-started )
1515- [ Algorithms] ( #algorithms )
1616 - [ECDSA](#ecdsa)
17+ - [Parameter Definitions](#parameter-definitions)
18+ - [Examples](#examples)
1719 - [HMAC](#hmac)
1820 - [RSA-OAEP](#rsa-oaep)
1921 - [SHA](#sha)
2022- [ Contributing] ( #contributing )
23+ - [ Appendix] ( #appendix )
24+ - [Hash Algorithms](#hash-algorithms)
2125
2226## Background
2327
@@ -46,10 +50,47 @@ This library is still in active development and all algorithms are not yet suppo
4650
4751## Algorithms
4852
53+ When passing algorithms params into subtle functions, we use the ` webcrypto.Algorithm ` struct. It has the following properties:
54+
55+ | Field | Type | Description |
56+ | :---- | :--- | :---------- |
57+ | Name | ` string ` | The algorithm name. |
58+ | Params | ` any ` | The algorithm parameters as defined by the parameters described by that algorithm in the WebCrypto specification. |
59+
60+ For each algorithm and function described below, listed are the appropriate algorithm params that need to be passed in.
61+
4962### ECDSA
5063
5164The ** ECDSA** algorithm is the implementation of operations described in [ §23] ( https://www.w3.org/TR/WebCryptoAPI/#ecdsa ) of the W3C specification.
5265
66+ #### Parameter Definitions
67+
68+ ##### Params
69+
70+ As specified in [ §23.1] ( https://www.w3.org/TR/WebCryptoAPI/#EcdsaParams-dictionary )
71+
72+ | Field | Type | Description |
73+ | :---- | :--- | :---------- |
74+ | Hash | ` string ` | The hash algorithm to use. See the supported [ hash algorithms] ( #hash-algorithms ) |
75+
76+ ##### KeyGenParams
77+
78+ As specified in [ §23.4] ( https://www.w3.org/TR/WebCryptoAPI/#EcKeyGenParams-dictionary )
79+
80+ | Field | Type | Description |
81+ | :---- | :--- | :---------- |
82+ | NamedCurve | ` string ` | A valid named curve. One of ` P-256 ` , ` P-384 ` , or ` P-521 ` . |
83+
84+ ##### KeyImportParams
85+
86+ As specified in [ §23.6] ( https://www.w3.org/TR/WebCryptoAPI/#EcKeyImportParams-dictionary )
87+
88+ | Field | Type | Description |
89+ | :---- | :--- | :---------- |
90+ | NamedCurve | ` string ` | A valid named curve. One of ` P-256 ` , ` P-384 ` , or ` P-521 ` . |
91+
92+ #### Examples
93+
5394``` go
5495package main
5596
@@ -59,28 +100,41 @@ import (
59100)
60101
61102func main () {
62- // generate a new ECDSA key
103+ // generate a new P-256 ECDSA key
63104 key , err := webcrypto.Subtle ().GenerateKey (
64- &ecdsa.Algorithm {
105+ &webcrypto.Algorithm {
106+ Name: " ECDSA"
107+ Params: &ecdsa.KeyGenParams {
65108 NamedCurve: " P-256"
66- }, true , webcrypto.Sign , webcrypto.Verify )
109+ },
110+ }, true , []webcrypto.KeyUsage {
111+ webcrypto.Sign ,
112+ webcrypto.Verify ,
113+ })
67114 if err != nil {
68115 panic (err)
69116 }
70117
118+ // key returned is a webcrypto.CryptoKeyPair
71119 ckp := key.(webcrypto.CryptoKeyPair )
72120
73121 // sign some data with the private key
74- sig , err := webcrypto.Subtle ().Sign (&ecdsa.Algorithm {
75- Hash: " SHA-256"
122+ sig , err := webcrypto.Subtle ().Sign (&webcrypto.Algorithm {
123+ Name: " ECDSA"
124+ Params: &ecdsa.Params {
125+ Hash: " SHA-256"
126+ },
76127 }, ckp.PrivateKey (), []byte (" test"
77128 if err != nil {
78129 panic (err)
79130 }
80131
81132 // verify the signature with the public key
82- ok , err := webcrypto.Subtle ().Verify (&ecdsa.Algorithm {
83- Hash: " SHA-256"
133+ ok , err := webcrypto.Subtle ().Verify (&webcrypto.Algorithm {
134+ Name: " ECDSA"
135+ Params: &ecdsa.Params {
136+ Hash: " SHA-256"
137+ }
84138 }, ckp.PublicKey (), sig, []byte (" test"
85139 if err != nil {
86140 panic (err)
@@ -89,6 +143,31 @@ func main() {
89143 if !ok {
90144 // didn't verify - do something
91145 }
146+
147+ // export the public/private key as webcrypto.JsonWebKey
148+ out , err := webcrypto.Subtle ().ExportKey (webcrypto.JWK , ckp.PrivateKey ())
149+ if err != nil {
150+ panic (err)
151+ }
152+
153+ jwk := out.(webcrypto.JsonWebKey )
154+
155+ // do something with jwk
156+
157+ // import a public/private key and return webcrypto.CryptoKey
158+ ck , err := webcrypto.Subtle ().ImportKey (webcrypto.JWK , jwk, &webcrypto.Algorithm {
159+ Name: " ECDSA"
160+ Params: &ecdsa.KeyImportParams {
161+ NamedCurve: " P-256"
162+ },
163+ }, true , []webcrypto.KeyUsages {
164+ webcrypto.Sign ,
165+ })
166+ if err != nil {
167+ panic (err)
168+ }
169+
170+ // do something with the imported key
92171}
93172```
94173
@@ -229,7 +308,16 @@ func main() {
229308}
230309```
231310
232-
233311## Contributing
234312
235- If you have found a bug or would like to see new features, please create a new issue in this repository. If there is an issue that poses a security risk, please refrain from posting the issue publicly and contact
[ [email protected] ] ( mailto://[email protected] ) instead.
313+ If you have found a bug or would like to see new features, please create a new issue in this repository. If there is an issue that poses a security risk, please refrain from posting the issue publicly and contact
[ [email protected] ] ( mailto://[email protected] ) instead.
314+
315+ ## Apendix
316+
317+ ### Hash Algorithms
318+
319+ Unless otherwise specified by a particular algorithm, the supported hash algorithms are
320+ - ` SHA-1 `
321+ - ` SHA-256 `
322+ - ` SHA-384 `
323+ - ` SHA-512 `
0 commit comments