From e8046378afde53ebce3170cbeea4ea1203c12b67 Mon Sep 17 00:00:00 2001
From: Liran Nuna <liranuna@gmail.com>
Date: Sat, 2 Mar 2019 12:57:59 -0800
Subject: [PATCH] Improvements to HKDF

---
 src/mechs/hkdf/hkdf.ts | 33 +++++++--------------------------
 src/subtle.ts          |  4 ++--
 2 files changed, 9 insertions(+), 28 deletions(-)

diff --git a/src/mechs/hkdf/hkdf.ts b/src/mechs/hkdf/hkdf.ts
index 7da2545..f5cc28d 100644
--- a/src/mechs/hkdf/hkdf.ts
+++ b/src/mechs/hkdf/hkdf.ts
@@ -1,20 +1,10 @@
-import * as core from "webcrypto-core";
-import { HmacCryptoKey } from "../hmac/key";
-import { HkdfCryptoKey } from "./key";
-import { BufferSourceConverter, CryptoKey } from "webcrypto-core";
 import crypto from "crypto";
+import * as core from "webcrypto-core";
+import { BufferSourceConverter, CryptoKey } from "webcrypto-core";
+import { HkdfCryptoKey } from "./key";
 
 export class HkdfProvider extends core.HkdfProvider {
 
-  private normalizeHash(hash: HashAlgorithmIdentifier): Algorithm {
-    if (typeof hash === "string") {
-      hash = {name: hash};
-    }
-
-    this.checkHashAlgorithm(hash, this.hashAlgorithms);
-    return hash;
-  }
-
   public async onImportKey(format: KeyFormat, keyData: ArrayBuffer, algorithm: HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey> {
     if (format.toLowerCase() !== "raw") {
         throw new core.OperationError("Operation not supported");
@@ -28,17 +18,8 @@ export class HkdfProvider extends core.HkdfProvider {
     return key;
   }
 
-  public async onExportKey(format: KeyFormat, key: HmacCryptoKey): Promise<JsonWebKey | ArrayBuffer> {
-    switch (format.toLowerCase()) {
-      case "raw":
-        return new Uint8Array(key.data).buffer;
-      default:
-        throw new core.OperationError("format: Must be 'raw'");
-    }
-  }
-
   public async onDeriveBits(params: HkdfParams, baseKey: HkdfCryptoKey, length: number): Promise<ArrayBuffer> {
-    const hash = this.normalizeHash(params.hash).name.replace("-", "");
+    const hash = (params.hash as Algorithm).name.replace("-", "");
     const hashLength = crypto.createHash(hash).digest().length;
 
     const byteLength = length / 8;
@@ -48,13 +29,13 @@ export class HkdfProvider extends core.HkdfProvider {
         .update(BufferSourceConverter.toUint8Array(baseKey.data))
         .digest();
 
-    let blocks = [Buffer.alloc(0)];
+    const blocks = [Buffer.alloc(0)];
     const blockCount = Math.ceil(byteLength / hashLength) + 1; // Includes empty buffer
-    for (let i=1; i<blockCount; ++i) {
+    for (let i = 1; i < blockCount; ++i) {
       blocks.push(
           crypto.createHmac(hash, PRK)
             .update(Buffer.concat([blocks[i - 1], info, Buffer.from([i])]))
-            .digest()
+            .digest(),
       );
     }
 
diff --git a/src/subtle.ts b/src/subtle.ts
index 22979db..60ce49f 100644
--- a/src/subtle.ts
+++ b/src/subtle.ts
@@ -3,8 +3,8 @@ import {
   AesCbcProvider, AesCtrProvider, AesGcmProvider, AesKwProvider,
   DesCbcProvider, DesEde3CbcProvider,
   EcdhProvider, EcdsaProvider,
-  HmacProvider,
-  Pbkdf2Provider, HkdfProvider,
+  HkdfProvider, HmacProvider,
+  Pbkdf2Provider,
   RsaOaepProvider, RsaPssProvider, RsaSsaProvider,
   Sha1Provider, Sha256Provider, Sha384Provider, Sha512Provider,
 } from "./mechs";