refactor: use crypto-kit for HMAC on non Apple platforms

Author: kylef

Package.swift

@@ -11,14 +11,14 @@ let dependencies = [
   Package.Dependency.package(url: "https://github.com/kylef-archive/CommonCrypto.git", from: "1.0.0"),
 ]
 #endif
-let excludes = ["HMAC/HMACCryptoSwift.swift"]
+let excludes = ["HMAC/HMACCrypto.swift"]
 let targetDependencies: [Target.Dependency] = []
 #else
 let dependencies = [
-  Package.Dependency.package(url: "https://github.com/krzyzanowskim/CryptoSwift.git", from: "0.10.0"),
+  Package.Dependency.package(url: "https://github.com/apple/swift-crypto", from: "1.1.3"),
 ]
 let excludes = ["HMAC/HMACCommonCrypto.swift"]
-let targetDependencies: [Target.Dependency] = ["CryptoSwift"]
+let targetDependencies: [Target.Dependency] = ["Crypto"]
 #endif
 
 

Sources/JWA/HMAC/HMACCrypto.swift

@@ -0,0 +1,34 @@
+import Foundation
+import Crypto
+
+
+extension HMACAlgorithm: SignAlgorithm, VerifyAlgorithm {
+  var symmetricKey: SymmetricKey {
+    return SymmetricKey(data: key)
+  }
+
+  public func sign(_ message: Data) -> Data {
+    switch hash {
+    case .sha256:
+      let code = HMAC<SHA256>.authenticationCode(for: message, using: symmetricKey)
+      return Data(code)
+    case .sha384:
+      let code = HMAC<SHA384>.authenticationCode(for: message, using: symmetricKey)
+      return Data(code)
+    case .sha512:
+      let code = HMAC<SHA512>.authenticationCode(for: message, using: symmetricKey)
+      return Data(code)
+    }
+  }
+
+  public func verify(_ message: Data, signature: Data) -> Bool {
+    switch hash {
+    case .sha256:
+      return HMAC<SHA256>.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey)
+    case .sha384:
+      return HMAC<SHA384>.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey)
+    case .sha512:
+      return HMAC<SHA512>.isValidAuthenticationCode(signature, authenticating: message, using: symmetricKey)
+    }
+  }
+}