For webkit support, I removed the public/private signing keys and
replaced them with a symmetric HMAC signing key. It achieves the same
thing and besides adding webkit support, is also a bit cleaner.
Webkit handles key export is a non-standard way, so with this shim we
have to export and import public keys in “spki” format. Webkit also
requires slightly different options to be passed in for some operations.
