Hi,

> If you decide to code the solution and provide the patch, I will be
> happy to apply it to cryptokit (if the main author of cryptokit accepts
> it, of course).

I'm attaching the patches adding support for HMAC-SHA256 and HMAC-RIPEMD160
(I don't need the latter, but for the sake of completeness it seemed silly
not to support it as well).  Note that these are *very* straightforward
patches -- kudos to Xavier for making Cryptokit so easy to extend.

The caveat is that I'm not a cryptographer.  I did, however, verify that
these new HMACs pass all the test cases listed in RFC4231 (for HMAC-SHA256)
and RFC2286 (for HMAC-RIPEMD160).

Thanks for your attention!
Cheers,
Dario Teixeira