@avieldr/react-native-rsa 1.0.0

package/ios/RSAKeyGenerator.swift

@@ -0,0 +1,164 @@
+import Foundation
+import Security
+
+/**
+ * Result of RSA key pair generation, containing both keys as PEM strings.
+ * Exposed to Objective-C for bridge compatibility.
+ */
+@objc public class RSAKeyPairResult: NSObject {
+    @objc public let publicKey: String
+    @objc public let privateKey: String
+
+    init(publicKey: String, privateKey: String) {
+        self.publicKey = publicKey
+        self.privateKey = privateKey
+    }
+}
+
+/**
+ * RSA key generation and conversion operations.
+ *
+ * Thread-safe singleton that provides:
+ *   - Key pair generation (PKCS#1 or PKCS#8 private key format)
+ *   - Public key extraction from a private key
+ *   - Private key format conversion between PKCS#1 and PKCS#8
+ *
+ * Uses the iOS Security framework (`SecKey` APIs) for key generation and import.
+ * Delegates ASN.1 encoding to `ASN1Utils` and PEM/key-loading to `KeyUtils`.
+ */
+@objc public final class RSAKeyGenerator: NSObject {
+
+    @objc public static let shared = RSAKeyGenerator()
+    private override init() { super.init() }
+
+    // MARK: - Key Pair Generation
+
+    /**
+     * Generate an RSA key pair using the iOS Security framework.
+     *
+     * - Parameters:
+     *   - keySize: RSA key size in bits (e.g. 1024, 2048, 4096)
+     *   - format:  "pkcs1" or "pkcs8" — controls the private key output format.
+     *              Public key is always SPKI ("BEGIN PUBLIC KEY").
+     * - Throws: If key generation or export fails
+     * - Returns: RSAKeyPairResult with public and private keys in PEM format
+     */
+    @objc public func generateKeyPair(keySize: Int, format: String) throws -> RSAKeyPairResult {
+        let attributes: [String: Any] = [
+            kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
+            kSecAttrKeySizeInBits as String: keySize,
+            kSecPrivateKeyAttrs as String: [
+                kSecAttrIsPermanent as String: false
+            ]
+        ]
+
+        var error: Unmanaged<CFError>?
+        guard let privateSecKey = SecKeyCreateRandomKey(attributes as CFDictionary, &error) else {
+            let errorMessage = error?.takeRetainedValue().localizedDescription ?? "Unknown error"
+            throw NSError(domain: "RSAKeyGenerator", code: 1,
+                          userInfo: [NSLocalizedDescriptionKey: "Failed to generate RSA key: \(errorMessage)"])
+        }
+
+        // SecKeyCopyExternalRepresentation returns PKCS#1 DER for RSA private keys
+        guard let privateKeyData = SecKeyCopyExternalRepresentation(privateSecKey, &error) as Data? else {
+            let errorMessage = error?.takeRetainedValue().localizedDescription ?? "Unknown error"
+            throw NSError(domain: "RSAKeyGenerator", code: 2,
+                          userInfo: [NSLocalizedDescriptionKey: "Failed to export RSA key: \(errorMessage)"])
+        }
+
+        // Encode private key in the requested format
+        let privateKeyPEM: String
+        if format == "pkcs8" {
+            let pkcs8Data = ASN1Utils.wrapPkcs1InPkcs8(pkcs1Data: privateKeyData)
+            privateKeyPEM = KeyUtils.toPEM(data: pkcs8Data, header: "PRIVATE KEY")
+        } else {
+            privateKeyPEM = KeyUtils.toPEM(data: privateKeyData, header: "RSA PRIVATE KEY")
+        }
+
+        // Extract and export public key
+        guard let publicSecKey = SecKeyCopyPublicKey(privateSecKey) else {
+            throw NSError(domain: "RSAKeyGenerator", code: 3,
+                          userInfo: [NSLocalizedDescriptionKey: "Could not extract public key"])
+        }
+
+        guard let publicKeyRawData = SecKeyCopyExternalRepresentation(publicSecKey, &error) as Data? else {
+            let errorMessage = error?.takeRetainedValue().localizedDescription ?? "Unknown error"
+            throw NSError(domain: "RSAKeyGenerator", code: 4,
+                          userInfo: [NSLocalizedDescriptionKey: "Failed to export public key: \(errorMessage)"])
+        }
+
+        // Wrap raw PKCS#1 public key in SPKI for standard PEM format
+        let spkiData = ASN1Utils.wrapPublicKeyInSPKI(rawKeyData: publicKeyRawData)
+        let publicKeyPEM = KeyUtils.toPEM(data: spkiData, header: "PUBLIC KEY")
+
+        return RSAKeyPairResult(publicKey: publicKeyPEM, privateKey: privateKeyPEM)
+    }
+
+    // MARK: - Public Key Extraction
+
+    /**
+     * Extract the public key from an RSA private key PEM string.
+     *
+     * Works with both PKCS#1 and PKCS#8 input formats.
+     * The returned public key is always in SPKI PEM format ("BEGIN PUBLIC KEY").
+     */
+    @objc public func getPublicKeyFromPrivate(privateKeyPEM: String) throws -> String {
+        // Load private key (handles both PKCS#1 and PKCS#8 automatically)
+        let privateSecKey = try KeyUtils.loadPrivateKey(pem: privateKeyPEM)
+
+        guard let publicSecKey = SecKeyCopyPublicKey(privateSecKey) else {
+            throw NSError(domain: "RSAKeyGenerator", code: 8,
+                          userInfo: [NSLocalizedDescriptionKey: "Could not extract public key"])
+        }
+
+        var error: Unmanaged<CFError>?
+        guard let publicKeyRawData = SecKeyCopyExternalRepresentation(publicSecKey, &error) as Data? else {
+            let errorMessage = error?.takeRetainedValue().localizedDescription ?? "Unknown error"
+            throw NSError(domain: "RSAKeyGenerator", code: 9,
+                          userInfo: [NSLocalizedDescriptionKey: "Failed to export public key: \(errorMessage)"])
+        }
+
+        let spkiData = ASN1Utils.wrapPublicKeyInSPKI(rawKeyData: publicKeyRawData)
+        return KeyUtils.toPEM(data: spkiData, header: "PUBLIC KEY")
+    }
+
+    // MARK: - Key Format Conversion
+
+    /**
+     * Convert a private key PEM between PKCS#1 and PKCS#8 formats.
+     *
+     * - Parameters:
+     *   - pem:          The private key in PEM format
+     *   - targetFormat: "pkcs1" or "pkcs8"
+     * - Throws: If the PEM format is unrecognized or base64 decoding fails
+     * - Returns: The private key re-encoded in the target format
+     */
+    @objc public func convertPrivateKey(pem: String, targetFormat: String) throws -> String {
+        if pem.contains("BEGIN RSA PRIVATE KEY") && targetFormat == "pkcs8" {
+            // PKCS#1 → PKCS#8: wrap the raw bytes in a PKCS#8 structure
+            let base64 = KeyUtils.extractBase64(from: pem)
+            guard let derData = Data(base64Encoded: base64) else {
+                throw NSError(domain: "RSAKeyGenerator", code: 10,
+                              userInfo: [NSLocalizedDescriptionKey: "Invalid base64 encoding"])
+            }
+            let pkcs8Data = ASN1Utils.wrapPkcs1InPkcs8(pkcs1Data: derData)
+            return KeyUtils.toPEM(data: pkcs8Data, header: "PRIVATE KEY")
+        } else if pem.contains("BEGIN PRIVATE KEY") && targetFormat == "pkcs1" {
+            // PKCS#8 → PKCS#1: extract the inner PKCS#1 bytes
+            let base64 = KeyUtils.extractBase64(from: pem)
+            guard let derData = Data(base64Encoded: base64) else {
+                throw NSError(domain: "RSAKeyGenerator", code: 11,
+                              userInfo: [NSLocalizedDescriptionKey: "Invalid base64 encoding"])
+            }
+            let pkcs1Data = ASN1Utils.extractPkcs1FromPkcs8(pkcs8Data: derData)
+            return KeyUtils.toPEM(data: pkcs1Data, header: "RSA PRIVATE KEY")
+        } else if (pem.contains("BEGIN RSA PRIVATE KEY") && targetFormat == "pkcs1") ||
+                  (pem.contains("BEGIN PRIVATE KEY") && targetFormat == "pkcs8") {
+            // Already in the target format — return unchanged
+            return pem
+        } else {
+            throw NSError(domain: "RSAKeyGenerator", code: 12,
+                          userInfo: [NSLocalizedDescriptionKey: "Unrecognized PEM format or unsupported target format"])
+        }
+    }
+}

package/ios/RSASigner.swift

@@ -0,0 +1,101 @@
+import Foundation
+import Security
+
+/**
+ * RSA signing and verification operations for iOS.
+ *
+ * Uses the Security framework's `SecKeyCreateSignature` / `SecKeyVerifySignature`.
+ * All data crosses the bridge as base64 strings to avoid binary encoding issues.
+ *
+ * Supported padding modes:
+ *   - "pss"   — PSS (Probabilistic Signature Scheme) with configurable hash
+ *   - "pkcs1" — PKCS#1 v1.5 deterministic signatures
+ *
+ * The "Message" algorithm variants are used (e.g. `rsaSignatureMessagePSSSHA256`),
+ * meaning the Security framework hashes the input internally — callers pass the raw message.
+ *
+ * Exposed to Objective-C via `@objc` for the React Native bridge.
+ */
+@objc public class RSASigner: NSObject {
+
+    /**
+     * Sign data with an RSA private key.
+     *
+     * - Parameters:
+     *   - dataBase64:    The data to sign, encoded as base64
+     *   - privateKeyPEM: The private key in PEM format (PKCS#1 or PKCS#8)
+     *   - padding:       "pss" or "pkcs1"
+     *   - hash:          "sha256", "sha1", "sha384", or "sha512"
+     * - Throws: If the input is invalid, key loading fails, or signing fails
+     * - Returns: The signature encoded as base64
+     */
+    @objc public static func sign(dataBase64: String, privateKeyPEM: String, padding: String, hash: String) throws -> String {
+        guard let data = Data(base64Encoded: dataBase64) else {
+            throw NSError(domain: "RSASigner", code: 1,
+                          userInfo: [NSLocalizedDescriptionKey: "Invalid base64 input data"])
+        }
+
+        let privateKey = try KeyUtils.loadPrivateKey(pem: privateKeyPEM)
+        let algorithm = try Algorithms.signatureAlgorithm(padding: padding, hash: hash)
+
+        var error: Unmanaged<CFError>?
+        guard let signatureData = SecKeyCreateSignature(privateKey, algorithm, data as CFData, &error) as Data? else {
+            let errorMessage = error?.takeRetainedValue().localizedDescription ?? "Unknown error"
+            throw NSError(domain: "RSASigner", code: 2,
+                          userInfo: [NSLocalizedDescriptionKey: "Signing failed: \(errorMessage)"])
+        }
+
+        return signatureData.base64EncodedString()
+    }
+
+    /**
+     * Verify a signature against data using an RSA public key.
+     *
+     * - Parameters:
+     *   - dataBase64:      The original data that was signed, encoded as base64
+     *   - signatureBase64: The signature to verify, encoded as base64
+     *   - publicKeyPEM:    The public key in SPKI PEM format ("BEGIN PUBLIC KEY")
+     *   - padding:         "pss" or "pkcs1" — must match the padding used during signing
+     *   - hash:            "sha256", "sha1", "sha384", or "sha512" — must match signing hash
+     * - Throws: If the input is invalid or key loading fails
+     * - Returns: true if the signature is valid, false otherwise
+     *
+     * Note on Swift→Obj-C bridging: A `throws -> Bool` method maps to Obj-C as
+     * `(BOOL)...error:(NSError **)`. When the method returns `false` normally
+     * (invalid signature), `*error` is nil. When it throws (actual error), `*error`
+     * is set. The bridge checks `error != nil` to distinguish these cases.
+     */
+    @objc public static func verify(dataBase64: String, signatureBase64: String, publicKeyPEM: String, padding: String, hash: String) throws -> Bool {
+        guard let data = Data(base64Encoded: dataBase64) else {
+            throw NSError(domain: "RSASigner", code: 3,
+                          userInfo: [NSLocalizedDescriptionKey: "Invalid base64 input data"])
+        }
+        guard let signatureData = Data(base64Encoded: signatureBase64) else {
+            throw NSError(domain: "RSASigner", code: 4,
+                          userInfo: [NSLocalizedDescriptionKey: "Invalid base64 signature"])
+        }
+
+        let publicKey = try KeyUtils.loadPublicKey(pem: publicKeyPEM)
+        let algorithm = try Algorithms.signatureAlgorithm(padding: padding, hash: hash)
+
+        // SecKeyVerifySignature returns true for valid signatures, false otherwise.
+        // IMPORTANT: On iOS, it also sets *error for invalid signatures (errSecVerifyFailed = -67808).
+        // We must distinguish between "invalid signature" (return false) and "actual error"
+        // (bad key type, unsupported algorithm, etc.) by checking the error code.
+        var error: Unmanaged<CFError>?
+        let result = SecKeyVerifySignature(publicKey, algorithm, data as CFData, signatureData as CFData, &error)
+
+        if !result, let cfError = error?.takeRetainedValue() {
+            let nsError = cfError as Error as NSError
+            // errSecVerifyFailed (-67808) means "signature doesn't match" — not an actual error.
+            // Return false for this case; only throw for unexpected failures.
+            if nsError.domain == NSOSStatusErrorDomain && nsError.code == Int(errSecVerifyFailed) {
+                return false
+            }
+            throw NSError(domain: "RSASigner", code: 5,
+                          userInfo: [NSLocalizedDescriptionKey: "Verification error: \(cfError.localizedDescription)"])
+        }
+
+        return result
+    }
+}

package/ios/Rsa.h

@@ -0,0 +1,61 @@
+#ifdef __cplusplus
+#import <RsaSpec/RsaSpec.h>
+#endif
+
+@interface Rsa : NSObject
+#ifdef __cplusplus
+<NativeRsaSpec>
+#endif
+
+// --- Key Generation ---
+
+- (void)generateKeyPair:(double)keySize
+                 format:(NSString *)format
+                resolve:(RCTPromiseResolveBlock)resolve
+                 reject:(RCTPromiseRejectBlock)reject;
+
+- (void)getPublicKeyFromPrivate:(NSString *)privateKeyPEM
+                        resolve:(RCTPromiseResolveBlock)resolve
+                         reject:(RCTPromiseRejectBlock)reject;
+
+// --- Encrypt / Decrypt ---
+
+- (void)encrypt:(NSString *)dataBase64
+   publicKeyPEM:(NSString *)publicKeyPEM
+        padding:(NSString *)padding
+           hash:(NSString *)hash
+        resolve:(RCTPromiseResolveBlock)resolve
+         reject:(RCTPromiseRejectBlock)reject;
+
+- (void)decrypt:(NSString *)dataBase64
+  privateKeyPEM:(NSString *)privateKeyPEM
+        padding:(NSString *)padding
+           hash:(NSString *)hash
+        resolve:(RCTPromiseResolveBlock)resolve
+         reject:(RCTPromiseRejectBlock)reject;
+
+// --- Sign / Verify ---
+
+- (void)sign:(NSString *)dataBase64
+privateKeyPEM:(NSString *)privateKeyPEM
+      padding:(NSString *)padding
+         hash:(NSString *)hash
+      resolve:(RCTPromiseResolveBlock)resolve
+       reject:(RCTPromiseRejectBlock)reject;
+
+- (void)verify:(NSString *)dataBase64
+signatureBase64:(NSString *)signatureBase64
+  publicKeyPEM:(NSString *)publicKeyPEM
+       padding:(NSString *)padding
+          hash:(NSString *)hash
+       resolve:(RCTPromiseResolveBlock)resolve
+        reject:(RCTPromiseRejectBlock)reject;
+
+// --- Key Format Conversion ---
+
+- (void)convertPrivateKey:(NSString *)pem
+             targetFormat:(NSString *)targetFormat
+                  resolve:(RCTPromiseResolveBlock)resolve
+                   reject:(RCTPromiseRejectBlock)reject;
+
+@end

package/ios/Rsa.mm

@@ -0,0 +1,216 @@
+#import "Rsa.h"
+
+// Import the auto-generated Swift bridging header
+#if __has_include("react_native_rsa_turbo/react_native_rsa_turbo-Swift.h")
+#import "react_native_rsa_turbo/react_native_rsa_turbo-Swift.h"
+#elif __has_include("react-native-rsa-turbo/react_native_rsa_turbo-Swift.h")
+#import "react-native-rsa-turbo/react_native_rsa_turbo-Swift.h"
+#elif __has_include("Rsa-Swift.h")
+#import "Rsa-Swift.h"
+#else
+// Fallback: forward declare Swift classes used by this file
+@class RSAKeyGenerator;
+@class RSACipher;
+@class RSASigner;
+#endif
+
+/**
+ * Objective-C++ bridge between React Native TurboModule and Swift implementations.
+ *
+ * Each method dispatches to a background queue (QOS_CLASS_USER_INITIATED)
+ * and calls the corresponding Swift class method, then resolves/rejects
+ * the JS promise based on the result.
+ *
+ * Dispatches to:
+ *   - RSAKeyGenerator: key generation, public key extraction, format conversion
+ *   - RSACipher: encrypt, decrypt
+ *   - RSASigner: sign, verify
+ */
+@implementation Rsa
+
+// MARK: - Key Generation
+
+- (void)generateKeyPair:(double)keySize
+                 format:(NSString *)format
+                resolve:(RCTPromiseResolveBlock)resolve
+                 reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        RSAKeyGenerator *generator = [RSAKeyGenerator shared];
+
+        RSAKeyPairResult *result = [generator generateKeyPairWithKeySize:(int)keySize
+                                                                 format:format
+                                                                  error:&error];
+        if (error != nil) {
+            reject(@"RSAKeyGenerationError", error.localizedDescription, error);
+            return;
+        }
+
+        if (result == nil) {
+            reject(@"RSAKeyGenerationError", @"Unknown error during key generation", nil);
+            return;
+        }
+
+        NSDictionary *map = @{
+            @"publicKey": result.publicKey,
+            @"privateKey": result.privateKey
+        };
+        resolve(map);
+    });
+}
+
+- (void)getPublicKeyFromPrivate:(NSString *)privateKeyPEM
+                        resolve:(RCTPromiseResolveBlock)resolve
+                         reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        RSAKeyGenerator *generator = [RSAKeyGenerator shared];
+
+        NSString *publicKeyPEM = [generator getPublicKeyFromPrivateWithPrivateKeyPEM:privateKeyPEM
+                                                                               error:&error];
+        if (error != nil) {
+            reject(@"RSAKeyExtractionError", error.localizedDescription, error);
+            return;
+        }
+
+        resolve(publicKeyPEM);
+    });
+}
+
+// MARK: - Encrypt / Decrypt
+
+- (void)encrypt:(NSString *)dataBase64
+   publicKeyPEM:(NSString *)publicKeyPEM
+        padding:(NSString *)padding
+           hash:(NSString *)hash
+        resolve:(RCTPromiseResolveBlock)resolve
+         reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        // RSACipher.encrypt is a static Swift method → class method in Obj-C
+        NSString *result = [RSACipher encryptWithDataBase64:dataBase64
+                                              publicKeyPEM:publicKeyPEM
+                                                   padding:padding
+                                                      hash:hash
+                                                     error:&error];
+        if (error != nil) {
+            reject(@"RSAEncryptError", error.localizedDescription, error);
+            return;
+        }
+        resolve(result);
+    });
+}
+
+- (void)decrypt:(NSString *)dataBase64
+  privateKeyPEM:(NSString *)privateKeyPEM
+        padding:(NSString *)padding
+           hash:(NSString *)hash
+        resolve:(RCTPromiseResolveBlock)resolve
+         reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        NSString *result = [RSACipher decryptWithDataBase64:dataBase64
+                                             privateKeyPEM:privateKeyPEM
+                                                   padding:padding
+                                                      hash:hash
+                                                     error:&error];
+        if (error != nil) {
+            reject(@"RSADecryptError", error.localizedDescription, error);
+            return;
+        }
+        resolve(result);
+    });
+}
+
+// MARK: - Sign / Verify
+
+- (void)sign:(NSString *)dataBase64
+privateKeyPEM:(NSString *)privateKeyPEM
+      padding:(NSString *)padding
+         hash:(NSString *)hash
+      resolve:(RCTPromiseResolveBlock)resolve
+       reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        NSString *result = [RSASigner signWithDataBase64:dataBase64
+                                          privateKeyPEM:privateKeyPEM
+                                                padding:padding
+                                                   hash:hash
+                                                  error:&error];
+        if (error != nil) {
+            reject(@"RSASignError", error.localizedDescription, error);
+            return;
+        }
+        resolve(result);
+    });
+}
+
+- (void)verify:(NSString *)dataBase64
+signatureBase64:(NSString *)signatureBase64
+  publicKeyPEM:(NSString *)publicKeyPEM
+       padding:(NSString *)padding
+          hash:(NSString *)hash
+       resolve:(RCTPromiseResolveBlock)resolve
+        reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        // Swift `throws -> Bool` maps to Obj-C `(BOOL)...error:(NSError **)`.
+        // - YES + nil error = signature valid
+        // - NO  + nil error = signature invalid (legitimate false)
+        // - NO  + error set = actual error occurred
+        BOOL result = [RSASigner verifyWithDataBase64:dataBase64
+                                     signatureBase64:signatureBase64
+                                        publicKeyPEM:publicKeyPEM
+                                             padding:padding
+                                                hash:hash
+                                               error:&error];
+        if (error != nil) {
+            reject(@"RSAVerifyError", error.localizedDescription, error);
+            return;
+        }
+        resolve(@(result));
+    });
+}
+
+// MARK: - Key Format Conversion
+
+- (void)convertPrivateKey:(NSString *)pem
+             targetFormat:(NSString *)targetFormat
+                  resolve:(RCTPromiseResolveBlock)resolve
+                   reject:(RCTPromiseRejectBlock)reject
+{
+    dispatch_async(dispatch_get_global_queue(QOS_CLASS_USER_INITIATED, 0), ^{
+        NSError *error = nil;
+        RSAKeyGenerator *generator = [RSAKeyGenerator shared];
+
+        NSString *result = [generator convertPrivateKeyWithPem:pem
+                                                 targetFormat:targetFormat
+                                                        error:&error];
+        if (error != nil) {
+            reject(@"RSAConvertKeyError", error.localizedDescription, error);
+            return;
+        }
+        resolve(result);
+    });
+}
+
+// MARK: - TurboModule Registration
+
+- (std::shared_ptr<facebook::react::TurboModule>)getTurboModule:
+    (const facebook::react::ObjCTurboModule::InitParams &)params
+{
+    return std::make_shared<facebook::react::NativeRsaSpecJSI>(params);
+}
+
++ (NSString *)moduleName
+{
+  return @"Rsa";
+}
+
+@end

package/lib/module/NativeRsa.js

@@ -0,0 +1,16 @@
+"use strict";
+
+import { TurboModuleRegistry } from 'react-native';
+
+/**
+ * Native bridge specification for RSA operations.
+ *
+ * All methods use flat string parameters (no objects/arrays) because
+ * React Native's codegen works best with simple types across the bridge.
+ *
+ * Data is passed as base64 strings to avoid binary encoding issues.
+ * The JS layer (index.ts) handles defaults resolution and UTF-8→base64 encoding.
+ */
+
+export default TurboModuleRegistry.getEnforcing('Rsa');
+//# sourceMappingURL=NativeRsa.js.map

package/lib/module/NativeRsa.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["TurboModuleRegistry","getEnforcing"],"sourceRoot":"../../src","sources":["NativeRsa.ts"],"mappings":";;AAAA,SAASA,mBAAmB,QAA0B,cAAc;;AAEpE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAgDA,eAAeA,mBAAmB,CAACC,YAAY,CAAO,KAAK,CAAC","ignoreList":[]}

package/lib/module/constants.js

@@ -0,0 +1,24 @@
+"use strict";
+
+/**
+ * Default values for all RSA operation options.
+ *
+ * These are applied in `index.ts` when the caller omits an option.
+ * Keeping them in one place ensures consistency across encrypt, decrypt, sign, verify.
+ */
+export const DEFAULTS = {
+  /** Default padding for encrypt/decrypt — OAEP is recommended over PKCS#1 */
+  ENCRYPTION_PADDING: 'oaep',
+  /** Default padding for sign/verify — PSS is recommended over PKCS#1 */
+  SIGNATURE_PADDING: 'pss',
+  /** Default hash algorithm */
+  HASH: 'sha256',
+  /** Default input string encoding — UTF-8 text is the common case */
+  ENCODING: 'utf8',
+  /** Default private key format for key generation */
+  KEY_FORMAT: 'pkcs1'
+};
+
+/** Supported RSA key sizes in bits */
+export const VALID_KEY_SIZES = [1024, 2048, 4096];
+//# sourceMappingURL=constants.js.map

package/lib/module/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["DEFAULTS","ENCRYPTION_PADDING","SIGNATURE_PADDING","HASH","ENCODING","KEY_FORMAT","VALID_KEY_SIZES"],"sourceRoot":"../../src","sources":["constants.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMA,QAAQ,GAAG;EACtB;EACAC,kBAAkB,EAAE,MAAe;EAEnC;EACAC,iBAAiB,EAAE,KAAc;EAEjC;EACAC,IAAI,EAAE,QAAiB;EAEvB;EACAC,QAAQ,EAAE,MAAe;EAEzB;EACAC,UAAU,EAAE;AACd,CAAC;;AAED;AACA,OAAO,MAAMC,eAAe,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAU","ignoreList":[]}