@avieldr/react-native-rsa 1.0.0

package/lib/module/keyInfo.js

@@ -0,0 +1,286 @@
+"use strict";
+
+const PEM_HEADERS = {
+  pkcs1Private: '-----BEGIN RSA PRIVATE KEY-----',
+  pkcs1PrivateEnd: '-----END RSA PRIVATE KEY-----',
+  pkcs8Private: '-----BEGIN PRIVATE KEY-----',
+  pkcs8PrivateEnd: '-----END PRIVATE KEY-----',
+  public: '-----BEGIN PUBLIC KEY-----',
+  publicEnd: '-----END PUBLIC KEY-----'
+};
+function parseASN1Length(bytes, offset) {
+  if (offset >= bytes.length) {
+    return {
+      length: null,
+      bytesRead: 0
+    };
+  }
+  const firstByte = bytes[offset];
+  if (firstByte < 128) {
+    return {
+      length: firstByte,
+      bytesRead: 1
+    };
+  }
+  const numLengthBytes = firstByte & 0x7f;
+  if (numLengthBytes === 0 || offset + numLengthBytes >= bytes.length) {
+    return {
+      length: null,
+      bytesRead: 0
+    };
+  }
+  let length = 0;
+  for (let i = 0; i < numLengthBytes; i++) {
+    length = length << 8 | bytes[offset + 1 + i];
+  }
+  return {
+    length,
+    bytesRead: 1 + numLengthBytes
+  };
+}
+function validatePKCS1Structure(derBytes) {
+  const errors = [];
+  let offset = 0;
+  if (derBytes[offset] !== 0x30) {
+    errors.push(`Expected SEQUENCE tag (0x30), got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: seqLength,
+    bytesRead
+  } = parseASN1Length(derBytes, offset);
+  offset += bytesRead;
+  if (seqLength === null) {
+    errors.push('Invalid SEQUENCE length encoding');
+    return errors;
+  }
+  let integerCount = 0;
+  let tempOffset = offset;
+  const endOffset = offset + seqLength;
+  while (tempOffset < endOffset && tempOffset < derBytes.length) {
+    if (derBytes[tempOffset] !== 0x02) {
+      errors.push(`Expected INTEGER tag (0x02) at position ${tempOffset}, got 0x${derBytes[tempOffset]?.toString(16)}`);
+      break;
+    }
+    tempOffset++;
+    const {
+      length: intLength,
+      bytesRead: intBytesRead
+    } = parseASN1Length(derBytes, tempOffset);
+    if (intLength === null) {
+      errors.push('Invalid INTEGER length encoding');
+      break;
+    }
+    tempOffset += intBytesRead + intLength;
+    integerCount++;
+  }
+  if (integerCount !== 9) {
+    errors.push(`Expected 9 INTEGER fields for PKCS#1, found ${integerCount}`);
+  }
+  return errors;
+}
+function validatePKCS8Structure(derBytes) {
+  const errors = [];
+  let offset = 0;
+
+  // Outer SEQUENCE
+  if (derBytes[offset] !== 0x30) {
+    errors.push(`Expected SEQUENCE tag (0x30), got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: seqLength,
+    bytesRead
+  } = parseASN1Length(derBytes, offset);
+  offset += bytesRead;
+  if (seqLength === null) {
+    errors.push('Invalid SEQUENCE length encoding');
+    return errors;
+  }
+  const endOffset = offset + seqLength;
+
+  // version INTEGER (should be 0)
+  if (offset >= endOffset || derBytes[offset] !== 0x02) {
+    errors.push(`Expected INTEGER tag (0x02) for version, got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: verLen,
+    bytesRead: verBytesRead
+  } = parseASN1Length(derBytes, offset);
+  if (verLen === null) {
+    errors.push('Invalid version INTEGER length');
+    return errors;
+  }
+  offset += verBytesRead + verLen;
+
+  // AlgorithmIdentifier SEQUENCE
+  if (offset >= endOffset || derBytes[offset] !== 0x30) {
+    errors.push(`Expected SEQUENCE tag (0x30) for AlgorithmIdentifier, got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: algLen,
+    bytesRead: algBytesRead
+  } = parseASN1Length(derBytes, offset);
+  if (algLen === null) {
+    errors.push('Invalid AlgorithmIdentifier length');
+    return errors;
+  }
+  offset += algBytesRead + algLen;
+
+  // privateKey OCTET STRING
+  if (offset >= endOffset || derBytes[offset] !== 0x04) {
+    errors.push(`Expected OCTET STRING tag (0x04) for privateKey, got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  return errors;
+}
+function validateSPKIStructure(derBytes) {
+  const errors = [];
+  let offset = 0;
+
+  // Outer SEQUENCE
+  if (derBytes[offset] !== 0x30) {
+    errors.push(`Expected SEQUENCE tag (0x30), got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: seqLength,
+    bytesRead
+  } = parseASN1Length(derBytes, offset);
+  offset += bytesRead;
+  if (seqLength === null) {
+    errors.push('Invalid SEQUENCE length encoding');
+    return errors;
+  }
+  const endOffset = offset + seqLength;
+
+  // AlgorithmIdentifier SEQUENCE
+  if (offset >= endOffset || derBytes[offset] !== 0x30) {
+    errors.push(`Expected SEQUENCE tag (0x30) for AlgorithmIdentifier, got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  offset++;
+  const {
+    length: algLen,
+    bytesRead: algBytesRead
+  } = parseASN1Length(derBytes, offset);
+  if (algLen === null) {
+    errors.push('Invalid AlgorithmIdentifier length');
+    return errors;
+  }
+  offset += algBytesRead + algLen;
+
+  // subjectPublicKey BIT STRING
+  if (offset >= endOffset || derBytes[offset] !== 0x03) {
+    errors.push(`Expected BIT STRING tag (0x03) for subjectPublicKey, got 0x${derBytes[offset]?.toString(16)}`);
+    return errors;
+  }
+  return errors;
+}
+
+// Minimal base64 decoder (no external deps)
+const BASE64_CHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+function base64Decode(input) {
+  const cleaned = input.replace(/[^A-Za-z0-9+/=]/g, '');
+  const len = cleaned.length;
+  const byteLen = len * 3 / 4 - (cleaned.endsWith('==') ? 2 : cleaned.endsWith('=') ? 1 : 0);
+  const bytes = new Uint8Array(byteLen);
+  let p = 0;
+  for (let i = 0; i < len; i += 4) {
+    const a = BASE64_CHARS.indexOf(cleaned[i]);
+    const b = BASE64_CHARS.indexOf(cleaned[i + 1]);
+    const c = cleaned[i + 2] === '=' ? 0 : BASE64_CHARS.indexOf(cleaned[i + 2]);
+    const d = cleaned[i + 3] === '=' ? 0 : BASE64_CHARS.indexOf(cleaned[i + 3]);
+    const bits = a << 18 | b << 12 | c << 6 | d;
+    if (p < byteLen) bytes[p++] = bits >> 16 & 0xff;
+    if (p < byteLen) bytes[p++] = bits >> 8 & 0xff;
+    if (p < byteLen) bytes[p++] = bits & 0xff;
+  }
+  return bytes;
+}
+
+/**
+ * Analyze an RSA key PEM string and return metadata about it.
+ * Runs entirely in JS — no native bridge call needed.
+ */
+export function getKeyInfo(keyString) {
+  const errors = [];
+  let format = 'unknown';
+  let keyType = 'unknown';
+  let base64Content = '';
+  let base64Lines = [];
+  if (keyString.includes(PEM_HEADERS.pkcs1Private) && keyString.includes(PEM_HEADERS.pkcs1PrivateEnd)) {
+    format = 'pkcs1';
+    keyType = 'private';
+    const start = keyString.indexOf(PEM_HEADERS.pkcs1Private) + PEM_HEADERS.pkcs1Private.length;
+    const end = keyString.indexOf(PEM_HEADERS.pkcs1PrivateEnd);
+    const raw = keyString.substring(start, end).trim();
+    base64Lines = raw.split('\n').map(l => l.trim()).filter(l => l.length > 0);
+    base64Content = raw.replace(/\s/g, '');
+  } else if (keyString.includes(PEM_HEADERS.pkcs8Private) && keyString.includes(PEM_HEADERS.pkcs8PrivateEnd)) {
+    format = 'pkcs8';
+    keyType = 'private';
+    const start = keyString.indexOf(PEM_HEADERS.pkcs8Private) + PEM_HEADERS.pkcs8Private.length;
+    const end = keyString.indexOf(PEM_HEADERS.pkcs8PrivateEnd);
+    const raw = keyString.substring(start, end).trim();
+    base64Lines = raw.split('\n').map(l => l.trim()).filter(l => l.length > 0);
+    base64Content = raw.replace(/\s/g, '');
+  } else if (keyString.includes(PEM_HEADERS.public) && keyString.includes(PEM_HEADERS.publicEnd)) {
+    format = 'public';
+    keyType = 'public';
+    const start = keyString.indexOf(PEM_HEADERS.public) + PEM_HEADERS.public.length;
+    const end = keyString.indexOf(PEM_HEADERS.publicEnd);
+    const raw = keyString.substring(start, end).trim();
+    base64Lines = raw.split('\n').map(l => l.trim()).filter(l => l.length > 0);
+    base64Content = raw.replace(/\s/g, '');
+  } else {
+    errors.push('Missing or invalid PEM headers');
+  }
+
+  // Validate line formatting (PEM standard: 64 chars per line)
+  if (base64Lines.length > 0) {
+    for (let i = 0; i < base64Lines.length - 1; i++) {
+      if (base64Lines[i].length !== 64) {
+        errors.push(`Line ${i + 1} has ${base64Lines[i].length} chars, expected 64`);
+        break;
+      }
+    }
+    const lastLine = base64Lines[base64Lines.length - 1];
+    if (lastLine.length > 64) {
+      errors.push(`Last line has ${lastLine.length} chars, expected <= 64`);
+    }
+  }
+
+  // Decode and validate structure
+  let derBytes = null;
+  if (base64Content.length > 0) {
+    try {
+      derBytes = base64Decode(base64Content);
+    } catch {
+      errors.push('Invalid base64 encoding');
+    }
+  }
+  if (derBytes && format === 'pkcs1') {
+    errors.push(...validatePKCS1Structure(derBytes));
+  } else if (derBytes && format === 'pkcs8') {
+    errors.push(...validatePKCS8Structure(derBytes));
+  } else if (derBytes && format === 'public') {
+    errors.push(...validateSPKIStructure(derBytes));
+  }
+  return {
+    isValid: errors.length === 0,
+    format,
+    keyType,
+    pemLineCount: base64Lines.length,
+    derByteLength: derBytes?.length ?? 0,
+    errors
+  };
+}
+//# sourceMappingURL=keyInfo.js.map

package/lib/module/keyInfo.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["PEM_HEADERS","pkcs1Private","pkcs1PrivateEnd","pkcs8Private","pkcs8PrivateEnd","public","publicEnd","parseASN1Length","bytes","offset","length","bytesRead","firstByte","numLengthBytes","i","validatePKCS1Structure","derBytes","errors","push","toString","seqLength","integerCount","tempOffset","endOffset","intLength","intBytesRead","validatePKCS8Structure","verLen","verBytesRead","algLen","algBytesRead","validateSPKIStructure","BASE64_CHARS","base64Decode","input","cleaned","replace","len","byteLen","endsWith","Uint8Array","p","a","indexOf","b","c","d","bits","getKeyInfo","keyString","format","keyType","base64Content","base64Lines","includes","start","end","raw","substring","trim","split","map","l","filter","lastLine","isValid","pemLineCount","derByteLength"],"sourceRoot":"../../src","sources":["keyInfo.ts"],"mappings":";;AAEA,MAAMA,WAAW,GAAG;EAClBC,YAAY,EAAE,iCAAiC;EAC/CC,eAAe,EAAE,+BAA+B;EAChDC,YAAY,EAAE,6BAA6B;EAC3CC,eAAe,EAAE,2BAA2B;EAC5CC,MAAM,EAAE,4BAA4B;EACpCC,SAAS,EAAE;AACb,CAAC;AAED,SAASC,eAAeA,CACtBC,KAAiB,EACjBC,MAAc,EACgC;EAC9C,IAAIA,MAAM,IAAID,KAAK,CAACE,MAAM,EAAE;IAC1B,OAAO;MAAEA,MAAM,EAAE,IAAI;MAAEC,SAAS,EAAE;IAAE,CAAC;EACvC;EACA,MAAMC,SAAS,GAAGJ,KAAK,CAACC,MAAM,CAAE;EAChC,IAAIG,SAAS,GAAG,GAAG,EAAE;IACnB,OAAO;MAAEF,MAAM,EAAEE,SAAS;MAAED,SAAS,EAAE;IAAE,CAAC;EAC5C;EACA,MAAME,cAAc,GAAGD,SAAS,GAAG,IAAI;EACvC,IAAIC,cAAc,KAAK,CAAC,IAAIJ,MAAM,GAAGI,cAAc,IAAIL,KAAK,CAACE,MAAM,EAAE;IACnE,OAAO;MAAEA,MAAM,EAAE,IAAI;MAAEC,SAAS,EAAE;IAAE,CAAC;EACvC;EACA,IAAID,MAAM,GAAG,CAAC;EACd,KAAK,IAAII,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGD,cAAc,EAAEC,CAAC,EAAE,EAAE;IACvCJ,MAAM,GAAIA,MAAM,IAAI,CAAC,GAAIF,KAAK,CAACC,MAAM,GAAG,CAAC,GAAGK,CAAC,CAAE;EACjD;EACA,OAAO;IAAEJ,MAAM;IAAEC,SAAS,EAAE,CAAC,GAAGE;EAAe,CAAC;AAClD;AAEA,SAASE,sBAAsBA,CAACC,QAAoB,EAAY;EAC9D,MAAMC,MAAgB,GAAG,EAAE;EAC3B,IAAIR,MAAM,GAAG,CAAC;EAEd,IAAIO,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IAC7BQ,MAAM,CAACC,IAAI,CACT,uCAAuCF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EACvE,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EAER,MAAM;IAAEC,MAAM,EAAEU,SAAS;IAAET;EAAU,CAAC,GAAGJ,eAAe,CAACS,QAAQ,EAAEP,MAAM,CAAC;EAC1EA,MAAM,IAAIE,SAAS;EAEnB,IAAIS,SAAS,KAAK,IAAI,EAAE;IACtBH,MAAM,CAACC,IAAI,CAAC,kCAAkC,CAAC;IAC/C,OAAOD,MAAM;EACf;EAEA,IAAII,YAAY,GAAG,CAAC;EACpB,IAAIC,UAAU,GAAGb,MAAM;EACvB,MAAMc,SAAS,GAAGd,MAAM,GAAGW,SAAS;EAEpC,OAAOE,UAAU,GAAGC,SAAS,IAAID,UAAU,GAAGN,QAAQ,CAACN,MAAM,EAAE;IAC7D,IAAIM,QAAQ,CAACM,UAAU,CAAC,KAAK,IAAI,EAAE;MACjCL,MAAM,CAACC,IAAI,CACT,2CAA2CI,UAAU,WAAWN,QAAQ,CAACM,UAAU,CAAC,EAAEH,QAAQ,CAAC,EAAE,CAAC,EACpG,CAAC;MACD;IACF;IACAG,UAAU,EAAE;IACZ,MAAM;MAAEZ,MAAM,EAAEc,SAAS;MAAEb,SAAS,EAAEc;IAAa,CAAC,GAAGlB,eAAe,CACpES,QAAQ,EACRM,UACF,CAAC;IACD,IAAIE,SAAS,KAAK,IAAI,EAAE;MACtBP,MAAM,CAACC,IAAI,CAAC,iCAAiC,CAAC;MAC9C;IACF;IACAI,UAAU,IAAIG,YAAY,GAAGD,SAAS;IACtCH,YAAY,EAAE;EAChB;EAEA,IAAIA,YAAY,KAAK,CAAC,EAAE;IACtBJ,MAAM,CAACC,IAAI,CACT,+CAA+CG,YAAY,EAC7D,CAAC;EACH;EACA,OAAOJ,MAAM;AACf;AAEA,SAASS,sBAAsBA,CAACV,QAAoB,EAAY;EAC9D,MAAMC,MAAgB,GAAG,EAAE;EAC3B,IAAIR,MAAM,GAAG,CAAC;;EAEd;EACA,IAAIO,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IAC7BQ,MAAM,CAACC,IAAI,CACT,uCAAuCF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EACvE,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EACR,MAAM;IAAEC,MAAM,EAAEU,SAAS;IAAET;EAAU,CAAC,GAAGJ,eAAe,CAACS,QAAQ,EAAEP,MAAM,CAAC;EAC1EA,MAAM,IAAIE,SAAS;EACnB,IAAIS,SAAS,KAAK,IAAI,EAAE;IACtBH,MAAM,CAACC,IAAI,CAAC,kCAAkC,CAAC;IAC/C,OAAOD,MAAM;EACf;EAEA,MAAMM,SAAS,GAAGd,MAAM,GAAGW,SAAS;;EAEpC;EACA,IAAIX,MAAM,IAAIc,SAAS,IAAIP,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IACpDQ,MAAM,CAACC,IAAI,CACT,kDAAkDF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EAClF,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EACR,MAAM;IAAEC,MAAM,EAAEiB,MAAM;IAAEhB,SAAS,EAAEiB;EAAa,CAAC,GAAGrB,eAAe,CACjES,QAAQ,EACRP,MACF,CAAC;EACD,IAAIkB,MAAM,KAAK,IAAI,EAAE;IACnBV,MAAM,CAACC,IAAI,CAAC,gCAAgC,CAAC;IAC7C,OAAOD,MAAM;EACf;EACAR,MAAM,IAAImB,YAAY,GAAGD,MAAM;;EAE/B;EACA,IAAIlB,MAAM,IAAIc,SAAS,IAAIP,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IACpDQ,MAAM,CAACC,IAAI,CACT,+DAA+DF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EAC/F,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EACR,MAAM;IAAEC,MAAM,EAAEmB,MAAM;IAAElB,SAAS,EAAEmB;EAAa,CAAC,GAAGvB,eAAe,CACjES,QAAQ,EACRP,MACF,CAAC;EACD,IAAIoB,MAAM,KAAK,IAAI,EAAE;IACnBZ,MAAM,CAACC,IAAI,CAAC,oCAAoC,CAAC;IACjD,OAAOD,MAAM;EACf;EACAR,MAAM,IAAIqB,YAAY,GAAGD,MAAM;;EAE/B;EACA,IAAIpB,MAAM,IAAIc,SAAS,IAAIP,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IACpDQ,MAAM,CAACC,IAAI,CACT,0DAA0DF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EAC1F,CAAC;IACD,OAAOF,MAAM;EACf;EAEA,OAAOA,MAAM;AACf;AAEA,SAASc,qBAAqBA,CAACf,QAAoB,EAAY;EAC7D,MAAMC,MAAgB,GAAG,EAAE;EAC3B,IAAIR,MAAM,GAAG,CAAC;;EAEd;EACA,IAAIO,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IAC7BQ,MAAM,CAACC,IAAI,CACT,uCAAuCF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EACvE,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EACR,MAAM;IAAEC,MAAM,EAAEU,SAAS;IAAET;EAAU,CAAC,GAAGJ,eAAe,CAACS,QAAQ,EAAEP,MAAM,CAAC;EAC1EA,MAAM,IAAIE,SAAS;EACnB,IAAIS,SAAS,KAAK,IAAI,EAAE;IACtBH,MAAM,CAACC,IAAI,CAAC,kCAAkC,CAAC;IAC/C,OAAOD,MAAM;EACf;EAEA,MAAMM,SAAS,GAAGd,MAAM,GAAGW,SAAS;;EAEpC;EACA,IAAIX,MAAM,IAAIc,SAAS,IAAIP,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IACpDQ,MAAM,CAACC,IAAI,CACT,+DAA+DF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EAC/F,CAAC;IACD,OAAOF,MAAM;EACf;EACAR,MAAM,EAAE;EACR,MAAM;IAAEC,MAAM,EAAEmB,MAAM;IAAElB,SAAS,EAAEmB;EAAa,CAAC,GAAGvB,eAAe,CACjES,QAAQ,EACRP,MACF,CAAC;EACD,IAAIoB,MAAM,KAAK,IAAI,EAAE;IACnBZ,MAAM,CAACC,IAAI,CAAC,oCAAoC,CAAC;IACjD,OAAOD,MAAM;EACf;EACAR,MAAM,IAAIqB,YAAY,GAAGD,MAAM;;EAE/B;EACA,IAAIpB,MAAM,IAAIc,SAAS,IAAIP,QAAQ,CAACP,MAAM,CAAC,KAAK,IAAI,EAAE;IACpDQ,MAAM,CAACC,IAAI,CACT,8DAA8DF,QAAQ,CAACP,MAAM,CAAC,EAAEU,QAAQ,CAAC,EAAE,CAAC,EAC9F,CAAC;IACD,OAAOF,MAAM;EACf;EAEA,OAAOA,MAAM;AACf;;AAEA;AACA,MAAMe,YAAY,GAChB,kEAAkE;AAEpE,SAASC,YAAYA,CAACC,KAAa,EAAc;EAC/C,MAAMC,OAAO,GAAGD,KAAK,CAACE,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC;EACrD,MAAMC,GAAG,GAAGF,OAAO,CAACzB,MAAM;EAC1B,MAAM4B,OAAO,GAAID,GAAG,GAAG,CAAC,GAAI,CAAC,IAAIF,OAAO,CAACI,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,GAAGJ,OAAO,CAACI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;EAC5F,MAAM/B,KAAK,GAAG,IAAIgC,UAAU,CAACF,OAAO,CAAC;EACrC,IAAIG,CAAC,GAAG,CAAC;EAET,KAAK,IAAI3B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGuB,GAAG,EAAEvB,CAAC,IAAI,CAAC,EAAE;IAC/B,MAAM4B,CAAC,GAAGV,YAAY,CAACW,OAAO,CAACR,OAAO,CAACrB,CAAC,CAAE,CAAC;IAC3C,MAAM8B,CAAC,GAAGZ,YAAY,CAACW,OAAO,CAACR,OAAO,CAACrB,CAAC,GAAG,CAAC,CAAE,CAAC;IAC/C,MAAM+B,CAAC,GAAGV,OAAO,CAACrB,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAGkB,YAAY,CAACW,OAAO,CAACR,OAAO,CAACrB,CAAC,GAAG,CAAC,CAAE,CAAC;IAC5E,MAAMgC,CAAC,GAAGX,OAAO,CAACrB,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAGkB,YAAY,CAACW,OAAO,CAACR,OAAO,CAACrB,CAAC,GAAG,CAAC,CAAE,CAAC;IAE5E,MAAMiC,IAAI,GAAIL,CAAC,IAAI,EAAE,GAAKE,CAAC,IAAI,EAAG,GAAIC,CAAC,IAAI,CAAE,GAAGC,CAAC;IAEjD,IAAIL,CAAC,GAAGH,OAAO,EAAE9B,KAAK,CAACiC,CAAC,EAAE,CAAC,GAAIM,IAAI,IAAI,EAAE,GAAI,IAAI;IACjD,IAAIN,CAAC,GAAGH,OAAO,EAAE9B,KAAK,CAACiC,CAAC,EAAE,CAAC,GAAIM,IAAI,IAAI,CAAC,GAAI,IAAI;IAChD,IAAIN,CAAC,GAAGH,OAAO,EAAE9B,KAAK,CAACiC,CAAC,EAAE,CAAC,GAAGM,IAAI,GAAG,IAAI;EAC3C;EACA,OAAOvC,KAAK;AACd;;AAEA;AACA;AACA;AACA;AACA,OAAO,SAASwC,UAAUA,CAACC,SAAiB,EAAc;EACxD,MAAMhC,MAAgB,GAAG,EAAE;EAC3B,IAAIiC,MAA4B,GAAG,SAAS;EAC5C,IAAIC,OAA8B,GAAG,SAAS;EAC9C,IAAIC,aAAa,GAAG,EAAE;EACtB,IAAIC,WAAqB,GAAG,EAAE;EAE9B,IACEJ,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACC,YAAY,CAAC,IAC5CgD,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACE,eAAe,CAAC,EAC/C;IACAgD,MAAM,GAAG,OAAO;IAChBC,OAAO,GAAG,SAAS;IACnB,MAAMI,KAAK,GACTN,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACC,YAAY,CAAC,GAC3CD,WAAW,CAACC,YAAY,CAACS,MAAM;IACjC,MAAM8C,GAAG,GAAGP,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACE,eAAe,CAAC;IAC1D,MAAMuD,GAAG,GAAGR,SAAS,CAACS,SAAS,CAACH,KAAK,EAAEC,GAAG,CAAC,CAACG,IAAI,CAAC,CAAC;IAClDN,WAAW,GAAGI,GAAG,CACdG,KAAK,CAAC,IAAI,CAAC,CACXC,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACH,IAAI,CAAC,CAAC,CAAC,CACpBI,MAAM,CAAED,CAAC,IAAKA,CAAC,CAACpD,MAAM,GAAG,CAAC,CAAC;IAC9B0C,aAAa,GAAGK,GAAG,CAACrB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;EACxC,CAAC,MAAM,IACLa,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACG,YAAY,CAAC,IAC5C8C,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACI,eAAe,CAAC,EAC/C;IACA8C,MAAM,GAAG,OAAO;IAChBC,OAAO,GAAG,SAAS;IACnB,MAAMI,KAAK,GACTN,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACG,YAAY,CAAC,GAC3CH,WAAW,CAACG,YAAY,CAACO,MAAM;IACjC,MAAM8C,GAAG,GAAGP,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACI,eAAe,CAAC;IAC1D,MAAMqD,GAAG,GAAGR,SAAS,CAACS,SAAS,CAACH,KAAK,EAAEC,GAAG,CAAC,CAACG,IAAI,CAAC,CAAC;IAClDN,WAAW,GAAGI,GAAG,CACdG,KAAK,CAAC,IAAI,CAAC,CACXC,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACH,IAAI,CAAC,CAAC,CAAC,CACpBI,MAAM,CAAED,CAAC,IAAKA,CAAC,CAACpD,MAAM,GAAG,CAAC,CAAC;IAC9B0C,aAAa,GAAGK,GAAG,CAACrB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;EACxC,CAAC,MAAM,IACLa,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACK,MAAM,CAAC,IACtC4C,SAAS,CAACK,QAAQ,CAACtD,WAAW,CAACM,SAAS,CAAC,EACzC;IACA4C,MAAM,GAAG,QAAQ;IACjBC,OAAO,GAAG,QAAQ;IAClB,MAAMI,KAAK,GACTN,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACK,MAAM,CAAC,GAAGL,WAAW,CAACK,MAAM,CAACK,MAAM;IACnE,MAAM8C,GAAG,GAAGP,SAAS,CAACN,OAAO,CAAC3C,WAAW,CAACM,SAAS,CAAC;IACpD,MAAMmD,GAAG,GAAGR,SAAS,CAACS,SAAS,CAACH,KAAK,EAAEC,GAAG,CAAC,CAACG,IAAI,CAAC,CAAC;IAClDN,WAAW,GAAGI,GAAG,CACdG,KAAK,CAAC,IAAI,CAAC,CACXC,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAACH,IAAI,CAAC,CAAC,CAAC,CACpBI,MAAM,CAAED,CAAC,IAAKA,CAAC,CAACpD,MAAM,GAAG,CAAC,CAAC;IAC9B0C,aAAa,GAAGK,GAAG,CAACrB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;EACxC,CAAC,MAAM;IACLnB,MAAM,CAACC,IAAI,CAAC,gCAAgC,CAAC;EAC/C;;EAEA;EACA,IAAImC,WAAW,CAAC3C,MAAM,GAAG,CAAC,EAAE;IAC1B,KAAK,IAAII,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGuC,WAAW,CAAC3C,MAAM,GAAG,CAAC,EAAEI,CAAC,EAAE,EAAE;MAC/C,IAAIuC,WAAW,CAACvC,CAAC,CAAC,CAAEJ,MAAM,KAAK,EAAE,EAAE;QACjCO,MAAM,CAACC,IAAI,CACT,QAAQJ,CAAC,GAAG,CAAC,QAAQuC,WAAW,CAACvC,CAAC,CAAC,CAAEJ,MAAM,qBAC7C,CAAC;QACD;MACF;IACF;IACA,MAAMsD,QAAQ,GAAGX,WAAW,CAACA,WAAW,CAAC3C,MAAM,GAAG,CAAC,CAAE;IACrD,IAAIsD,QAAQ,CAACtD,MAAM,GAAG,EAAE,EAAE;MACxBO,MAAM,CAACC,IAAI,CAAC,iBAAiB8C,QAAQ,CAACtD,MAAM,wBAAwB,CAAC;IACvE;EACF;;EAEA;EACA,IAAIM,QAA2B,GAAG,IAAI;EACtC,IAAIoC,aAAa,CAAC1C,MAAM,GAAG,CAAC,EAAE;IAC5B,IAAI;MACFM,QAAQ,GAAGiB,YAAY,CAACmB,aAAa,CAAC;IACxC,CAAC,CAAC,MAAM;MACNnC,MAAM,CAACC,IAAI,CAAC,yBAAyB,CAAC;IACxC;EACF;EAEA,IAAIF,QAAQ,IAAIkC,MAAM,KAAK,OAAO,EAAE;IAClCjC,MAAM,CAACC,IAAI,CAAC,GAAGH,sBAAsB,CAACC,QAAQ,CAAC,CAAC;EAClD,CAAC,MAAM,IAAIA,QAAQ,IAAIkC,MAAM,KAAK,OAAO,EAAE;IACzCjC,MAAM,CAACC,IAAI,CAAC,GAAGQ,sBAAsB,CAACV,QAAQ,CAAC,CAAC;EAClD,CAAC,MAAM,IAAIA,QAAQ,IAAIkC,MAAM,KAAK,QAAQ,EAAE;IAC1CjC,MAAM,CAACC,IAAI,CAAC,GAAGa,qBAAqB,CAACf,QAAQ,CAAC,CAAC;EACjD;EAEA,OAAO;IACLiD,OAAO,EAAEhD,MAAM,CAACP,MAAM,KAAK,CAAC;IAC5BwC,MAAM;IACNC,OAAO;IACPe,YAAY,EAAEb,WAAW,CAAC3C,MAAM;IAChCyD,aAAa,EAAEnD,QAAQ,EAAEN,MAAM,IAAI,CAAC;IACpCO;EACF,CAAC;AACH","ignoreList":[]}

package/lib/module/package.json

@@ -0,0 +1 @@
+{"type":"module"}

package/lib/module/types.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=types.js.map

package/lib/module/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sourceRoot":"../../src","sources":["types.ts"],"mappings":"","ignoreList":[]}

package/lib/typescript/package.json

@@ -0,0 +1 @@
+{"type":"module"}

package/lib/typescript/src/NativeRsa.d.ts

@@ -0,0 +1,32 @@
+import { type TurboModule } from 'react-native';
+/**
+ * Native bridge specification for RSA operations.
+ *
+ * All methods use flat string parameters (no objects/arrays) because
+ * React Native's codegen works best with simple types across the bridge.
+ *
+ * Data is passed as base64 strings to avoid binary encoding issues.
+ * The JS layer (index.ts) handles defaults resolution and UTF-8→base64 encoding.
+ */
+export interface Spec extends TurboModule {
+    /** Generate an RSA key pair → { publicKey, privateKey } in PEM format */
+    generateKeyPair(keySize: number, format: string): Promise<{
+        publicKey: string;
+        privateKey: string;
+    }>;
+    /** Extract public key from a private key PEM → public key PEM */
+    getPublicKeyFromPrivate(privateKeyPEM: string): Promise<string>;
+    /** Encrypt base64 data with a public key → base64 ciphertext */
+    encrypt(dataBase64: string, publicKeyPEM: string, padding: string, hash: string): Promise<string>;
+    /** Decrypt base64 ciphertext with a private key → base64 plaintext */
+    decrypt(dataBase64: string, privateKeyPEM: string, padding: string, hash: string): Promise<string>;
+    /** Sign base64 data with a private key → base64 signature */
+    sign(dataBase64: string, privateKeyPEM: string, padding: string, hash: string): Promise<string>;
+    /** Verify a base64 signature against base64 data → boolean */
+    verify(dataBase64: string, signatureBase64: string, publicKeyPEM: string, padding: string, hash: string): Promise<boolean>;
+    /** Convert a private key PEM between PKCS#1 and PKCS#8 formats */
+    convertPrivateKey(pem: string, targetFormat: string): Promise<string>;
+}
+declare const _default: Spec;
+export default _default;
+//# sourceMappingURL=NativeRsa.d.ts.map

package/lib/typescript/src/NativeRsa.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"NativeRsa.d.ts","sourceRoot":"","sources":["../../../src/NativeRsa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,KAAK,WAAW,EAAE,MAAM,cAAc,CAAC;AAErE;;;;;;;;GAQG;AACH,MAAM,WAAW,IAAK,SAAQ,WAAW;IACvC,yEAAyE;IACzE,eAAe,CACb,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAEtD,iEAAiE;IACjE,uBAAuB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEhE,gEAAgE;IAChE,OAAO,CACL,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,sEAAsE;IACtE,OAAO,CACL,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,6DAA6D;IAC7D,IAAI,CACF,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,CAAC;IAEnB,8DAA8D;IAC9D,MAAM,CACJ,UAAU,EAAE,MAAM,EAClB,eAAe,EAAE,MAAM,EACvB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,CAAC,CAAC;IAEpB,kEAAkE;IAClE,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACvE;;AAED,wBAA6D"}

package/lib/typescript/src/constants.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Default values for all RSA operation options.
+ *
+ * These are applied in `index.ts` when the caller omits an option.
+ * Keeping them in one place ensures consistency across encrypt, decrypt, sign, verify.
+ */
+export declare const DEFAULTS: {
+    /** Default padding for encrypt/decrypt — OAEP is recommended over PKCS#1 */
+    ENCRYPTION_PADDING: "oaep";
+    /** Default padding for sign/verify — PSS is recommended over PKCS#1 */
+    SIGNATURE_PADDING: "pss";
+    /** Default hash algorithm */
+    HASH: "sha256";
+    /** Default input string encoding — UTF-8 text is the common case */
+    ENCODING: "utf8";
+    /** Default private key format for key generation */
+    KEY_FORMAT: "pkcs1";
+};
+/** Supported RSA key sizes in bits */
+export declare const VALID_KEY_SIZES: readonly [1024, 2048, 4096];
+//# sourceMappingURL=constants.d.ts.map

package/lib/typescript/src/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../src/constants.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,eAAO,MAAM,QAAQ;IACnB,4EAA4E;;IAG5E,uEAAuE;;IAGvE,6BAA6B;;IAG7B,oEAAoE;;IAGpE,oDAAoD;;CAErD,CAAC;AAEF,sCAAsC;AACtC,eAAO,MAAM,eAAe,6BAA8B,CAAC"}

package/lib/typescript/src/encoding.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Pure-JS UTF-8 ↔ Base64 encoding utilities.
+ *
+ * These work in all React Native JS engines (Hermes, JSC) without
+ * external dependencies. They handle full Unicode including surrogate pairs.
+ *
+ * Used by the public API to convert UTF-8 input strings to base64
+ * before sending them across the native bridge.
+ */
+/**
+ * Encode a UTF-8 string to base64.
+ *
+ * Steps:
+ *   1. Convert the JS string (UTF-16) to UTF-8 byte values
+ *   2. Encode those bytes as base64
+ *
+ * Handles multi-byte characters and surrogate pairs correctly.
+ */
+export declare function utf8ToBase64(str: string): string;
+/**
+ * Decode a base64 string to a UTF-8 string.
+ *
+ * Steps:
+ *   1. Decode base64 → raw byte values
+ *   2. Interpret those bytes as UTF-8 and build a JS string
+ *
+ * Useful for reading decrypted plaintext that was originally UTF-8 text.
+ */
+export declare function base64ToUtf8(base64: string): string;
+//# sourceMappingURL=encoding.d.ts.map

package/lib/typescript/src/encoding.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encoding.d.ts","sourceRoot":"","sources":["../../../src/encoding.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAgDhD;AAED;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAyDnD"}

package/lib/typescript/src/errors.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Error codes thrown by @avieldr/react-native-rsa.
+ *
+ * Validation errors (thrown before native call):
+ *   - INVALID_INPUT: Required parameter is missing or empty
+ *   - INVALID_KEY: Key format is wrong or key type mismatch
+ *   - INVALID_KEY_SIZE: Unsupported key size
+ *   - INVALID_PADDING: Unknown padding mode
+ *   - INVALID_HASH: Unknown hash algorithm
+ *   - INVALID_FORMAT: Unknown key format
+ *   - INVALID_ENCODING: Unknown encoding type
+ *
+ * Native operation errors (thrown by platform crypto):
+ *   - KEY_GENERATION_FAILED: Native key generation failed
+ *   - KEY_EXTRACTION_FAILED: Failed to extract public key from private
+ *   - KEY_CONVERSION_FAILED: Failed to convert key format
+ *   - ENCRYPTION_FAILED: Native encryption operation failed
+ *   - DECRYPTION_FAILED: Native decryption operation failed
+ *   - SIGNING_FAILED: Native signing operation failed
+ *   - VERIFICATION_FAILED: Native signature verification failed
+ */
+export type RsaErrorCode = 'INVALID_INPUT' | 'INVALID_KEY' | 'INVALID_KEY_SIZE' | 'INVALID_PADDING' | 'INVALID_HASH' | 'INVALID_FORMAT' | 'INVALID_ENCODING' | 'KEY_GENERATION_FAILED' | 'KEY_EXTRACTION_FAILED' | 'KEY_CONVERSION_FAILED' | 'ENCRYPTION_FAILED' | 'DECRYPTION_FAILED' | 'SIGNING_FAILED' | 'VERIFICATION_FAILED';
+/**
+ * Error thrown by @avieldr/react-native-rsa for invalid inputs or native failures.
+ * Extends Error with a `code` property for programmatic handling.
+ */
+export declare class RsaError extends Error {
+    readonly code: RsaErrorCode;
+    /** The original error from the native layer, if any */
+    readonly cause?: Error;
+    constructor(code: RsaErrorCode, message: string, cause?: Error);
+}
+/**
+ * Wrap a native error into an RsaError with a normalized code.
+ * If the error is already an RsaError, returns it unchanged.
+ */
+export declare function wrapNativeError(error: unknown, fallbackCode: RsaErrorCode): RsaError;
+export declare function requireString(value: unknown, name: string): asserts value is string;
+export declare function requirePrivateKey(pem: string): void;
+export declare function requirePublicKey(pem: string): void;
+export declare function validateKeySize(keySize: number): void;
+export declare function validateEncryptionPadding(padding: string): void;
+export declare function validateSignaturePadding(padding: string): void;
+export declare function validateHash(hash: string): void;
+export declare function validateKeyFormat(format: string): void;
+export declare function validateEncoding(encoding: string): void;
+//# sourceMappingURL=errors.d.ts.map

package/lib/typescript/src/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../src/errors.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,MAAM,YAAY,GAEpB,eAAe,GACf,aAAa,GACb,kBAAkB,GAClB,iBAAiB,GACjB,cAAc,GACd,gBAAgB,GAChB,kBAAkB,GAElB,uBAAuB,GACvB,uBAAuB,GACvB,uBAAuB,GACvB,mBAAmB,GACnB,mBAAmB,GACnB,gBAAgB,GAChB,qBAAqB,CAAC;AAE1B;;;GAGG;AACH,qBAAa,QAAS,SAAQ,KAAK;IACjC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B,uDAAuD;IACvD,QAAQ,CAAC,KAAK,CAAC,EAAE,KAAK,CAAC;gBAEX,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK;CAM/D;AAgBD;;;GAGG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,YAAY,GAAG,QAAQ,CAcpF;AAID,wBAAgB,aAAa,CAC3B,KAAK,EAAE,OAAO,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,KAAK,IAAI,MAAM,CAIzB;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAmBnD;AAED,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAiBlD;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAOrD;AAID,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAO/D;AAID,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAO9D;AAID,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,CAO/C;AAID,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAOtD;AAID,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAOvD"}

package/lib/typescript/src/index.d.ts

@@ -0,0 +1,122 @@
+import { getKeyInfo } from './keyInfo';
+import type { RSAKeyPair, GenerateKeyPairOptions, KeyFormat, EncryptOptions, DecryptOptions, SignOptions, VerifyOptions } from './types';
+export type { RSAKeyPair, GenerateKeyPairOptions, RSAKeyInfo, KeyFormat, EncryptOptions, DecryptOptions, SignOptions, VerifyOptions, EncryptionPadding, SignaturePadding, HashAlgorithm, InputEncoding, } from './types';
+export { RsaError, type RsaErrorCode } from './errors';
+export { getKeyInfo } from './keyInfo';
+export { utf8ToBase64, base64ToUtf8 } from './encoding';
+/**
+ * Generate an RSA key pair (public + private) using native platform crypto.
+ *
+ * @param keySize RSA key size in bits. Default: 2048. Supported: 1024, 2048, 4096.
+ * @param options Optional configuration (format: 'pkcs1' | 'pkcs8')
+ * @returns Object with publicKey and privateKey in PEM format
+ * @throws {RsaError} INVALID_KEY_SIZE if keySize is not 1024, 2048, or 4096
+ * @throws {RsaError} INVALID_FORMAT if options.format is not 'pkcs1' or 'pkcs8'
+ * @throws {RsaError} KEY_GENERATION_FAILED if native key generation fails
+ */
+declare function generateKeyPair(keySize?: number, options?: GenerateKeyPairOptions): Promise<RSAKeyPair>;
+/**
+ * Extract the public key from an RSA private key PEM string.
+ *
+ * @param privateKeyPEM RSA private key in PEM format (PKCS#1 or PKCS#8)
+ * @returns Public key in PEM format (SPKI/X.509)
+ * @throws {RsaError} INVALID_INPUT if privateKeyPEM is empty
+ * @throws {RsaError} INVALID_KEY if privateKeyPEM is not a valid private key
+ * @throws {RsaError} KEY_EXTRACTION_FAILED if native operation fails
+ */
+declare function getPublicKeyFromPrivate(privateKeyPEM: string): Promise<string>;
+/**
+ * Encrypt plaintext with an RSA public key.
+ *
+ * The input string is UTF-8 encoded to base64 by default before sending to native.
+ * Set `options.encoding = 'base64'` if the input is already base64-encoded binary.
+ *
+ * @param data         The plaintext to encrypt (UTF-8 string or base64, depending on encoding option)
+ * @param publicKeyPEM The public key in SPKI PEM format
+ * @param options      Padding, hash, and encoding options (defaults: oaep, sha256, utf8)
+ * @returns Base64-encoded ciphertext
+ * @throws {RsaError} INVALID_INPUT if data or publicKeyPEM is empty
+ * @throws {RsaError} INVALID_KEY if publicKeyPEM is not a valid public key
+ * @throws {RsaError} INVALID_PADDING if options.padding is invalid
+ * @throws {RsaError} INVALID_HASH if options.hash is invalid
+ * @throws {RsaError} INVALID_ENCODING if options.encoding is invalid
+ * @throws {RsaError} ENCRYPTION_FAILED if native encryption fails
+ */
+declare function encrypt(data: string, publicKeyPEM: string, options?: EncryptOptions): Promise<string>;
+/**
+ * Decrypt ciphertext with an RSA private key.
+ *
+ * Always returns base64-encoded plaintext. If the original data was UTF-8 text,
+ * use `base64ToUtf8()` to decode the result.
+ *
+ * @param encrypted    Base64-encoded ciphertext (from encrypt())
+ * @param privateKeyPEM The private key in PEM format (PKCS#1 or PKCS#8)
+ * @param options      Padding and hash options — must match what was used for encryption
+ * @returns Base64-encoded decrypted plaintext
+ * @throws {RsaError} INVALID_INPUT if encrypted or privateKeyPEM is empty
+ * @throws {RsaError} INVALID_KEY if privateKeyPEM is not a valid private key
+ * @throws {RsaError} INVALID_PADDING if options.padding is invalid
+ * @throws {RsaError} INVALID_HASH if options.hash is invalid
+ * @throws {RsaError} DECRYPTION_FAILED if native decryption fails
+ */
+declare function decrypt(encrypted: string, privateKeyPEM: string, options?: DecryptOptions): Promise<string>;
+/**
+ * Sign data with an RSA private key.
+ *
+ * The input string is UTF-8 encoded to base64 by default before sending to native.
+ * Set `options.encoding = 'base64'` if the input is already base64-encoded binary.
+ *
+ * @param data         The data to sign (UTF-8 string or base64, depending on encoding option)
+ * @param privateKeyPEM The private key in PEM format (PKCS#1 or PKCS#8)
+ * @param options      Padding, hash, and encoding options (defaults: pss, sha256, utf8)
+ * @returns Base64-encoded signature
+ * @throws {RsaError} INVALID_INPUT if data or privateKeyPEM is empty
+ * @throws {RsaError} INVALID_KEY if privateKeyPEM is not a valid private key
+ * @throws {RsaError} INVALID_PADDING if options.padding is invalid
+ * @throws {RsaError} INVALID_HASH if options.hash is invalid
+ * @throws {RsaError} INVALID_ENCODING if options.encoding is invalid
+ * @throws {RsaError} SIGNING_FAILED if native signing fails
+ */
+declare function sign(data: string, privateKeyPEM: string, options?: SignOptions): Promise<string>;
+/**
+ * Verify a signature against data using an RSA public key.
+ *
+ * The input string encoding must match what was used during signing.
+ *
+ * @param data         The original data that was signed
+ * @param signature    Base64-encoded signature (from sign())
+ * @param publicKeyPEM The public key in SPKI PEM format
+ * @param options      Padding, hash, and encoding options — must match signing options
+ * @returns true if the signature is valid, false otherwise
+ * @throws {RsaError} INVALID_INPUT if data, signature, or publicKeyPEM is empty
+ * @throws {RsaError} INVALID_KEY if publicKeyPEM is not a valid public key
+ * @throws {RsaError} INVALID_PADDING if options.padding is invalid
+ * @throws {RsaError} INVALID_HASH if options.hash is invalid
+ * @throws {RsaError} INVALID_ENCODING if options.encoding is invalid
+ * @throws {RsaError} VERIFICATION_FAILED if native verification fails
+ */
+declare function verify(data: string, signature: string, publicKeyPEM: string, options?: VerifyOptions): Promise<boolean>;
+/**
+ * Convert a private key PEM between PKCS#1 and PKCS#8 formats.
+ *
+ * @param pem          The private key in PEM format
+ * @param targetFormat 'pkcs1' or 'pkcs8'
+ * @returns The private key re-encoded in the target format
+ * @throws {RsaError} INVALID_INPUT if pem is empty
+ * @throws {RsaError} INVALID_KEY if pem is not a valid private key
+ * @throws {RsaError} INVALID_FORMAT if targetFormat is invalid
+ * @throws {RsaError} KEY_CONVERSION_FAILED if native conversion fails
+ */
+declare function convertPrivateKey(pem: string, targetFormat: KeyFormat): Promise<string>;
+declare const RSA: {
+    generateKeyPair: typeof generateKeyPair;
+    getPublicKeyFromPrivate: typeof getPublicKeyFromPrivate;
+    getKeyInfo: typeof getKeyInfo;
+    encrypt: typeof encrypt;
+    decrypt: typeof decrypt;
+    sign: typeof sign;
+    verify: typeof verify;
+    convertPrivateKey: typeof convertPrivateKey;
+};
+export default RSA;
+//# sourceMappingURL=index.d.ts.map

package/lib/typescript/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAevC,OAAO,KAAK,EACV,UAAU,EACV,sBAAsB,EACtB,SAAS,EACT,cAAc,EACd,cAAc,EACd,WAAW,EACX,aAAa,EACd,MAAM,SAAS,CAAC;AAGjB,YAAY,EACV,UAAU,EACV,sBAAsB,EACtB,UAAU,EACV,SAAS,EACT,cAAc,EACd,cAAc,EACd,WAAW,EACX,aAAa,EACb,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,aAAa,GACd,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,QAAQ,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAIxD;;;;;;;;;GASG;AACH,iBAAe,eAAe,CAC5B,OAAO,GAAE,MAAa,EACtB,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,UAAU,CAAC,CAUrB;AAED;;;;;;;;GAQG;AACH,iBAAe,uBAAuB,CACpC,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,MAAM,CAAC,CAQjB;AAID;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,OAAO,CACpB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,MAAM,CAAC,CAoBjB;AAED;;;;;;;;;;;;;;;GAeG;AACH,iBAAe,OAAO,CACpB,SAAS,EAAE,MAAM,EACjB,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,MAAM,CAAC,CAejB;AAID;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,IAAI,CACjB,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,WAAW,GACpB,OAAO,CAAC,MAAM,CAAC,CAmBjB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,iBAAe,MAAM,CACnB,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,OAAO,CAAC,CAoBlB;AAID;;;;;;;;;;GAUG;AACH,iBAAe,iBAAiB,CAC9B,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,SAAS,GACtB,OAAO,CAAC,MAAM,CAAC,CASjB;AAID,QAAA,MAAM,GAAG;;;;;;;;;CASR,CAAC;AACF,eAAe,GAAG,CAAC"}

package/lib/typescript/src/keyInfo.d.ts

@@ -0,0 +1,7 @@
+import type { RSAKeyInfo } from './types';
+/**
+ * Analyze an RSA key PEM string and return metadata about it.
+ * Runs entirely in JS — no native bridge call needed.
+ */
+export declare function getKeyInfo(keyString: string): RSAKeyInfo;
+//# sourceMappingURL=keyInfo.d.ts.map

package/lib/typescript/src/keyInfo.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"keyInfo.d.ts","sourceRoot":"","sources":["../../../src/keyInfo.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAqO1C;;;GAGG;AACH,wBAAgB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,CAoGxD"}