react-native-quick-crypto 0.2.0 → 0.3.0

package/cpp/Cipher/MGLPublicCipher.h

@@ -0,0 +1,120 @@
+//
+//  MGLPublicCipher.h
+//  react-native-fast-crypto
+//
+//  Created by Oscar on 17.06.22.
+//
+
+#ifndef MGLPublicCipher_h
+#define MGLPublicCipher_h
+
+#include <jsi/jsi.h>
+#include <openssl/evp.h>
+
+#include <optional>
+#include <vector>
+
+#include "MGLCipherKeys.h"
+#ifdef ANDROID
+#include "JSIUtils/MGLJSIUtils.h"
+#include "JSIUtils/MGLTypedArray.h"
+#else
+#include "MGLJSIUtils.h"
+#include "MGLTypedArray.h"
+#include "logs.h"
+#endif
+
+namespace margelo {
+
+namespace jsi = facebook::jsi;
+
+class MGLPublicCipher {
+ public:
+  typedef int (*EVP_PKEY_cipher_init_t)(EVP_PKEY_CTX* ctx);
+  typedef int (*EVP_PKEY_cipher_t)(EVP_PKEY_CTX* ctx, unsigned char* out,
+                                   size_t* outlen, const unsigned char* in,
+                                   size_t inlen);
+
+  enum Operation { kPublic, kPrivate };
+
+  template <Operation operation, EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init,
+            EVP_PKEY_cipher_t EVP_PKEY_cipher>
+  static std::optional<jsi::Value> Cipher(jsi::Runtime& runtime,
+                                          const ManagedEVPPKey& pkey,
+                                          int padding, const EVP_MD* digest,
+                                          const jsi::Value& oaep_label,
+                                          jsi::ArrayBuffer& data);
+};
+
+template <MGLPublicCipher::Operation operation,
+          MGLPublicCipher::EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init,
+          MGLPublicCipher::EVP_PKEY_cipher_t EVP_PKEY_cipher>
+std::optional<jsi::Value> MGLPublicCipher::Cipher(jsi::Runtime& runtime,
+                                                  const ManagedEVPPKey& pkey,
+                                                  int padding,
+                                                  const EVP_MD* digest,
+                                                  const jsi::Value& oaep_label,
+                                                  jsi::ArrayBuffer& data) {
+  EVPKeyCtxPointer ctx(EVP_PKEY_CTX_new(pkey.get(), nullptr));
+
+  if (!ctx) {
+    return {};
+  }
+
+  if (EVP_PKEY_cipher_init(ctx.get()) <= 0) {
+    return {};
+  }
+
+  if (EVP_PKEY_CTX_set_rsa_padding(ctx.get(), padding) <= 0) {
+    return {};
+  }
+
+  if (digest != nullptr) {
+    if (EVP_PKEY_CTX_set_rsa_oaep_md(ctx.get(), digest) <= 0) {
+      return {};
+    }
+  }
+
+  if (!oaep_label.isUndefined()) {
+    auto oaep_label_buffer =
+        oaep_label.asObject(runtime).getArrayBuffer(runtime);
+    // OpenSSL takes ownership of the label, so we need to create a copy.
+    void* label = OPENSSL_memdup(oaep_label_buffer.data(runtime),
+                                 oaep_label_buffer.size(runtime));
+    if (label == nullptr) {
+      throw new jsi::JSError(runtime, "Error openSSL memdump oaep label");
+    }
+
+    if (0 >= EVP_PKEY_CTX_set0_rsa_oaep_label(
+                 ctx.get(), static_cast<unsigned char*>(label),
+                 static_cast<int>(oaep_label_buffer.size(runtime)))) {
+      OPENSSL_free(label);
+      return {};
+    }
+  }
+
+  // First pass without storing to get the out_len
+  size_t out_len = 0;
+  if (EVP_PKEY_cipher(ctx.get(), nullptr, &out_len, data.data(runtime),
+                      data.size(runtime)) <= 0) {
+    return {};
+  }
+
+  std::vector<unsigned char> out_vec(out_len);
+
+  if (EVP_PKEY_cipher(ctx.get(), out_vec.data(), &out_len, data.data(runtime),
+                      data.size(runtime)) <= 0) {
+    return {};
+  }
+
+  // trim unnecessary data
+  std::vector<unsigned char> helper_vec(out_vec.data(),
+                                        out_vec.data() + out_len);
+  MGLTypedArray<MGLTypedArrayKind::Uint8Array> outBuffer(runtime, out_len);
+  outBuffer.update(runtime, helper_vec);
+
+  return outBuffer;
+}
+}  // namespace margelo
+
+#endif /* MGLPublicCipher_h */

package/cpp/Cipher/MGLPublicCipherInstaller.h

@@ -0,0 +1,113 @@
+//
+//  MGLPrivateDecryptInstaller.h
+//  react-native-quick-crypto
+//
+//  Created by Oscar on 28.06.22.
+//
+
+#ifndef MGLPublicCipherInstaller_h
+#define MGLPublicCipherInstaller_h
+
+#include <jsi/jsi.h>
+#include <openssl/evp.h>
+
+#include <iostream>
+#include <memory>
+#include <optional>
+#include <string>
+#include <utility>
+#include <vector>
+
+#include "MGLCipherKeys.h"
+#include "MGLPublicCipher.h"
+
+#ifdef ANDROID
+#include "JSIUtils/MGLJSIUtils.h"
+#include "JSIUtils/MGLSmartHostObject.h"
+#include "JSIUtils/MGLTypedArray.h"
+#else
+#include "MGLJSIUtils.h"
+#include "MGLSmartHostObject.h"
+#include "MGLTypedArray.h"
+#endif
+
+namespace margelo {
+namespace jsi = facebook::jsi;
+
+// "publicEncrypt", "publicDecrypt", "privateEncrypt", "privateDecrypt" all use
+// the same key extraction logic, only vary in the final openSSL call, so this
+// is a template that accepts and incoming template function, think of it as a
+// weird lambda before real lambdas Because this is a template, the
+// implementation needs to be in this header to prevent linker failure
+template <MGLPublicCipher::Operation operation,
+          MGLPublicCipher::EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init,
+          MGLPublicCipher::EVP_PKEY_cipher_t EVP_PKEY_cipher>
+FieldDefinition getPublicCipherFieldDefinition(
+    std::string name, std::shared_ptr<react::CallInvoker> jsCallInvoker,
+    std::shared_ptr<DispatchQueue::dispatch_queue> workerQueue) {
+  return buildPair(
+      name, JSIF([=]) {
+        // there is a variable amount of parameters passed depending on the
+        // scheme therefore making param validation on this level makes little
+        // sense everything should be done on JS, which makes this a bit unsafe
+        // but it's acceptable
+        unsigned int offset = 0;
+
+        ManagedEVPPKey pkey = ManagedEVPPKey::GetPublicOrPrivateKeyFromJs(
+            runtime, arguments, &offset);
+
+        if (!pkey) {
+          jsi::detail::throwJSError(runtime, "Could not generate key");
+          throw new jsi::JSError(runtime, "Could not generate key");
+        }
+
+        auto buf = arguments[offset].asObject(runtime).getArrayBuffer(runtime);
+        if (!CheckSizeInt32(runtime, buf)) {
+          jsi::detail::throwJSError(runtime, "Data buffer is too long");
+          throw new jsi::JSError(runtime, "Data buffer is too long");
+        }
+
+        uint32_t padding =
+            static_cast<uint32_t>(arguments[offset + 1].getNumber());
+        if (!padding) {
+          jsi::detail::throwJSError(runtime, "Invalid padding");
+          throw new jsi::JSError(runtime, "Invalid padding");
+        }
+
+        const EVP_MD* digest = nullptr;
+        if (arguments[offset + 2].isString()) {
+          auto oaep_str =
+              arguments[offset + 2].getString(runtime).utf8(runtime);
+
+          digest = EVP_get_digestbyname(oaep_str.c_str());
+          if (digest == nullptr) {
+            jsi::detail::throwJSError(runtime, "Invalid digest (oaep_str)");
+            throw new jsi::JSError(runtime, "Invalid digest (oaep_str)");
+          }
+        }
+
+        if (!arguments[offset + 3].isUndefined()) {
+          auto oaep_label_buffer =
+              arguments[offset + 3].getObject(runtime).getArrayBuffer(runtime);
+          if (!CheckSizeInt32(runtime, oaep_label_buffer)) {
+            jsi::detail::throwJSError(runtime, "oaep_label buffer is too long");
+            throw new jsi::JSError(runtime, "oaep_label buffer is too long");
+          }
+        }
+
+        std::optional<jsi::Value> out =
+            MGLPublicCipher::Cipher<operation, EVP_PKEY_cipher_init,
+                                    EVP_PKEY_cipher>(
+                runtime, pkey, padding, digest, arguments[offset + 3], buf);
+
+        if (!out.has_value()) {
+          jsi::detail::throwJSError(runtime, "Failed to decrypt");
+          throw new jsi::JSError(runtime, "Failed to decrypt");
+        }
+
+        return out.value().getObject(runtime);
+      });
+}
+}  // namespace margelo
+
+#endif /* MGLPublicCipherInstaller_h */

package/cpp/Cipher/MGLRsa.cpp

@@ -0,0 +1,188 @@
+//
+//  MGLRsa.cpp
+//  react-native-quick-crypto
+//
+//  Created by Oscar on 22.06.22.
+//
+
+#include "MGLRsa.h"
+
+#include <utility>
+
+namespace margelo {
+
+namespace jsi = facebook::jsi;
+
+EVPKeyCtxPointer setup(std::shared_ptr<RsaKeyPairGenConfig> config) {
+  EVPKeyCtxPointer ctx(EVP_PKEY_CTX_new_id(
+      config->variant == kKeyVariantRSA_PSS ? EVP_PKEY_RSA_PSS : EVP_PKEY_RSA,
+      nullptr));
+
+  if (EVP_PKEY_keygen_init(ctx.get()) <= 0) return EVPKeyCtxPointer();
+
+  if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx.get(), config->modulus_bits) <= 0) {
+    return EVPKeyCtxPointer();
+  }
+
+  // 0x10001 is the default RSA exponent.
+  if (config->exponent != 0x10001) {
+    BignumPointer bn(BN_new());
+    //    CHECK_NOT_NULL(bn.get());
+    BN_set_word(bn.get(), config->exponent);
+    // EVP_CTX accepts ownership of bn on success.
+    if (EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx.get(), bn.get()) <= 0) {
+      return EVPKeyCtxPointer();
+    }
+
+    bn.release();
+  }
+
+  if (config->variant == kKeyVariantRSA_PSS) {
+    if (config->md != nullptr &&
+        EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx.get(), config->md) <= 0) {
+      return EVPKeyCtxPointer();
+    }
+
+    // TODO(tniessen): This appears to only be necessary in OpenSSL 3, while
+    // OpenSSL 1.1.1 behaves as recommended by RFC 8017 and defaults the MGF1
+    // hash algorithm to the RSA-PSS hashAlgorithm. Remove this code if the
+    // behavior of OpenSSL 3 changes.
+    const EVP_MD* mgf1_md = config->mgf1_md;
+    if (mgf1_md == nullptr && config->md != nullptr) {
+      mgf1_md = config->md;
+    }
+
+    if (mgf1_md != nullptr &&
+        EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx.get(), mgf1_md) <= 0) {
+      return EVPKeyCtxPointer();
+    }
+
+    int saltlen = config->saltlen;
+    if (saltlen < 0 && config->md != nullptr) {
+      saltlen = EVP_MD_size(config->md);
+    }
+
+    if (saltlen >= 0 &&
+        EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx.get(), saltlen) <= 0) {
+      return EVPKeyCtxPointer();
+    }
+  }
+
+  return ctx;
+}
+
+RsaKeyPairGenConfig prepareRsaKeyGenConfig(jsi::Runtime& runtime,
+                                           const jsi::Value* arguments) {
+  RsaKeyPairGenConfig config = RsaKeyPairGenConfig();
+
+  // This is a funky one: depending on which encryption scheme you are
+  // using, there is a variable number of arguments that will need to be
+  // parsed, therefore this pointer will be used by the internal functions
+  // as they go reading the arguments based on the selected scheme. I
+  // tried to keep as close to the node implementation to make future
+  // debugging easier
+  unsigned int offset = 0;
+
+  // TODO(osp)
+  //    CHECK(args[*offset]->IsUint32());  // Variant
+  //    CHECK(args[*offset + 1]->IsUint32());  // Modulus bits
+  //    CHECK(args[*offset + 2]->IsUint32());  // Exponent
+  config.variant =
+      static_cast<RSAKeyVariant>((int)arguments[offset].asNumber());
+
+  // TODO(osp)
+  //    CHECK_IMPLIES(params->params.variant != kKeyVariantRSA_PSS,
+  //                  args.Length() == 10);
+  //    CHECK_IMPLIES(params->params.variant == kKeyVariantRSA_PSS,
+  //                  args.Length() == 13);
+  config.modulus_bits =
+      static_cast<unsigned int>(arguments[offset + 1].asNumber());
+  config.exponent = static_cast<unsigned int>(arguments[offset + 2].asNumber());
+
+  offset += 3;
+
+  if (config.variant == kKeyVariantRSA_PSS) {
+    if (!arguments[offset].isUndefined()) {
+      // TODO(osp) CHECK(string)
+      config.md = EVP_get_digestbyname(
+          arguments[offset].asString(runtime).utf8(runtime).c_str());
+
+      if (config.md == nullptr) {
+        jsi::detail::throwJSError(runtime, "invalid digest");
+        throw new jsi::JSError(runtime, "invalid digest");
+      }
+    }
+
+    if (!arguments[offset + 1].isUndefined()) {
+      // TODO(osp) CHECK(string)
+      config.mgf1_md = EVP_get_digestbyname(
+          arguments[offset + 1].asString(runtime).utf8(runtime).c_str());
+
+      if (config.mgf1_md == nullptr) {
+        jsi::detail::throwJSError(runtime, "invalid digest");
+        throw new jsi::JSError(runtime, "invalid digest");
+      }
+    }
+
+    if (!arguments[offset + 2].isUndefined()) {
+      //        CHECK(args[*offset + 2]->IsInt32());
+      config.saltlen = static_cast<int>(arguments[offset + 2].asNumber());
+
+      if (config.saltlen < 0) {
+        jsi::detail::throwJSError(runtime, "salt length is out of range");
+        throw new jsi::JSError(runtime, "salt length is out of range");
+      }
+    }
+
+    offset += 3;
+  }
+
+  config.public_key_encoding = ManagedEVPPKey::GetPublicKeyEncodingFromJs(
+      runtime, arguments, &offset, kKeyContextGenerate);
+
+  auto private_key_encoding = ManagedEVPPKey::GetPrivateKeyEncodingFromJs(
+      runtime, arguments, &offset, kKeyContextGenerate);
+
+  if (!private_key_encoding.IsEmpty()) {
+    config.private_key_encoding = private_key_encoding.Release();
+  }
+
+  return config;
+}
+
+std::pair<StringOrBuffer, StringOrBuffer> generateRSAKeyPair(
+    jsi::Runtime& runtime, std::shared_ptr<RsaKeyPairGenConfig> config) {
+  CheckEntropy();
+
+  EVPKeyCtxPointer ctx = setup(config);
+
+  if (!ctx) {
+    jsi::detail::throwJSError(runtime, "Error on key generation job");
+    throw new jsi::JSError(runtime, "Error on key generation job");
+  }
+
+  // Generate the key
+  EVP_PKEY* pkey = nullptr;
+  if (!EVP_PKEY_keygen(ctx.get(), &pkey)) {
+    jsi::detail::throwJSError(runtime, "Error generating key");
+    throw new jsi::JSError(runtime, "Error generating key");
+  }
+
+  config->key = ManagedEVPPKey(EVPKeyPointer(pkey));
+
+  std::optional<StringOrBuffer> publicBuffer =
+      ManagedEVPPKey::ToEncodedPublicKey(runtime, std::move(config->key),
+                                         config->public_key_encoding);
+  std::optional<StringOrBuffer> privateBuffer =
+      ManagedEVPPKey::ToEncodedPrivateKey(runtime, std::move(config->key),
+                                          config->private_key_encoding);
+
+  if (!publicBuffer.has_value() || !privateBuffer.has_value()) {
+    jsi::detail::throwJSError(runtime,
+                              "Failed to encode public and/or private key");
+  }
+
+  return std::make_pair(publicBuffer.value(), privateBuffer.value());
+}
+
+}  // namespace margelo

package/cpp/Cipher/MGLRsa.h

@@ -0,0 +1,61 @@
+//
+//  MGLRsa.hpp
+//  react-native-quick-crypto
+//
+//  Created by Oscar on 22.06.22.
+//
+
+#ifndef MGLRsa_hpp
+#define MGLRsa_hpp
+
+#include <jsi/jsi.h>
+
+#include <memory>
+#include <optional>
+#include <utility>
+
+#include "MGLCipherKeys.h"
+#include "MGLUtils.h"
+
+namespace margelo {
+
+namespace jsi = facebook::jsi;
+
+enum RSAKeyVariant {
+  kKeyVariantRSA_SSA_PKCS1_v1_5,
+  kKeyVariantRSA_PSS,
+  kKeyVariantRSA_OAEP
+};
+
+// On node there is a complete madness of structs/classes that encapsulate and
+// initialize the data in a generic manner this is to be later be used to
+// generate the keys in a thread-safe manner (I think) I'm however too dumb and
+// after ~4hrs I have given up on trying to replicate/extract the important
+// parts For now I'm storing a single config param, a generic abstractino is
+// necessary for more schemes. this struct is just a very simplified version
+// meant to carry information around
+struct RsaKeyPairGenConfig {
+  PublicKeyEncodingConfig public_key_encoding;
+  PrivateKeyEncodingConfig private_key_encoding;
+  ManagedEVPPKey key;
+
+  RSAKeyVariant variant;
+  unsigned int modulus_bits;
+  unsigned int exponent;
+
+  // The following options are used for RSA-PSS. If any of them are set, a
+  // RSASSA-PSS-params sequence will be added to the key.
+  const EVP_MD* md = nullptr;
+  const EVP_MD* mgf1_md = nullptr;
+  int saltlen = -1;
+};
+
+RsaKeyPairGenConfig prepareRsaKeyGenConfig(jsi::Runtime& runtime,
+                                           const jsi::Value* arguments);
+
+std::pair<StringOrBuffer, StringOrBuffer> generateRSAKeyPair(
+    jsi::Runtime& runtime, std::shared_ptr<RsaKeyPairGenConfig> config);
+
+}  // namespace margelo
+
+#endif /* MGLRsa_hpp */

package/cpp/JSIUtils/MGLJSIUtils.h

@@ -0,0 +1,24 @@
+//
+//  MGLJSIUtils.h
+//  Pods
+//
+//  Created by Oscar on 20.06.22.
+//
+
+#ifndef MGLJSIUtils_h
+#define MGLJSIUtils_h
+
+#include <jsi/jsi.h>
+
+namespace jsi = facebook::jsi;
+
+inline bool CheckIsArrayBuffer(jsi::Runtime &runtime, const jsi::Value &value) {
+  return !value.isNull() && !value.isUndefined() && value.isObject() &&
+         value.asObject(runtime).isArrayBuffer(runtime);
+}
+
+inline bool CheckSizeInt32(jsi::Runtime &runtime, jsi::ArrayBuffer &buffer) {
+  return buffer.size(runtime) <= INT_MAX;
+}
+
+#endif /* MGLJSIUtils_h */

package/cpp/JSIUtils/MGLThreadAwareHostObject.h

@@ -13,7 +13,7 @@
 #ifdef ONANDROID
 #include "Utils/MGLDispatchQueue.h"
 #else
-#include "../Utils/MGLDispatchQueue.h"
+#include "MGLDispatchQueue.h"
 #endif
 
 namespace margelo {

package/cpp/MGLQuickCryptoHostObject.cpp

@@ -5,11 +5,14 @@
 #include <jsi/jsi.h>
 
 #include <memory>
+#include <string>
 #include <vector>
 
 #ifdef ANDROID
 #include "Cipher/MGLCreateCipherInstaller.h"
 #include "Cipher/MGLCreateDecipherInstaller.h"
+#include "Cipher/MGLPublicCipher.h"
+#include "Cipher/MGLPublicCipherInstaller.h"
 #include "HMAC/MGLHmacInstaller.h"
 #include "Hash/MGLHashInstaller.h"
 #include "Random/MGLRandomHostObject.h"
@@ -17,11 +20,14 @@
 #else
 #include "MGLCreateCipherInstaller.h"
 #include "MGLCreateDecipherInstaller.h"
+#include "MGLGenerateKeyPairInstaller.h"
+#include "MGLGenerateKeyPairSyncInstaller.h"
 #include "MGLHashInstaller.h"
 #include "MGLHmacInstaller.h"
 #include "MGLPbkdf2HostObject.h"
+#include "MGLPublicCipher.h"
+#include "MGLPublicCipherInstaller.h"
 #include "MGLRandomHostObject.h"
-
 #endif
 
 namespace margelo {
@@ -38,14 +44,47 @@ MGLQuickCryptoHostObject::MGLQuickCryptoHostObject(
   // HashInstaller
   this->fields.push_back(getHashFieldDefinition(jsCallInvoker, workerQueue));
 
-  // CreateCipherInstaller
+  // createCipher
   this->fields.push_back(
       getCreateCipherFieldDefinition(jsCallInvoker, workerQueue));
 
-  // CreateDecipherInstaller
+  // createDecipher
   this->fields.push_back(
       getCreateDecipherFieldDefinition(jsCallInvoker, workerQueue));
 
+  // publicEncrypt
+  this->fields.push_back(
+      getPublicCipherFieldDefinition<MGLPublicCipher::kPublic,
+                                     EVP_PKEY_encrypt_init, EVP_PKEY_encrypt>(
+          "publicEncrypt", jsCallInvoker, workerQueue));
+
+  // privateDecrypt
+  this->fields.push_back(
+      getPublicCipherFieldDefinition<MGLPublicCipher::kPrivate,
+                                     EVP_PKEY_decrypt_init, EVP_PKEY_decrypt>(
+          "privateDecrypt", jsCallInvoker, workerQueue));
+
+  // privateEncrypt
+  this->fields.push_back(
+      getPublicCipherFieldDefinition<MGLPublicCipher::kPrivate,
+                                     EVP_PKEY_sign_init, EVP_PKEY_sign>(
+          "privateEncrypt", jsCallInvoker, workerQueue));
+
+  // publicDecrypt
+  this->fields.push_back(
+      getPublicCipherFieldDefinition<MGLPublicCipher::kPublic,
+                                     EVP_PKEY_verify_recover_init,
+                                     EVP_PKEY_verify_recover>(
+          "publicDecrypt", jsCallInvoker, workerQueue));
+
+  // generateKeyPair
+  this->fields.push_back(
+      getGenerateKeyPairFieldDefinition(jsCallInvoker, workerQueue));
+
+  // generateKeyPairSync
+  this->fields.push_back(
+      getGenerateKeyPairSyncFieldDefinition(jsCallInvoker, workerQueue));
+
   // Pbkdf2HostObject
   this->fields.push_back(JSI_VALUE("pbkdf2", {
     auto hostObject =