react-native-quick-crypto 0.7.0-rc.8 → 0.7.0

package/src/Cipher.ts

@@ -14,7 +14,7 @@ import {
   validateInt32,
   type BinaryLikeNode,
 } from './Utils';
-import { type InternalCipher, RSAKeyVariant } from './NativeQuickCrypto/Cipher';
+import { type InternalCipher, KeyVariant } from './NativeQuickCrypto/Cipher';
 import type {
   CipherCCMOptions,
   CipherCCMTypes,
@@ -34,11 +34,21 @@ import { Buffer } from '@craftzdog/react-native-buffer';
 import { Buffer as SBuffer } from 'safe-buffer';
 import { constants } from './constants';
 import {
+  CryptoKey,
   parsePrivateKeyEncoding,
   parsePublicKeyEncoding,
   preparePrivateKey,
   preparePublicOrPrivateKey,
+  type CryptoKeyPair,
+  type KeyPairType,
+  type NamedCurve,
 } from './keys';
+import type { KeyObjectHandle } from './NativeQuickCrypto/webcrypto';
+
+export enum ECCurve {
+  OPENSSL_EC_EXPLICIT_CURVE,
+  OPENSSL_EC_NAMED_CURVE,
+}
 
 // make sure that nextTick is there
 global.process.nextTick = setImmediate;
@@ -428,8 +438,8 @@ export const privateDecrypt = rsaFunctionFor(
 //   \__, |\___|_| |_|\___|_|  \__,_|\__\___|_|\_\___|\__, |_|   \__,_|_|_|
 //    __/ |                                            __/ |
 //   |___/                                            |___/
-type GenerateKeyPairOptions = {
-  modulusLength: number; // Key size in bits (RSA, DSA).
+export type GenerateKeyPairOptions = {
+  modulusLength?: number; // Key size in bits (RSA, DSA).
   publicExponent?: number; // Public exponent (RSA). Default: 0x10001.
   hashAlgorithm?: string; // Name of the message digest (RSA-PSS).
   mgf1HashAlgorithm?: string; // string Name of the message digest used by MGF1 (RSA-PSS).
@@ -446,11 +456,27 @@ type GenerateKeyPairOptions = {
   hash?: any;
   mgf1Hash?: any;
 };
-type GenerateKeyPairCallback = (
-  error: unknown | null,
-  publicKey?: Buffer,
-  privateKey?: Buffer
-) => void;
+
+export type KeyPairKey = Buffer | KeyObjectHandle | CryptoKey | undefined;
+
+export type GenerateKeyPairReturn = [
+  error?: Error,
+  privateKey?: KeyPairKey,
+  publicKey?: KeyPairKey,
+];
+
+export type GenerateKeyPairCallback = (
+  error?: Error,
+  publicKey?: KeyPairKey,
+  privateKey?: KeyPairKey
+) => GenerateKeyPairReturn | void;
+
+export type KeyPair = {
+  publicKey?: KeyPairKey;
+  privateKey?: KeyPairKey;
+};
+
+export type GenerateKeyPairPromiseReturn = [error?: Error, keypair?: KeyPair];
 
 function parseKeyEncoding(
   keyType: string,
@@ -505,14 +531,15 @@ function parseKeyEncoding(
   ];
 }
 
+/** On node a very complex "job" chain is created, we are going for a far simpler approach and calling
+ *  an internal function that basically executes the same byte shuffling on the native side
+ */
 function internalGenerateKeyPair(
   isAsync: boolean,
-  type: string,
+  type: KeyPairType,
   options: GenerateKeyPairOptions | undefined,
-  callback: GenerateKeyPairCallback | undefined
-) {
-  // On node a very complex "job" chain is created, we are going for a far simpler approach and calling
-  // an internal function that basically executes the same byte shuffling on the native side
+  callback?: GenerateKeyPairCallback
+): GenerateKeyPairReturn | void {
   const encoding = parseKeyEncoding(type, options);
 
   // if (options !== undefined)
@@ -520,11 +547,11 @@ function internalGenerateKeyPair(
 
   switch (type) {
     case 'rsa-pss':
-    case 'rsa': {
+    // fallthrough
+    case 'rsa':
       validateObject<GenerateKeyPairOptions>(options, 'options');
       const { modulusLength } = options!;
-      validateUint32(modulusLength, 'options.modulusLength');
-
+      validateUint32(modulusLength as number, 'options.modulusLength');
       let { publicExponent } = options!;
       if (publicExponent == null) {
         publicExponent = 0x10001;
@@ -535,37 +562,36 @@ function internalGenerateKeyPair(
       if (type === 'rsa') {
         if (isAsync) {
           NativeQuickCrypto.generateKeyPair(
-            RSAKeyVariant.kKeyVariantRSA_SSA_PKCS1_v1_5,
-            modulusLength,
+            KeyVariant.RSA_SSA_PKCS1_v1_5,
+            modulusLength as number,
             publicExponent,
             ...encoding
           )
             .then(([err, publicKey, privateKey]) => {
-              if (typeof publicKey === 'object') {
+              if (publicKey instanceof Buffer) {
                 publicKey = Buffer.from(publicKey);
               }
-              if (typeof privateKey === 'object') {
+              if (privateKey instanceof Buffer) {
                 privateKey = Buffer.from(privateKey);
               }
-              callback?.(err, publicKey, privateKey);
+              callback!(err, publicKey, privateKey);
             })
             .catch((err) => {
-              callback?.(err, undefined, undefined);
+              callback!(err, undefined, undefined);
             });
-          return;
         } else {
           let [err, publicKey, privateKey] =
             NativeQuickCrypto.generateKeyPairSync(
-              RSAKeyVariant.kKeyVariantRSA_SSA_PKCS1_v1_5,
-              modulusLength,
+              KeyVariant.RSA_SSA_PKCS1_v1_5,
+              modulusLength as number,
               publicExponent,
               ...encoding
             );
 
-          if (typeof publicKey === 'object') {
+          if (publicKey instanceof Buffer) {
             publicKey = Buffer.from(publicKey);
           }
-          if (typeof privateKey === 'object') {
+          if (privateKey instanceof Buffer) {
             privateKey = Buffer.from(privateKey);
           }
 
@@ -609,15 +635,15 @@ function internalGenerateKeyPair(
       }
 
       return NativeQuickCrypto.generateKeyPairSync(
-        RSAKeyVariant.kKeyVariantRSA_PSS,
-        modulusLength,
+        KeyVariant.RSA_PSS,
+        modulusLength as number,
         publicExponent,
         hashAlgorithm || hash,
         mgf1HashAlgorithm || mgf1Hash,
         saltLength,
         ...encoding
       );
-    }
+
     // case 'dsa': {
     //   validateObject(options, 'options');
     //   const { modulusLength } = options!;
@@ -634,21 +660,57 @@ function internalGenerateKeyPair(
     //   //   divisorLength,
     //   //   ...encoding);
     // }
-    // case 'ec': {
-    //   validateObject(options, 'options');
-    //   const { namedCurve } = options!;
-    //   validateString(namedCurve, 'options.namedCurve');
-    //   let { paramEncoding } = options!;
-    //   if (paramEncoding == null || paramEncoding === 'named')
-    //     paramEncoding = OPENSSL_EC_NAMED_CURVE;
-    //   else if (paramEncoding === 'explicit')
-    //     paramEncoding = OPENSSL_EC_EXPLICIT_CURVE;
-    //   else
-    //   throw new Error(`Invalid Argument options.paramEncoding ${paramEncoding}`);
-    //     // throw new ERR_INVALID_ARG_VALUE('options.paramEncoding', paramEncoding);
-
-    //   // return new EcKeyPairGenJob(mode, namedCurve, paramEncoding, ...encoding);
-    // }
+
+    case 'ec':
+      validateObject<GenerateKeyPairOptions>(options, 'options');
+      const { namedCurve } = options!;
+      validateString(namedCurve, 'options.namedCurve');
+      let paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
+      const { paramEncoding } = options!;
+      if (paramEncoding == null || paramEncoding === 'named')
+        paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
+      else if (paramEncoding === 'explicit')
+        paramEncodingFlag = ECCurve.OPENSSL_EC_EXPLICIT_CURVE;
+      else
+        throw new Error(
+          `Invalid Argument options.paramEncoding ${paramEncoding}`
+        );
+
+      if (isAsync) {
+        NativeQuickCrypto.generateKeyPair(
+          KeyVariant.EC,
+          namedCurve as NamedCurve,
+          paramEncodingFlag,
+          ...encoding
+        )
+          .then(([err, publicKey, privateKey]) => {
+            if (publicKey instanceof Buffer) {
+              publicKey = Buffer.from(publicKey);
+            }
+            if (privateKey instanceof Buffer) {
+              privateKey = Buffer.from(privateKey);
+            }
+            callback?.(err, publicKey, privateKey);
+          })
+          .catch((err) => {
+            callback?.(err, undefined, undefined);
+          });
+      }
+
+      let [err, publicKey, privateKey] = NativeQuickCrypto.generateKeyPairSync(
+        KeyVariant.EC,
+        namedCurve as NamedCurve,
+        paramEncodingFlag,
+        ...encoding
+      );
+      if (publicKey instanceof Buffer) {
+        publicKey = Buffer.from(publicKey);
+      }
+      if (privateKey instanceof Buffer) {
+        privateKey = Buffer.from(privateKey);
+      }
+      return [err, publicKey, privateKey];
+
     // case 'ed25519':
     // case 'ed448':
     // case 'x25519':
@@ -712,48 +774,50 @@ function internalGenerateKeyPair(
     default:
     // Fall through
   }
-  throw new Error(
-    `Invalid Argument options: ${type} scheme not supported. Currently not all encryption methods are supported in quick-crypto!`
-  );
+  const err = new Error(`
+      Invalid Argument options: '${type}' scheme not supported for generateKey().
+      Currently not all encryption methods are supported in quick-crypto.  Check
+      implementation_coverage.md for status.
+    `);
+  return [err, undefined, undefined];
 }
 
-// TODO(osp) put correct types (e.g. type -> 'rsa', etc..)
-export function generateKeyPair(
-  type: string,
-  callback: GenerateKeyPairCallback
-): void;
-export function generateKeyPair(
-  type: string,
+export const generateKeyPair = (
+  type: KeyPairType,
   options: GenerateKeyPairOptions,
   callback: GenerateKeyPairCallback
-): void;
-export function generateKeyPair(
-  type: string,
-  options?: GenerateKeyPairCallback | GenerateKeyPairOptions,
-  callback?: GenerateKeyPairCallback
-) {
-  if (typeof options === 'function') {
-    callback = options;
-    options = undefined;
-  }
-
+): void => {
   validateFunction(callback);
-
   internalGenerateKeyPair(true, type, options, callback);
-}
+};
 
-export function generateKeyPairSync(type: string): {
-  publicKey: any;
-  privateKey: any;
+// Promisify generateKeyPair
+// (attempted to use util.promisify, to no avail)
+export const generateKeyPairPromise = (
+  type: KeyPairType,
+  options: GenerateKeyPairOptions
+): Promise<GenerateKeyPairPromiseReturn> => {
+  return new Promise((resolve, reject) => {
+    generateKeyPair(type, options, (err, publicKey, privateKey) => {
+      if (err) {
+        reject([err, undefined]);
+      } else {
+        resolve([undefined, { publicKey, privateKey }]);
+      }
+    });
+  });
 };
+
+// generateKeyPairSync
+export function generateKeyPairSync(type: KeyPairType): CryptoKeyPair;
 export function generateKeyPairSync(
-  type: string,
+  type: KeyPairType,
   options: GenerateKeyPairOptions
-): { publicKey: any; privateKey: any };
+): CryptoKeyPair;
 export function generateKeyPairSync(
-  type: string,
+  type: KeyPairType,
   options?: GenerateKeyPairOptions
-): { publicKey: any; privateKey: any } {
+): CryptoKeyPair {
   const [_, publicKey, privateKey] = internalGenerateKeyPair(
     false,
     type,

package/src/NativeQuickCrypto/Cipher.ts

@@ -1,12 +1,16 @@
+import type { GenerateKeyPairReturn } from '../Cipher';
 import type { BinaryLike } from '../Utils';
 import type { Buffer } from '@craftzdog/react-native-buffer';
 
-// TODO(osp) on node this is defined on the native side
-// Need to do the same so that values are always in sync
-export enum RSAKeyVariant {
-  kKeyVariantRSA_SSA_PKCS1_v1_5,
-  kKeyVariantRSA_PSS,
-  kKeyVariantRSA_OAEP,
+// TODO: until shared, keep in sync with C++ side (cpp/Utils/MGLUtils.h)
+export enum KeyVariant {
+  RSA_SSA_PKCS1_v1_5,
+  RSA_PSS,
+  RSA_OAEP,
+  DSA,
+  EC,
+  NID,
+  DH,
 }
 
 export type InternalCipher = {
@@ -56,15 +60,11 @@ export type PrivateDecryptMethod = (
 ) => Buffer;
 
 export type GenerateKeyPairMethod = (
-  keyVariant: RSAKeyVariant,
-  modulusLength: number,
-  publicExponent: number,
+  keyVariant: KeyVariant,
   ...rest: any[]
-) => Promise<[error: unknown, publicBuffer: any, privateBuffer: any]>;
+) => Promise<GenerateKeyPairReturn>;
 
 export type GenerateKeyPairSyncMethod = (
-  keyVariant: RSAKeyVariant,
-  modulusLength: number,
-  publicExponent: number,
+  keyVariant: KeyVariant,
   ...rest: any[]
-) => [error: unknown, publicBuffer: any, privateBuffer: any];
+) => GenerateKeyPairReturn;

package/src/NativeQuickCrypto/sig.ts

@@ -1,4 +1,7 @@
 // TODO Add real types to sign/verify, the problem is that because of encryption schemes
+
+import type { KeyObjectHandle } from './webcrypto';
+
 // they will have variable amount of parameters
 export type InternalSign = {
   init: (algorithm: string) => void;
@@ -15,3 +18,27 @@ export type InternalVerify = {
 export type CreateSignMethod = () => InternalSign;
 
 export type CreateVerifyMethod = () => InternalVerify;
+
+export enum DSASigEnc {
+  kSigEncDER,
+  kSigEncP1363,
+}
+
+export enum SignMode {
+  kSignJobModeSign,
+  kSignJobModeVerify,
+}
+
+export type SignVerify = (
+  mode: SignMode,
+  handle: KeyObjectHandle,
+  unused1: undefined,
+  unused2: undefined,
+  unused3: undefined,
+  data: ArrayBuffer,
+  digest: string | undefined,
+  salt_length: number | undefined,
+  padding: number | undefined,
+  dsa_encoding: DSASigEnc | undefined,
+  signature: ArrayBuffer | undefined
+) => ArrayBuffer | boolean;

package/src/NativeQuickCrypto/webcrypto.ts

@@ -7,6 +7,7 @@ import type {
   KWebCryptoKeyFormat,
   NamedCurve,
 } from '../keys';
+import type { SignVerify } from './sig';
 
 type KeyDetail = {
   length?: number;
@@ -43,4 +44,5 @@ type CreateKeyObjectHandle = () => KeyObjectHandle;
 export type webcrypto = {
   ecExportKey: ECExportKey;
   createKeyObjectHandle: CreateKeyObjectHandle;
+  signVerify: SignVerify;
 };

package/src/Utils.ts

@@ -13,7 +13,7 @@ import type {
 import { type CipherKey } from 'crypto'; // @types/node
 
 export type BufferLike = ArrayBuffer | Buffer | ArrayBufferView;
-export type BinaryLike = string | ArrayBuffer | Buffer;
+export type BinaryLike = string | ArrayBuffer | Buffer | TypedArray;
 export type BinaryLikeNode = CipherKey | BinaryLike;
 
 export type BinaryToTextEncoding = 'base64' | 'base64url' | 'hex' | 'binary';
@@ -27,6 +27,17 @@ export type Encoding =
 // TODO(osp) should buffer be part of the Encoding type?
 export type CipherEncoding = Encoding | 'buffer';
 
+export type TypedArray =
+  | Uint8Array
+  | Uint8ClampedArray
+  | Uint16Array
+  | Uint32Array
+  | Int8Array
+  | Int16Array
+  | Int32Array
+  | Float32Array
+  | Float64Array;
+
 type DOMName =
   | string
   | {
@@ -497,6 +508,8 @@ export const normalizeAlgorithm = (
 
   // 4.
   let algName = algorithm.name;
+  // @ts-expect-error
+  if (algName === undefined) return { name: undefined };
 
   // 5.
   let desiredType: string | null | undefined;
@@ -589,6 +602,16 @@ export const validateByteLength = (
   }
 };
 
+export const getUsagesUnion = (usageSet: KeyUsage[], ...usages: KeyUsage[]) => {
+  const newset: KeyUsage[] = [];
+  for (let n = 0; n < usages.length; n++) {
+    if (!usages[n] || usages[n] === undefined) continue;
+    if (usageSet.includes(usages[n] as KeyUsage))
+      newset.push(usages[n] as KeyUsage);
+  }
+  return newset;
+};
+
 const kKeyOps: {
   [key in KeyUsage]: number;
 } = {