react-native-quick-crypto 0.7.0 → 0.7.1

package/src/index.ts

@@ -12,15 +12,18 @@ import {
   generateKeyPair,
   generateKeyPairSync,
 } from './Cipher';
+import { generateKey, generateKeySync } from './keygen';
 import { createSign, createVerify } from './sig';
 import { createHmac } from './Hmac';
 import { createHash } from './Hash';
 import { constants } from './constants';
 import { subtle } from './subtle';
 import { getCiphers, getHashes } from './Utils';
+import webcrypto from './webcrypto';
+import { createPrivateKey, createPublicKey, createSecretKey } from './keys';
 
 /**
- * Loosesly matches Node.js {crypto} with some unimplemented functionality
+ * Loosely matches Node.js {crypto} with some unimplemented functionality
  */
 const QuickCrypto = {
   createHmac,
@@ -31,11 +34,16 @@ const QuickCrypto = {
   createCipheriv,
   createDecipher,
   createDecipheriv,
+  createPublicKey,
+  createPrivateKey,
+  createSecretKey,
   publicEncrypt,
   publicDecrypt,
   privateDecrypt,
+  generateKey,
   generateKeyPair,
   generateKeyPairSync,
+  generateKeySync,
   createSign,
   createVerify,
   subtle,
@@ -44,6 +52,7 @@ const QuickCrypto = {
   ...random,
   getCiphers,
   getHashes,
+  webcrypto,
 };
 
 /**

package/src/keygen.ts

@@ -0,0 +1,80 @@
+import { NativeQuickCrypto } from './NativeQuickCrypto/NativeQuickCrypto';
+import { lazyDOMException, validateFunction } from './Utils';
+import { kAesKeyLengths } from './aes';
+import {
+  SecretKeyObject,
+  type SecretKeyType,
+  type AesKeyGenParams,
+} from './keys';
+
+export type KeyGenCallback = (
+  err: Error | undefined,
+  key?: SecretKeyObject
+) => void;
+
+export const generateKeyPromise = (
+  type: SecretKeyType,
+  options: AesKeyGenParams // | HmacKeyGenParams
+): Promise<[Error | undefined, SecretKeyObject | undefined]> => {
+  return new Promise((resolve, reject) => {
+    generateKey(type, options, (err, key) => {
+      if (err) {
+        reject([err, undefined]);
+      }
+      resolve([undefined, key]);
+    });
+  });
+};
+
+export const generateKey = (
+  type: SecretKeyType,
+  options: AesKeyGenParams, // | HmacKeyGenParams,
+  callback: KeyGenCallback
+): void => {
+  validateLength(type, options.length);
+  if (!validateFunction(callback)) {
+    throw lazyDOMException('Callback is not a function', 'SyntaxError');
+  }
+  NativeQuickCrypto.webcrypto
+    .generateSecretKey(options.length)
+    .then((handle) => {
+      callback(undefined, new SecretKeyObject(handle));
+    })
+    .catch((err) => {
+      callback(err, undefined);
+    });
+};
+
+export const generateKeySync = (
+  type: SecretKeyType,
+  options: AesKeyGenParams // | HmacKeyGenParams,
+): SecretKeyObject => {
+  validateLength(type, options.length);
+  const handle = NativeQuickCrypto.webcrypto.generateSecretKeySync(
+    options.length
+  );
+  return new SecretKeyObject(handle);
+};
+
+const validateLength = (type: SecretKeyType, length: number) => {
+  switch (type) {
+    case 'aes':
+      if (!kAesKeyLengths.includes(length)) {
+        throw lazyDOMException(
+          'AES key length must be 128, 192, or 256 bits',
+          'OperationError'
+        );
+      }
+      break;
+    case 'hmac':
+      if (length < 8 || length > 2 ** 31 - 1) {
+        throw lazyDOMException(
+          'HMAC key length must be between 8 and 2^31 - 1',
+          'OperationError'
+        );
+      }
+      break;
+    default:
+      throw new Error(`Unsupported key type '${type}' for generateKey()`);
+  }
+};

package/src/keys.ts

@@ -2,6 +2,8 @@ import {
   type BinaryLike,
   binaryLikeToArrayBuffer,
   isStringOrBuffer,
+  type BufferLike,
+  type TypedArray,
 } from './Utils';
 import type { KeyObjectHandle } from './NativeQuickCrypto/webcrypto';
 import { NativeQuickCrypto } from './NativeQuickCrypto/NativeQuickCrypto';
@@ -27,25 +29,30 @@ export type AnyAlgorithm =
   | 'PBKDF2'
   | 'HKDF';
 
-export type HashAlgorithm = 'SHA-1' | 'SHA-256' | 'SHA-384' | 'SHA-512';
+export type HashAlgorithm =
+  | 'SHA-1'
+  | 'SHA-224'
+  | 'SHA-256'
+  | 'SHA-384'
+  | 'SHA-512'
+  | 'RIPEMD-160';
+
+export type DigestAlgorithm = 'SHA-1' | 'SHA-256' | 'SHA-384' | 'SHA-512';
 
 export type KeyPairType = 'rsa' | 'rsa-pss' | 'ec';
 
 export type RSAKeyPairAlgorithm = 'RSASSA-PKCS1-v1_5' | 'RSA-PSS' | 'RSA-OAEP';
 export type ECKeyPairAlgorithm = 'ECDSA' | 'ECDH';
 export type CFRGKeyPairAlgorithm = 'Ed25519' | 'Ed448' | 'X25519' | 'X448';
+export type AESAlgorithm = 'AES-CTR' | 'AES-CBC' | 'AES-GCM' | 'AES-KW';
 
 export type KeyPairAlgorithm =
   | RSAKeyPairAlgorithm
   | ECKeyPairAlgorithm
   | CFRGKeyPairAlgorithm;
 
-export type SecretKeyAlgorithm =
-  | 'HMAC'
-  | 'AES-CTR'
-  | 'AES-CBC'
-  | 'AES-GCM'
-  | 'AES-KW';
+export type SecretKeyAlgorithm = 'HMAC' | AESAlgorithm;
+export type SecretKeyType = 'hmac' | 'aes';
 
 export type SignVerifyAlgorithm =
   | 'RSASSA-PKCS1-v1_5'
@@ -62,6 +69,49 @@ export type DeriveBitsAlgorithm =
   | 'X25519'
   | 'X448';
 
+export type RsaOaepParams = {
+  name: 'RSA-OAEP';
+  label?: BufferLike;
+};
+
+export type AesCbcParams = {
+  name: 'AES-CBC';
+  iv: BufferLike;
+};
+
+export type AesCtrParams = {
+  name: 'AES-CTR';
+  counter: TypedArray;
+  length: number;
+};
+
+export type AesGcmParams = {
+  name: 'AES-GCM';
+  iv: BufferLike;
+  tagLength?: TagLength;
+  additionalData?: BufferLike;
+};
+
+export type AesKwParams = {
+  name: 'AES-KW';
+  wrappingKey?: BufferLike;
+};
+
+export type AesKeyGenParams = {
+  length: AESLength;
+  name?: AESAlgorithm;
+};
+
+export type TagLength = 32 | 64 | 96 | 104 | 112 | 120 | 128;
+
+export type AESLength = 128 | 192 | 256;
+
+export type EncryptDecryptParams =
+  | AesCbcParams
+  | AesCtrParams
+  | AesGcmParams
+  | RsaOaepParams;
+
 export type EncryptDecryptAlgorithm =
   | 'RSA-OAEP'
   | 'AES-CTR'
@@ -97,6 +147,8 @@ export enum KFormatType {
   kKeyFormatJWK,
 }
 
+export type KFormat = 'der' | 'pem' | 'jwk';
+
 // Same as KFormatType, this enum needs to be defined on the native side
 export enum KeyType {
   Secret,
@@ -104,6 +156,10 @@ export enum KeyType {
   Private,
 }
 
+export type KTypePrivate = 'pkcs1' | 'pkcs8' | 'sec1';
+export type KTypePublic = 'pkcs1' | 'spki';
+export type KType = KTypePrivate | KTypePublic;
+
 // Same as KFormatType, this enum needs to be defined on the native side
 export enum KWebCryptoKeyFormat {
   kWebCryptoKeyFormatRaw,
@@ -133,10 +189,10 @@ export enum KeyEncoding {
 }
 
 export type EncodingOptions = {
-  key: any;
-  type?: string;
+  key?: any;
+  type?: KType;
   encoding?: string;
-  format?: string;
+  format?: KFormat;
   padding?: number;
   cipher?: string;
   passphrase?: string | ArrayBuffer;
@@ -181,6 +237,13 @@ export type CryptoKeyPair = {
   privateKey: KeyPairKey;
 };
 
+export enum CipherOrWrapMode {
+  kWebCryptoCipherEncrypt,
+  kWebCryptoCipherDecrypt,
+  // kWebCryptoWrapKey,
+  // kWebCryptoUnwrapKey,
+}
+
 function option(name: string, objName: string | undefined) {
   return objName === undefined
     ? `options.${name}`
@@ -322,14 +385,7 @@ function parseKeyEncoding(
 }
 
 function prepareAsymmetricKey(
-  key:
-    | BinaryLike
-    | {
-        key: any;
-        encoding?: string;
-        format?: any;
-        passphrase?: string | ArrayBuffer;
-      },
+  key: BinaryLike | EncodingOptions,
   ctx: KeyInputContext
 ): {
   format: KFormatType;
@@ -352,14 +408,12 @@ function prepareAsymmetricKey(
       data: binaryLikeToArrayBuffer(key),
     };
   } else if (typeof key === 'object') {
-    const {
-      key: data,
-      encoding,
-      // format
-    } = key;
+    const { key: data, encoding } = key;
     // // The 'key' property can be a KeyObject as well to allow specifying
     // // additional options such as padding along with the key.
-    // if (isKeyObject(data)) return { data: getKeyObjectHandle(data, ctx) };
+    // if (isKeyObject(data)) {
+    //   return { data: getKeyObjectHandle(data, ctx) };
+    // }
     // else if (isCryptoKey(data))
     //   return { data: getKeyObjectHandle(data[kKeyObject], ctx) };
     // else if (isJwk(data) && format === 'jwk')
@@ -392,11 +446,7 @@ export function preparePrivateKey(key: BinaryLike | EncodingOptions) {
 }
 
 // TODO(osp) any here is a node KeyObject
-export function preparePublicOrPrivateKey(
-  key:
-    | BinaryLike
-    | { key: any; encoding?: string; format?: any; padding?: number }
-) {
+export function preparePublicOrPrivateKey(key: BinaryLike | EncodingOptions) {
   return prepareAsymmetricKey(key, KeyInputContext.kConsumePublic);
 }
 
@@ -422,6 +472,29 @@ export function parsePrivateKeyEncoding(
   return parseKeyEncoding(enc, keyType, false, objName);
 }
 
+// function getKeyObjectHandle(key: any, ctx: KeyInputContext) {
+//   if (ctx === KeyInputContext.kConsumePublic) {
+//     throw new Error(
+//       'Invalid argument type for "key". Need ArrayBuffer, TypeArray, KeyObject, CryptoKey, string'
+//     );
+//   }
+
+//   if (key.type !== 'private') {
+//     if (
+//       ctx === KeyInputContext.kConsumePrivate ||
+//       ctx === KeyInputContext.kCreatePublic
+//     )
+//       throw new Error(`Invalid KeyObject type: ${key.type}, expected 'public'`);
+//     if (key.type !== 'public') {
+//       throw new Error(
+//         `Invalid KeyObject type: ${key.type}, expected 'private' or 'public'`
+//       );
+//     }
+//   }
+
+//   return key.handle;
+// }
+
 function prepareSecretKey(
   key: BinaryLike,
   encoding?: string,
@@ -467,6 +540,42 @@ export function createSecretKey(key: any, encoding?: string) {
   return new SecretKeyObject(handle);
 }
 
+export function createPublicKey(
+  key: BinaryLike | EncodingOptions
+): PublicKeyObject {
+  const { format, type, data, passphrase } = prepareAsymmetricKey(
+    key,
+    KeyInputContext.kCreatePublic
+  );
+  const handle = NativeQuickCrypto.webcrypto.createKeyObjectHandle();
+  if (format === KFormatType.kKeyFormatJWK) {
+    handle.init(KeyType.Public, data);
+  } else {
+    handle.init(KeyType.Public, data, format, type, passphrase);
+  }
+  return new PublicKeyObject(handle);
+}
+
+export const createPrivateKey = (
+  key: BinaryLike | EncodingOptions
+): PrivateKeyObject => {
+  const { format, type, data, passphrase } = prepareAsymmetricKey(
+    key,
+    KeyInputContext.kCreatePrivate
+  );
+  const handle = NativeQuickCrypto.webcrypto.createKeyObjectHandle();
+  if (format === KFormatType.kKeyFormatJWK) {
+    handle.init(KeyType.Private, data);
+  } else {
+    handle.init(KeyType.Private, data, format, type, passphrase);
+  }
+  return new PrivateKeyObject(handle);
+};
+
+// const isKeyObject = (obj: any): obj is KeyObject => {
+//   return obj != null && obj.keyType !== undefined;
+// };
+
 export class CryptoKey {
   keyObject: KeyObject;
   keyAlgorithm: SubtleAlgorithm;
@@ -572,7 +681,7 @@ export class SecretKeyObject extends KeyObject {
   //   return this[kHandle].getSymmetricKeySize();
   // }
 
-  export(options: EncodingOptions) {
+  export(options?: EncodingOptions) {
     if (options !== undefined) {
       if (options.format === 'jwk') {
         throw new Error('SecretKey export for jwk is not implemented');