react-native-quick-crypto 0.7.10 → 0.7.11

package/src/Utils.ts

@@ -1,31 +1,18 @@
 import { Buffer as CraftzdogBuffer } from '@craftzdog/react-native-buffer';
 import { Buffer as SafeBuffer } from 'safe-buffer';
-import { Buffer as FerossBuffer } from 'buffer';
-import type {
-  AnyAlgorithm,
-  DeriveBitsAlgorithm,
-  DigestAlgorithm,
-  EncryptDecryptAlgorithm,
-  EncryptDecryptParams,
-  KeyPairAlgorithm,
-  KeyUsage,
-  SecretKeyAlgorithm,
-  SignVerifyAlgorithm,
-  SubtleAlgorithm,
-} from './keys';
+
+import type { KeyUsage } from './keys';
 import { type CipherKey } from 'crypto'; // @types/node
 
 export type BufferLike =
   | ArrayBuffer
   | CraftzdogBuffer
-  | FerossBuffer
   | SafeBuffer
   | ArrayBufferView;
 export type BinaryLike =
   | string
   | ArrayBuffer
   | CraftzdogBuffer
-  | FerossBuffer
   | SafeBuffer
   | TypedArray
   | DataView;
@@ -91,6 +78,8 @@ export type TypedArray =
   | Float32Array
   | Float64Array;
 
+export type ABV = TypedArray | DataView | ArrayBufferLike | CraftzdogBuffer;
+
 type DOMName =
   | string
   | {
@@ -182,18 +171,38 @@ export const kEmptyObject = Object.freeze(Object.create(null));
 //   return slowCases(enc);
 // }
 
+/**
+ * Converts supplied argument to an ArrayBuffer.  Note this does not copy the
+ * data so it is faster than toArrayBuffer.  Not copying is important for
+ * functions like randomFill which need to be able to write to the underlying
+ * buffer.
+ * @param buf
+ * @returns ArrayBuffer
+ */
+export function abvToArrayBuffer(buffer: ABV): ArrayBuffer {
+  if (CraftzdogBuffer.isBuffer(buffer) || ArrayBuffer.isView(buffer)) {
+    return buffer.buffer as ArrayBuffer;
+  }
+  return buffer as ArrayBuffer;
+}
+
+/**
+ * Converts supplied argument to an ArrayBuffer.  Note this copies data if the
+ * supplied buffer has the .slice() method, so can be a bit slow.
+ * @param buf
+ * @returns ArrayBuffer
+ */
 export function toArrayBuffer(
-  buf: CraftzdogBuffer | FerossBuffer | SafeBuffer | ArrayBufferView,
+  buf: CraftzdogBuffer | SafeBuffer | ArrayBufferView,
 ): ArrayBuffer {
-  if (
-    CraftzdogBuffer.isBuffer(buf) ||
-    FerossBuffer.isBuffer(buf) ||
-    ArrayBuffer.isView(buf)
-  ) {
+  if (CraftzdogBuffer.isBuffer(buf) || ArrayBuffer.isView(buf)) {
     if (buf?.buffer?.slice) {
-      return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
+      return buf.buffer.slice(
+        buf.byteOffset,
+        buf.byteOffset + buf.byteLength,
+      ) as ArrayBuffer;
     } else {
-      return buf.buffer;
+      throw new Error('This implementation of buffer does not implement slice');
     }
   }
   const ab = new ArrayBuffer(buf.length);
@@ -205,11 +214,7 @@ export function toArrayBuffer(
 }
 
 export function bufferLikeToArrayBuffer(buf: BufferLike): ArrayBuffer {
-  if (
-    CraftzdogBuffer.isBuffer(buf) ||
-    FerossBuffer.isBuffer(buf) ||
-    SafeBuffer.isBuffer(buf)
-  ) {
+  if (CraftzdogBuffer.isBuffer(buf) || SafeBuffer.isBuffer(buf)) {
     return toArrayBuffer(buf);
   }
   if (ArrayBuffer.isView(buf)) {
@@ -239,11 +244,7 @@ export function binaryLikeToArrayBuffer(
   }
 
   // Buffer
-  if (
-    CraftzdogBuffer.isBuffer(input) ||
-    FerossBuffer.isBuffer(input) ||
-    SafeBuffer.isBuffer(input)
-  ) {
+  if (CraftzdogBuffer.isBuffer(input) || SafeBuffer.isBuffer(input)) {
     return toArrayBuffer(input);
   }
 
@@ -411,156 +412,6 @@ const kMaxBufferLength = 2 ** 31 - 1;
 // // the Web Crypto API.
 // const kHashTypes = ['SHA-1', 'SHA-256', 'SHA-384', 'SHA-512'];
 
-type SupportedAlgorithm<Type extends string> = {
-  [key in Type]: string | null;
-};
-
-type SupportedAlgorithms = {
-  digest: SupportedAlgorithm<DigestAlgorithm>;
-  generateKey: SupportedAlgorithm<KeyPairAlgorithm | SecretKeyAlgorithm>;
-  sign: SupportedAlgorithm<SignVerifyAlgorithm>;
-  verify: SupportedAlgorithm<SignVerifyAlgorithm>;
-  importKey: SupportedAlgorithm<
-    KeyPairAlgorithm | 'PBKDF2' | SecretKeyAlgorithm | 'HKDF'
-  >;
-  deriveBits: SupportedAlgorithm<DeriveBitsAlgorithm>;
-  encrypt: SupportedAlgorithm<EncryptDecryptAlgorithm>;
-  decrypt: SupportedAlgorithm<EncryptDecryptAlgorithm>;
-  'get key length': SupportedAlgorithm<SecretKeyAlgorithm | 'PBKDF2' | 'HKDF'>;
-  wrapKey: SupportedAlgorithm<'AES-KW'>;
-  unwrapKey: SupportedAlgorithm<'AES-KW'>;
-};
-
-export type Operation =
-  | 'digest'
-  | 'generateKey'
-  | 'sign'
-  | 'verify'
-  | 'importKey'
-  | 'deriveBits'
-  | 'encrypt'
-  | 'decrypt'
-  | 'get key length'
-  | 'wrapKey'
-  | 'unwrapKey';
-
-const kSupportedAlgorithms: SupportedAlgorithms = {
-  digest: {
-    'SHA-1': null,
-    'SHA-256': null,
-    'SHA-384': null,
-    'SHA-512': null,
-  },
-  generateKey: {
-    'RSASSA-PKCS1-v1_5': 'RsaHashedKeyGenParams',
-    'RSA-PSS': 'RsaHashedKeyGenParams',
-    'RSA-OAEP': 'RsaHashedKeyGenParams',
-    ECDSA: 'EcKeyGenParams',
-    ECDH: 'EcKeyGenParams',
-    'AES-CTR': 'AesKeyGenParams',
-    'AES-CBC': 'AesKeyGenParams',
-    'AES-GCM': 'AesKeyGenParams',
-    'AES-KW': 'AesKeyGenParams',
-    HMAC: 'HmacKeyGenParams',
-    X25519: null,
-    Ed25519: null,
-    X448: null,
-    Ed448: null,
-  },
-  sign: {
-    'RSASSA-PKCS1-v1_5': null,
-    'RSA-PSS': 'RsaPssParams',
-    ECDSA: 'EcdsaParams',
-    HMAC: null,
-    Ed25519: null,
-    Ed448: 'Ed448Params',
-  },
-  verify: {
-    'RSASSA-PKCS1-v1_5': null,
-    'RSA-PSS': 'RsaPssParams',
-    ECDSA: 'EcdsaParams',
-    HMAC: null,
-    Ed25519: null,
-    Ed448: 'Ed448Params',
-  },
-  importKey: {
-    'RSASSA-PKCS1-v1_5': 'RsaHashedImportParams',
-    'RSA-PSS': 'RsaHashedImportParams',
-    'RSA-OAEP': 'RsaHashedImportParams',
-    ECDSA: 'EcKeyImportParams',
-    ECDH: 'EcKeyImportParams',
-    HMAC: 'HmacImportParams',
-    HKDF: null,
-    PBKDF2: null,
-    'AES-CTR': null,
-    'AES-CBC': null,
-    'AES-GCM': null,
-    'AES-KW': null,
-    Ed25519: null,
-    X25519: null,
-    Ed448: null,
-    X448: null,
-  },
-  deriveBits: {
-    HKDF: 'HkdfParams',
-    PBKDF2: 'Pbkdf2Params',
-    ECDH: 'EcdhKeyDeriveParams',
-    X25519: 'EcdhKeyDeriveParams',
-    X448: 'EcdhKeyDeriveParams',
-  },
-  encrypt: {
-    'RSA-OAEP': 'RsaOaepParams',
-    'AES-CBC': 'AesCbcParams',
-    'AES-GCM': 'AesGcmParams',
-    'AES-CTR': 'AesCtrParams',
-  },
-  decrypt: {
-    'RSA-OAEP': 'RsaOaepParams',
-    'AES-CBC': 'AesCbcParams',
-    'AES-GCM': 'AesGcmParams',
-    'AES-CTR': 'AesCtrParams',
-  },
-  'get key length': {
-    'AES-CBC': 'AesDerivedKeyParams',
-    'AES-CTR': 'AesDerivedKeyParams',
-    'AES-GCM': 'AesDerivedKeyParams',
-    'AES-KW': 'AesDerivedKeyParams',
-    HMAC: 'HmacImportParams',
-    HKDF: null,
-    PBKDF2: null,
-  },
-  wrapKey: {
-    'AES-KW': null,
-  },
-  unwrapKey: {
-    'AES-KW': null,
-  },
-};
-
-type AlgorithmDictionaries = {
-  [key in string]: object;
-};
-
-const simpleAlgorithmDictionaries: AlgorithmDictionaries = {
-  AesGcmParams: { iv: 'BufferSource', additionalData: 'BufferSource' },
-  RsaHashedKeyGenParams: { hash: 'HashAlgorithmIdentifier' },
-  EcKeyGenParams: {},
-  HmacKeyGenParams: { hash: 'HashAlgorithmIdentifier' },
-  RsaPssParams: {},
-  EcdsaParams: { hash: 'HashAlgorithmIdentifier' },
-  HmacImportParams: { hash: 'HashAlgorithmIdentifier' },
-  HkdfParams: {
-    hash: 'HashAlgorithmIdentifier',
-    salt: 'BufferSource',
-    info: 'BufferSource',
-  },
-  Ed448Params: { context: 'BufferSource' },
-  Pbkdf2Params: { hash: 'HashAlgorithmIdentifier', salt: 'BufferSource' },
-  RsaOaepParams: { label: 'BufferSource' },
-  RsaHashedImportParams: { hash: 'HashAlgorithmIdentifier' },
-  EcKeyImportParams: {},
-};
-
 export const validateMaxBufferLength = (
   data: BinaryLike | BufferLike,
   name: string,
@@ -577,92 +428,6 @@ export const validateMaxBufferLength = (
   }
 };
 
-// https://w3c.github.io/webcrypto/#algorithm-normalization-normalize-an-algorithm
-// adapted for Node.js from Deno's implementation
-// https://github.com/denoland/deno/blob/v1.29.1/ext/crypto/00_crypto.js#L195
-export const normalizeAlgorithm = (
-  algorithm: SubtleAlgorithm | EncryptDecryptParams | AnyAlgorithm,
-  op: Operation,
-): SubtleAlgorithm | EncryptDecryptParams => {
-  if (typeof algorithm === 'string') {
-    return normalizeAlgorithm({ name: algorithm }, op);
-  }
-
-  // 1.
-  const registeredAlgorithms = kSupportedAlgorithms[op];
-  // 2. 3.
-  // commented, because typescript takes care of this for us 🤞👀
-  // const initialAlg = webidl.converters.Algorithm(algorithm, {
-  //   prefix: 'Failed to normalize algorithm',
-  //   context: 'passed algorithm',
-  // });
-
-  // 4.
-  let algName = algorithm.name;
-  if (algName === undefined) return { name: 'unknown' };
-
-  // 5.
-  let desiredType: string | null | undefined;
-  for (const key in registeredAlgorithms) {
-    if (!Object.prototype.hasOwnProperty.call(registeredAlgorithms, key)) {
-      continue;
-    }
-    if (key.toUpperCase() === algName.toUpperCase()) {
-      algName = key as AnyAlgorithm;
-      desiredType = (
-        registeredAlgorithms as Record<string, typeof desiredType>
-      )[algName];
-    }
-  }
-  if (desiredType === undefined)
-    throw lazyDOMException('Unrecognized algorithm name', 'NotSupportedError');
-
-  // Fast path everything below if the registered dictionary is null
-  if (desiredType === null) return { name: algName };
-
-  // 6.
-  const normalizedAlgorithm = algorithm;
-  // TODO: implement this?  Maybe via typescript?
-  // webidl.converters[desiredType](algorithm, {
-  //   prefix: 'Failed to normalize algorithm',
-  //   context: 'passed algorithm',
-  // });
-  // 7.
-  normalizedAlgorithm.name = algName;
-
-  // 9.
-  const dict = simpleAlgorithmDictionaries[desiredType];
-  // 10.
-  const dictKeys = dict ? Object.keys(dict) : [];
-  for (let i = 0; i < dictKeys.length; i++) {
-    const member = dictKeys[i] || '';
-    if (!Object.prototype.hasOwnProperty.call(dict, member)) continue;
-    // TODO: implement this?  Maybe via typescript?
-    // const idlType = dict[member];
-    // const idlValue = normalizedAlgorithm[member];
-    // 3.
-    // if (idlType === 'BufferSource' && idlValue) {
-    //   const isView = ArrayBufferIsView(idlValue);
-    //   normalizedAlgorithm[member] = TypedArrayPrototypeSlice(
-    //     new Uint8Array(
-    //       isView ? getDataViewOrTypedArrayBuffer(idlValue) : idlValue,
-    //       isView ? getDataViewOrTypedArrayByteOffset(idlValue) : 0,
-    //       isView
-    //         ? getDataViewOrTypedArrayByteLength(idlValue)
-    //         : ArrayBufferPrototypeGetByteLength(idlValue)
-    //     )
-    //   );
-    // } else if (idlType === 'HashAlgorithmIdentifier') {
-    //   normalizedAlgorithm[member] = normalizeAlgorithm(idlValue, 'digest');
-    // } else if (idlType === 'AlgorithmIdentifier') {
-    //   // This extension point is not used by any supported algorithm (yet?)
-    //   throw lazyDOMException('Not implemented.', 'NotSupportedError');
-    // }
-  }
-
-  return normalizedAlgorithm;
-};
-
 export const validateBitLength = (
   length: number,
   name: string,
@@ -778,16 +543,6 @@ export const bigIntArrayToUnsignedInt = (
   return result;
 };
 
-export function abvToArrayBuffer(buffer: ArrayBufferView): ArrayBuffer {
-  if (CraftzdogBuffer.isBuffer(buffer)) {
-    return buffer.buffer;
-  }
-  if (ArrayBuffer.isView(buffer)) {
-    return buffer.buffer;
-  }
-  return buffer;
-}
-
 // TODO: these used to be shipped by crypto-browserify in quickcrypto v0.6
 // could instead fetch from OpenSSL if needed and handle breaking changes
 export const getHashes = () => [

package/src/keys.ts

@@ -119,13 +119,17 @@ export type SubtleAlgorithm = {
   name: AnyAlgorithm;
   salt?: string;
   iterations?: number;
-  hash?: HashAlgorithm;
+  hash?: HashAlgorithm | HashAlgorithmIdentifier;
   namedCurve?: NamedCurve;
   length?: number;
   modulusLength?: number;
   publicExponent?: number | Uint8Array;
 };
 
+export type HashAlgorithmIdentifier = {
+  name: HashAlgorithm;
+};
+
 export type KeyUsage =
   | 'encrypt'
   | 'decrypt'

package/src/pbkdf2.ts

@@ -83,7 +83,7 @@ export function pbkdf2Sync(
     algo,
   );
 
-  return Buffer.from(result);
+  return result;
 }
 
 // We need this because the typescript  overload signatures in pbkdf2() above do

package/src/random.ts

@@ -1,31 +1,29 @@
 import { abvToArrayBuffer } from './Utils';
 import { NativeQuickCrypto } from './NativeQuickCrypto/NativeQuickCrypto';
 import { Buffer } from '@craftzdog/react-native-buffer';
-import type { TypedArray } from './Utils';
+import type { ABV } from './Utils';
 
 const random = NativeQuickCrypto.random;
 
-type RandomBuffer = TypedArray | DataView | ArrayBufferLike | Buffer;
-
-export function randomFill<T extends RandomBuffer>(
+export function randomFill<T extends ABV>(
   buffer: T,
   callback: (err: Error | null, buf: T) => void,
 ): void;
 
-export function randomFill<T extends RandomBuffer>(
+export function randomFill<T extends ABV>(
   buffer: T,
   offset: number,
   callback: (err: Error | null, buf: T) => void,
 ): void;
 
-export function randomFill<T extends RandomBuffer>(
+export function randomFill<T extends ABV>(
   buffer: T,
   offset: number,
   size: number,
   callback: (err: Error | null, buf: T) => void,
 ): void;
 
-export function randomFill(buffer: RandomBuffer, ...rest: unknown[]): void {
+export function randomFill(buffer: ABV, ...rest: unknown[]): void {
   if (typeof rest[rest.length - 1] !== 'function') {
     throw new Error('No callback provided to randomFill');
   }
@@ -47,31 +45,25 @@ export function randomFill(buffer: RandomBuffer, ...rest: unknown[]): void {
     offset = rest[0] as number;
   }
 
-  random
-    .randomFill(abvToArrayBuffer(buffer as ArrayBufferView), offset, size)
-    .then(
-      (res: ArrayBuffer) => {
-        callback(null, res);
-      },
-      (e: Error) => {
-        callback(e);
-      },
-    );
+  random.randomFill(abvToArrayBuffer(buffer), offset, size).then(
+    (res: ArrayBuffer) => {
+      callback(null, res);
+    },
+    (e: Error) => {
+      callback(e);
+    },
+  );
 }
 
-export function randomFillSync<T extends RandomBuffer>(
+export function randomFillSync<T extends ABV>(
   buffer: T,
   offset?: number,
   size?: number,
 ): T;
 
-export function randomFillSync(
-  buffer: RandomBuffer,
-  offset: number = 0,
-  size?: number,
-) {
+export function randomFillSync(buffer: ABV, offset: number = 0, size?: number) {
   return random.randomFillSync(
-    abvToArrayBuffer(buffer as ArrayBufferView),
+    abvToArrayBuffer(buffer),
     offset,
     size ?? buffer.byteLength,
   );

package/src/subtle.ts

@@ -17,11 +17,9 @@ import {
   hasAnyNotIn,
   type BufferLike,
   type BinaryLike,
-  normalizeAlgorithm,
   lazyDOMException,
   normalizeHashName,
   HashContext,
-  type Operation,
   validateMaxBufferLength,
   bufferLikeToArrayBuffer,
 } from './Utils';
@@ -35,6 +33,7 @@ import {
   getAlgorithmName,
 } from './aes';
 import { rsaCipher, rsaExportKey, rsaImportKey, rsaKeyGenerate } from './rsa';
+import { normalizeAlgorithm, type Operation } from './Algorithms';
 
 const exportKeySpki = async (
   key: CryptoKey,

package/LICENSE

@@ -1,27 +0,0 @@
-**react-native-quick-crypto**
-
-MIT License
-
-Copyright (c) 2021 Margelo GmbH
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-**NodeJS Crypto**
-
-See https://github.com/nodejs/node/blob/main/LICENSE