react-native-quick-crypto 1.0.1 → 1.0.3

package/src/ed.ts

@@ -361,3 +361,105 @@ export async function ed_generateKeyPairWebCrypto(
 
   return { publicKey, privateKey };
 }
+
+export async function x_generateKeyPairWebCrypto(
+  type: 'x25519' | 'x448',
+  extractable: boolean,
+  keyUsages: KeyUsage[],
+): Promise<CryptoKeyPair> {
+  if (hasAnyNotIn(keyUsages, ['deriveKey', 'deriveBits'])) {
+    throw lazyDOMException(`Unsupported key usage for ${type}`, 'SyntaxError');
+  }
+
+  const publicUsages = getUsagesUnion(keyUsages);
+  const privateUsages = getUsagesUnion(keyUsages, 'deriveKey', 'deriveBits');
+
+  if (privateUsages.length === 0) {
+    throw lazyDOMException('Usages cannot be empty', 'SyntaxError');
+  }
+
+  // Request DER-encoded SPKI for public key, PKCS8 for private key
+  const config = {
+    publicFormat: KFormatType.DER,
+    publicType: KeyEncoding.SPKI,
+    privateFormat: KFormatType.DER,
+    privateType: KeyEncoding.PKCS8,
+  };
+  const ed = new Ed(type, config);
+  await ed.generateKeyPair();
+
+  const algorithmName = type === 'x25519' ? 'X25519' : 'X448';
+
+  const publicKeyData = ed.getPublicKey();
+  const privateKeyData = ed.getPrivateKey();
+
+  const pub = KeyObject.createKeyObject(
+    'public',
+    publicKeyData,
+    KFormatType.DER,
+    KeyEncoding.SPKI,
+  ) as PublicKeyObject;
+  const publicKey = new CryptoKey(
+    pub,
+    { name: algorithmName } as SubtleAlgorithm,
+    publicUsages,
+    true,
+  );
+
+  const priv = KeyObject.createKeyObject(
+    'private',
+    privateKeyData,
+    KFormatType.DER,
+    KeyEncoding.PKCS8,
+  ) as PrivateKeyObjectClass;
+  const privateKey = new CryptoKey(
+    priv,
+    { name: algorithmName } as SubtleAlgorithm,
+    privateUsages,
+    extractable,
+  );
+
+  return { publicKey, privateKey };
+}
+
+export function xDeriveBits(
+  algorithm: SubtleAlgorithm,
+  baseKey: CryptoKey,
+  length: number | null,
+): ArrayBuffer {
+  const publicParams = algorithm as SubtleAlgorithm & { public?: CryptoKey };
+  const publicKey = publicParams.public;
+
+  if (!publicKey) {
+    throw new Error('Public key is required for X25519/X448 derivation');
+  }
+
+  if (baseKey.algorithm.name !== publicKey.algorithm.name) {
+    throw new Error('Keys must be of the same algorithm');
+  }
+
+  const type = baseKey.algorithm.name.toLowerCase() as 'x25519' | 'x448';
+  const ed = new Ed(type, {});
+
+  // Export raw keys
+  const privateKeyBytes = baseKey.keyObject.handle.exportKey();
+  const publicKeyBytes = publicKey.keyObject.handle.exportKey();
+
+  const privateKeyTyped = new Uint8Array(privateKeyBytes);
+  const publicKeyTyped = new Uint8Array(publicKeyBytes);
+
+  const secret = ed.getSharedSecret(privateKeyTyped, publicKeyTyped);
+
+  // If length is null, return the full secret
+  if (length === null) {
+    return secret;
+  }
+
+  // If length is specified, truncate
+  const byteLength = Math.ceil(length / 8);
+  if (secret.byteLength >= byteLength) {
+    return secret.slice(0, byteLength);
+  }
+
+  throw new Error('Derived key is shorter than requested length');
+}

package/src/hkdf.ts

@@ -0,0 +1,152 @@
+import { Buffer } from '@craftzdog/react-native-buffer';
+import { NitroModules } from 'react-native-nitro-modules';
+import type { Hkdf as HkdfNative } from './specs/hkdf.nitro';
+import { binaryLikeToArrayBuffer, normalizeHashName } from './utils';
+import type { BinaryLike } from './utils';
+
+type KeyMaterial = BinaryLike;
+type Salt = BinaryLike;
+type Info = BinaryLike;
+
+export interface HkdfAlgorithm {
+  name: string;
+  hash: string | { name: string };
+  salt: BinaryLike;
+  info: BinaryLike;
+}
+
+export interface CryptoKeyInternal {
+  keyObject: {
+    export: () => Buffer;
+  };
+}
+
+export interface HkdfCallback {
+  (err: Error | null, derivedKey?: Buffer): void;
+}
+
+// Lazy load native module
+let native: HkdfNative;
+function getNative(): HkdfNative {
+  if (native == null) {
+    native = NitroModules.createHybridObject<HkdfNative>('Hkdf');
+  }
+  return native;
+}
+
+function validateCallback(callback: HkdfCallback) {
+  if (callback === undefined || typeof callback !== 'function') {
+    throw new Error('No callback provided to hkdf');
+  }
+}
+
+function sanitizeInput(input: BinaryLike, name: string): ArrayBuffer {
+  try {
+    return binaryLikeToArrayBuffer(input);
+  } catch {
+    throw new Error(
+      `${name} must be a string, a Buffer, a typed array, or a DataView`,
+    );
+  }
+}
+
+export function hkdf(
+  digest: string,
+  key: KeyMaterial,
+  salt: Salt,
+  info: Info,
+  keylen: number,
+  callback: HkdfCallback,
+): void {
+  validateCallback(callback);
+
+  try {
+    const normalizedDigest = normalizeHashName(digest);
+    const sanitizedKey = sanitizeInput(key, 'Key');
+    const sanitizedSalt = sanitizeInput(salt, 'Salt');
+    const sanitizedInfo = sanitizeInput(info, 'Info');
+
+    if (keylen < 0) {
+      throw new TypeError('Bad key length');
+    }
+
+    const nativeMod = getNative();
+    nativeMod
+      .deriveKey(
+        normalizedDigest,
+        sanitizedKey,
+        sanitizedSalt,
+        sanitizedInfo,
+        keylen,
+      )
+      .then(
+        res => {
+          callback(null, Buffer.from(res));
+        },
+        err => {
+          callback(err);
+        },
+      );
+  } catch (err) {
+    callback(err as Error);
+  }
+}
+
+export function hkdfSync(
+  digest: string,
+  key: KeyMaterial,
+  salt: Salt,
+  info: Info,
+  keylen: number,
+): Buffer {
+  const normalizedDigest = normalizeHashName(digest);
+  const sanitizedKey = sanitizeInput(key, 'Key');
+  const sanitizedSalt = sanitizeInput(salt, 'Salt');
+  const sanitizedInfo = sanitizeInput(info, 'Info');
+
+  if (keylen < 0) {
+    throw new TypeError('Bad key length');
+  }
+
+  const nativeMod = getNative();
+  const result = nativeMod.deriveKeySync(
+    normalizedDigest,
+    sanitizedKey,
+    sanitizedSalt,
+    sanitizedInfo,
+    keylen,
+  );
+
+  return Buffer.from(result);
+}
+
+export function hkdfDeriveBits(
+  algorithm: HkdfAlgorithm,
+  baseKey: CryptoKeyInternal,
+  length: number,
+): ArrayBuffer {
+  const hash = algorithm.hash;
+  const salt = algorithm.salt;
+  const info = algorithm.info;
+
+  // Check if key is extractable or we can access its handle/buffer
+  // For raw keys, we can export.
+  const keyBuffer = baseKey.keyObject.export();
+
+  // length is in bits, native expects bytes
+  const keylen = Math.ceil(length / 8);
+
+  const hashName = typeof hash === 'string' ? hash : hash.name;
+  const normalizedDigest = normalizeHashName(hashName);
+
+  const nativeMod = getNative();
+  const result = nativeMod.deriveKeySync(
+    normalizedDigest,
+    binaryLikeToArrayBuffer(keyBuffer),
+    binaryLikeToArrayBuffer(salt),
+    binaryLikeToArrayBuffer(info),
+    keylen,
+  );
+
+  return result;
+}

package/src/index.ts

@@ -8,7 +8,9 @@ import * as cipher from './cipher';
 import * as ed from './ed';
 import { hashExports as hash } from './hash';
 import { hmacExports as hmac } from './hmac';
+import * as hkdf from './hkdf';
 import * as pbkdf2 from './pbkdf2';
+import * as scrypt from './scrypt';
 import * as random from './random';
 import { constants } from './constants';
 
@@ -27,7 +29,9 @@ const QuickCrypto = {
   ...ed,
   ...hash,
   ...hmac,
+  ...hkdf,
   ...pbkdf2,
+  ...scrypt,
   ...random,
   ...utils,
   ...subtle,
@@ -47,7 +51,13 @@ export const install = () => {
 };
 
 // random, cipher, hash use nextTick
-global.process.nextTick = setImmediate;
+if (global.process == null) {
+  // @ts-expect-error - process is not defined
+  global.process = {};
+}
+if (global.process.nextTick == null) {
+  global.process.nextTick = setImmediate;
+}
 
 // exports
 export default QuickCrypto;
@@ -57,7 +67,9 @@ export * from './ed';
 export * from './keys';
 export * from './hash';
 export * from './hmac';
+export * from './hkdf';
 export * from './pbkdf2';
+export * from './scrypt';
 export * from './random';
 export * from './utils';
 export * from './subtle';

package/src/scrypt.ts

@@ -0,0 +1,134 @@
+import { Buffer } from '@craftzdog/react-native-buffer';
+import { NitroModules } from 'react-native-nitro-modules';
+import type { Scrypt as NativeScrypt } from './specs/scrypt.nitro';
+import { binaryLikeToArrayBuffer } from './utils';
+import type { BinaryLike } from './utils';
+
+type Password = BinaryLike;
+type Salt = BinaryLike;
+
+export interface ScryptOptions {
+  N?: number;
+  r?: number;
+  p?: number;
+  cost?: number;
+  blockSize?: number;
+  parallelization?: number;
+  maxmem?: number;
+}
+
+type ScryptCallback = (err: Error | null, derivedKey?: Buffer) => void;
+
+// Lazy load native module
+let native: NativeScrypt;
+function getNative(): NativeScrypt {
+  if (native == null) {
+    native = NitroModules.createHybridObject<NativeScrypt>('Scrypt');
+  }
+  return native;
+}
+
+const defaults = {
+  N: 16384,
+  r: 8,
+  p: 1,
+  maxmem: 32 * 1024 * 1024,
+};
+
+function getScryptParams(options?: ScryptOptions) {
+  const N = options?.N ?? options?.cost ?? defaults.N;
+  const r = options?.r ?? options?.blockSize ?? defaults.r;
+  const p = options?.p ?? options?.parallelization ?? defaults.p;
+  const maxmem = options?.maxmem ?? defaults.maxmem;
+
+  return { N, r, p, maxmem };
+}
+
+function validateCallback(callback: ScryptCallback) {
+  if (callback === undefined || typeof callback !== 'function') {
+    throw new Error('No callback provided to scrypt');
+  }
+}
+
+function sanitizeInput(input: BinaryLike, name: string): ArrayBuffer {
+  try {
+    return binaryLikeToArrayBuffer(input);
+  } catch {
+    throw new Error(
+      `${name} must be a string, a Buffer, a typed array, or a DataView`,
+    );
+  }
+}
+
+export function scrypt(
+  password: Password,
+  salt: Salt,
+  keylen: number,
+  options?: ScryptOptions | ScryptCallback,
+  callback?: ScryptCallback,
+): void {
+  let cb: ScryptCallback;
+  let opts: ScryptOptions | undefined;
+
+  if (typeof options === 'function') {
+    cb = options;
+    opts = undefined;
+  } else {
+    cb = callback!;
+    opts = options;
+  }
+
+  validateCallback(cb);
+
+  try {
+    const { N, r, p, maxmem } = getScryptParams(opts);
+    const sanitizedPassword = sanitizeInput(password, 'Password');
+    const sanitizedSalt = sanitizeInput(salt, 'Salt');
+
+    if (keylen < 0) {
+      throw new TypeError('Bad key length');
+    }
+
+    const nativeMod = getNative();
+    nativeMod
+      .deriveKey(sanitizedPassword, sanitizedSalt, N, r, p, maxmem, keylen)
+      .then(
+        res => {
+          cb(null, Buffer.from(res));
+        },
+        err => {
+          cb(err);
+        },
+      );
+  } catch (err) {
+    cb(err as Error);
+  }
+}
+
+export function scryptSync(
+  password: Password,
+  salt: Salt,
+  keylen: number,
+  options?: ScryptOptions,
+): Buffer {
+  const { N, r, p, maxmem } = getScryptParams(options);
+  const sanitizedPassword = sanitizeInput(password, 'Password');
+  const sanitizedSalt = sanitizeInput(salt, 'Salt');
+
+  if (keylen < 0) {
+    throw new TypeError('Bad key length');
+  }
+
+  const nativeMod = getNative();
+  const result = nativeMod.deriveKeySync(
+    sanitizedPassword,
+    sanitizedSalt,
+    N,
+    r,
+    p,
+    maxmem,
+    keylen,
+  );
+
+  return Buffer.from(result);
+}

package/src/specs/hkdf.nitro.ts

@@ -0,0 +1,19 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export interface Hkdf extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  deriveKeySync(
+    algorithm: string,
+    key: ArrayBuffer,
+    salt: ArrayBuffer,
+    info: ArrayBuffer,
+    length: number,
+  ): ArrayBuffer;
+
+  deriveKey(
+    algorithm: string,
+    key: ArrayBuffer,
+    salt: ArrayBuffer,
+    info: ArrayBuffer,
+    length: number,
+  ): Promise<ArrayBuffer>;
+}

package/src/specs/scrypt.nitro.ts

@@ -0,0 +1,23 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export interface Scrypt extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  deriveKey(
+    password: ArrayBuffer,
+    salt: ArrayBuffer,
+    N: number,
+    r: number,
+    p: number,
+    maxmem: number,
+    keylen: number,
+  ): Promise<ArrayBuffer>;
+
+  deriveKeySync(
+    password: ArrayBuffer,
+    salt: ArrayBuffer,
+    N: number,
+    r: number,
+    p: number,
+    maxmem: number,
+    keylen: number,
+  ): ArrayBuffer;
+}