react-native-quick-crypto 1.0.10 → 1.0.12

package/cpp/cipher/XSalsa20Poly1305Cipher.cpp

@@ -40,10 +40,11 @@ void XSalsa20Poly1305Cipher::init(const std::shared_ptr<ArrayBuffer> cipher_key,
   std::memcpy(nonce_, native_iv->data(), kNonceSize);
 
   data_buffer_.clear();
-  final_called_ = false;
+  is_finalized = false;
 }
 
 std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::update(const std::shared_ptr<ArrayBuffer>& data) {
+  checkNotFinalized();
 #ifndef BLSALLOC_SODIUM
   throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
 #else
@@ -59,6 +60,7 @@ std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::update(const std::shared_pt
 }
 
 std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::final() {
+  checkNotFinalized();
 #ifndef BLSALLOC_SODIUM
   throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
 #else
@@ -73,12 +75,12 @@ std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::final() {
       throw std::runtime_error("XSalsa20Poly1305Cipher: encryption failed");
     }
 
-    final_called_ = true;
+    is_finalized = true;
     size_t ct_len = data_buffer_.size();
     return std::make_shared<NativeArrayBuffer>(ciphertext, ct_len, [=]() { delete[] ciphertext; });
   } else {
     if (data_buffer_.empty()) {
-      final_called_ = true;
+      is_finalized = true;
       return std::make_shared<NativeArrayBuffer>(nullptr, 0, nullptr);
     }
 
@@ -92,7 +94,7 @@ std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::final() {
       throw std::runtime_error("XSalsa20Poly1305Cipher: decryption failed - authentication tag mismatch");
     }
 
-    final_called_ = true;
+    is_finalized = true;
     size_t pt_len = data_buffer_.size();
     return std::make_shared<NativeArrayBuffer>(plaintext, pt_len, [=]() { delete[] plaintext; });
   }
@@ -110,7 +112,7 @@ std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::getAuthTag() {
   if (!is_cipher) {
     throw std::runtime_error("getAuthTag can only be called during encryption");
   }
-  if (!final_called_) {
+  if (!is_finalized) {
     throw std::runtime_error("getAuthTag must be called after final()");
   }
 

package/cpp/cipher/XSalsa20Poly1305Cipher.hpp

@@ -16,7 +16,7 @@ namespace margelo::nitro::crypto {
 
 class XSalsa20Poly1305Cipher : public HybridCipher {
  public:
-  XSalsa20Poly1305Cipher() : HybridObject(TAG), final_called_(false) {}
+  XSalsa20Poly1305Cipher() : HybridObject(TAG) {}
   ~XSalsa20Poly1305Cipher();
 
   void init(const std::shared_ptr<ArrayBuffer> cipher_key, const std::shared_ptr<ArrayBuffer> iv) override;
@@ -36,7 +36,6 @@ class XSalsa20Poly1305Cipher : public HybridCipher {
   uint8_t nonce_[kNonceSize];
   std::vector<uint8_t> data_buffer_;
   uint8_t auth_tag_[kTagSize];
-  bool final_called_;
 };
 
 } // namespace margelo::nitro::crypto

package/cpp/dh/HybridDhKeyPair.cpp

@@ -0,0 +1,179 @@
+#include "HybridDhKeyPair.hpp"
+
+#include <NitroModules/ArrayBuffer.hpp>
+#include <NitroModules/Promise.hpp>
+#include <memory>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/buffer.h>
+#include <openssl/dh.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <stdexcept>
+#include <string>
+
+// Suppress deprecation warnings for DH_* functions
+// Node.js ncrypto uses the same pattern — these APIs work but are deprecated in OpenSSL 3.x
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+
+namespace margelo::nitro::crypto {
+
+using BN_ptr = std::unique_ptr<BIGNUM, decltype(&BN_free)>;
+using DH_ptr = std::unique_ptr<DH, decltype(&DH_free)>;
+using EVP_PKEY_CTX_ptr = std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)>;
+
+void HybridDhKeyPair::setPrimeLength(double primeLength) {
+  primeLength_ = static_cast<int>(primeLength);
+}
+
+void HybridDhKeyPair::setPrime(const std::shared_ptr<ArrayBuffer>& prime) {
+  prime_.assign(prime->data(), prime->data() + prime->size());
+}
+
+void HybridDhKeyPair::setGenerator(double generator) {
+  generator_ = static_cast<int>(generator);
+}
+
+std::shared_ptr<Promise<void>> HybridDhKeyPair::generateKeyPair() {
+  return Promise<void>::async([this]() { this->generateKeyPairSync(); });
+}
+
+void HybridDhKeyPair::generateKeyPairSync() {
+  pkey_.reset();
+
+  EVP_PKEY* params = nullptr;
+
+  if (!prime_.empty()) {
+    // Mode B: Custom prime provided as binary
+    DH_ptr dh(DH_new(), DH_free);
+    if (!dh) {
+      throw std::runtime_error("DH: failed to create DH structure");
+    }
+
+    BIGNUM* p = BN_bin2bn(prime_.data(), static_cast<int>(prime_.size()), nullptr);
+    BIGNUM* g = BN_new();
+    if (!p || !g) {
+      if (p)
+        BN_free(p);
+      if (g)
+        BN_free(g);
+      throw std::runtime_error("DH: failed to create BIGNUM parameters");
+    }
+    BN_set_word(g, static_cast<unsigned long>(generator_));
+
+    if (DH_set0_pqg(dh.get(), p, nullptr, g) != 1) {
+      BN_free(p);
+      BN_free(g);
+      throw std::runtime_error("DH: failed to set DH parameters");
+    }
+
+    EVP_PKEY* pkey_params = EVP_PKEY_new();
+    if (!pkey_params) {
+      throw std::runtime_error("DH: failed to create EVP_PKEY for parameters");
+    }
+
+    if (EVP_PKEY_assign_DH(pkey_params, dh.get()) != 1) {
+      EVP_PKEY_free(pkey_params);
+      throw std::runtime_error("DH: failed to assign DH to EVP_PKEY");
+    }
+    dh.release(); // EVP_PKEY now owns it
+
+    params = pkey_params;
+
+  } else if (primeLength_ > 0) {
+    // Mode C: Generate random prime of given size
+    EVP_PKEY_CTX_ptr pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DH, nullptr), EVP_PKEY_CTX_free);
+    if (!pctx) {
+      throw std::runtime_error("DH: failed to create parameter context");
+    }
+
+    if (EVP_PKEY_paramgen_init(pctx.get()) <= 0) {
+      throw std::runtime_error("DH: failed to initialize parameter generation");
+    }
+
+    if (EVP_PKEY_CTX_set_dh_paramgen_prime_len(pctx.get(), primeLength_) <= 0) {
+      throw std::runtime_error("DH: failed to set prime length");
+    }
+
+    if (EVP_PKEY_CTX_set_dh_paramgen_generator(pctx.get(), generator_) <= 0) {
+      throw std::runtime_error("DH: failed to set generator");
+    }
+
+    if (EVP_PKEY_paramgen(pctx.get(), &params) <= 0) {
+      throw std::runtime_error("DH: failed to generate parameters");
+    }
+  } else {
+    throw std::runtime_error("DH: either prime or primeLength must be set");
+  }
+
+  std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> params_guard(params, EVP_PKEY_free);
+
+  // Generate key pair from parameters
+  EVP_PKEY_CTX_ptr kctx(EVP_PKEY_CTX_new(params, nullptr), EVP_PKEY_CTX_free);
+  if (!kctx) {
+    throw std::runtime_error("DH: failed to create keygen context");
+  }
+
+  if (EVP_PKEY_keygen_init(kctx.get()) <= 0) {
+    throw std::runtime_error("DH: failed to initialize key generation");
+  }
+
+  EVP_PKEY* raw_pkey = nullptr;
+  if (EVP_PKEY_keygen(kctx.get(), &raw_pkey) <= 0) {
+    throw std::runtime_error("DH: failed to generate key pair");
+  }
+
+  pkey_.reset(raw_pkey);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDhKeyPair::getPublicKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DH: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DH: failed to create BIO for public key export");
+  }
+
+  if (i2d_PUBKEY_bio(bio, pkey_.get()) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DH: failed to export public key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDhKeyPair::getPrivateKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DH: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DH: failed to create BIO for private key export");
+  }
+
+  if (i2d_PKCS8PrivateKey_bio(bio, pkey_.get(), nullptr, nullptr, 0, nullptr, nullptr) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DH: failed to export private key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+#pragma clang diagnostic pop
+
+} // namespace margelo::nitro::crypto

package/cpp/dh/HybridDhKeyPair.hpp

@@ -0,0 +1,37 @@
+#pragma once
+
+#include <memory>
+#include <openssl/dh.h>
+#include <openssl/evp.h>
+#include <string>
+#include <vector>
+
+#include "HybridDhKeyPairSpec.hpp"
+#include "QuickCryptoUtils.hpp"
+
+namespace margelo::nitro::crypto {
+
+class HybridDhKeyPair : public HybridDhKeyPairSpec {
+ public:
+  HybridDhKeyPair() : HybridObject(TAG) {}
+  ~HybridDhKeyPair() override = default;
+
+ public:
+  std::shared_ptr<Promise<void>> generateKeyPair() override;
+  void generateKeyPairSync() override;
+  void setPrimeLength(double primeLength) override;
+  void setPrime(const std::shared_ptr<ArrayBuffer>& prime) override;
+  void setGenerator(double generator) override;
+  std::shared_ptr<ArrayBuffer> getPublicKey() override;
+  std::shared_ptr<ArrayBuffer> getPrivateKey() override;
+
+ private:
+  int primeLength_ = 0;
+  std::vector<uint8_t> prime_;
+  int generator_ = 2;
+
+  using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>;
+  EVP_PKEY_ptr pkey_{nullptr, EVP_PKEY_free};
+};
+
+} // namespace margelo::nitro::crypto

package/cpp/dsa/HybridDsaKeyPair.cpp

@@ -0,0 +1,128 @@
+#include "HybridDsaKeyPair.hpp"
+
+#include <NitroModules/ArrayBuffer.hpp>
+#include <NitroModules/Promise.hpp>
+#include <memory>
+#include <openssl/bio.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <stdexcept>
+#include <string>
+
+namespace margelo::nitro::crypto {
+
+void HybridDsaKeyPair::setModulusLength(double modulusLength) {
+  modulusLength_ = static_cast<int>(modulusLength);
+}
+
+void HybridDsaKeyPair::setDivisorLength(double divisorLength) {
+  divisorLength_ = static_cast<int>(divisorLength);
+}
+
+std::shared_ptr<Promise<void>> HybridDsaKeyPair::generateKeyPair() {
+  return Promise<void>::async([this]() { this->generateKeyPairSync(); });
+}
+
+void HybridDsaKeyPair::generateKeyPairSync() {
+  if (modulusLength_ <= 0) {
+    throw std::runtime_error("DSA modulusLength must be set before generating key pair");
+  }
+
+  pkey_.reset();
+
+  // Step 1: Generate DSA parameters
+  std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)> param_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, nullptr), EVP_PKEY_CTX_free);
+
+  if (!param_ctx) {
+    throw std::runtime_error("DSA: failed to create parameter context");
+  }
+
+  if (EVP_PKEY_paramgen_init(param_ctx.get()) <= 0) {
+    throw std::runtime_error("DSA: failed to initialize parameter generation");
+  }
+
+  if (EVP_PKEY_CTX_set_dsa_paramgen_bits(param_ctx.get(), modulusLength_) <= 0) {
+    throw std::runtime_error("DSA: failed to set modulus length");
+  }
+
+  if (divisorLength_ >= 0) {
+    if (EVP_PKEY_CTX_set_dsa_paramgen_q_bits(param_ctx.get(), divisorLength_) <= 0) {
+      throw std::runtime_error("DSA: failed to set divisor length");
+    }
+  }
+
+  EVP_PKEY* raw_params = nullptr;
+  if (EVP_PKEY_paramgen(param_ctx.get(), &raw_params) <= 0) {
+    throw std::runtime_error("DSA: failed to generate parameters");
+  }
+
+  std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> params(raw_params, EVP_PKEY_free);
+
+  // Step 2: Generate key pair from parameters
+  std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)> key_ctx(EVP_PKEY_CTX_new(params.get(), nullptr), EVP_PKEY_CTX_free);
+
+  if (!key_ctx) {
+    throw std::runtime_error("DSA: failed to create key generation context");
+  }
+
+  if (EVP_PKEY_keygen_init(key_ctx.get()) <= 0) {
+    throw std::runtime_error("DSA: failed to initialize key generation");
+  }
+
+  EVP_PKEY* raw_pkey = nullptr;
+  if (EVP_PKEY_keygen(key_ctx.get(), &raw_pkey) <= 0) {
+    throw std::runtime_error("DSA: failed to generate key pair");
+  }
+
+  pkey_.reset(raw_pkey);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDsaKeyPair::getPublicKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DSA: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DSA: failed to create BIO for public key export");
+  }
+
+  if (i2d_PUBKEY_bio(bio, pkey_.get()) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DSA: failed to export public key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDsaKeyPair::getPrivateKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DSA: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DSA: failed to create BIO for private key export");
+  }
+
+  if (i2d_PKCS8PrivateKey_bio(bio, pkey_.get(), nullptr, nullptr, 0, nullptr, nullptr) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DSA: failed to export private key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+} // namespace margelo::nitro::crypto

package/cpp/dsa/HybridDsaKeyPair.hpp

@@ -0,0 +1,32 @@
+#pragma once
+
+#include <memory>
+#include <openssl/evp.h>
+
+#include "HybridDsaKeyPairSpec.hpp"
+#include "QuickCryptoUtils.hpp"
+
+namespace margelo::nitro::crypto {
+
+class HybridDsaKeyPair : public HybridDsaKeyPairSpec {
+ public:
+  HybridDsaKeyPair() : HybridObject(TAG) {}
+  ~HybridDsaKeyPair() override = default;
+
+ public:
+  std::shared_ptr<Promise<void>> generateKeyPair() override;
+  void generateKeyPairSync() override;
+  void setModulusLength(double modulusLength) override;
+  void setDivisorLength(double divisorLength) override;
+  std::shared_ptr<ArrayBuffer> getPublicKey() override;
+  std::shared_ptr<ArrayBuffer> getPrivateKey() override;
+
+ private:
+  int modulusLength_ = 0;
+  int divisorLength_ = -1;
+
+  using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>;
+  EVP_PKEY_ptr pkey_{nullptr, EVP_PKEY_free};
+};
+
+} // namespace margelo::nitro::crypto