react-native-quick-crypto 1.0.10 → 1.0.12

package/src/hash.ts

@@ -241,19 +241,38 @@ export const asyncDigest = async (
 ): Promise<ArrayBuffer> => {
   validateMaxBufferLength(data, 'data');
 
-  switch (algorithm.name) {
-    case 'SHA-1':
-    // Fall through
-    case 'SHA-256':
-    // Fall through
-    case 'SHA-384':
-    // Fall through
-    case 'SHA-512':
-      return internalDigest(algorithm, data);
+  const name = algorithm.name;
+
+  if (
+    name === 'SHA-1' ||
+    name === 'SHA-256' ||
+    name === 'SHA-384' ||
+    name === 'SHA-512' ||
+    name === 'SHA3-256' ||
+    name === 'SHA3-384' ||
+    name === 'SHA3-512'
+  ) {
+    return internalDigest(algorithm, data);
+  }
+
+  if (name === 'cSHAKE128' || name === 'cSHAKE256') {
+    if (typeof algorithm.length !== 'number' || algorithm.length <= 0) {
+      throw lazyDOMException(
+        'cSHAKE requires a length parameter',
+        'OperationError',
+      );
+    }
+    if (algorithm.length % 8) {
+      throw lazyDOMException(
+        'Unsupported CShakeParams length',
+        'NotSupportedError',
+      );
+    }
+    return internalDigest(algorithm, data, algorithm.length);
   }
 
   throw lazyDOMException(
-    `Unrecognized algorithm name: ${algorithm.name}`,
+    `Unrecognized algorithm name: ${name}`,
     'NotSupportedError',
   );
 };
@@ -261,9 +280,13 @@ export const asyncDigest = async (
 const internalDigest = (
   algorithm: SubtleAlgorithm,
   data: BufferLike,
+  outputLength?: number,
 ): ArrayBuffer => {
   const normalizedHashName = normalizeHashName(algorithm.name);
-  const hash = createHash(normalizedHashName);
+  const hash = createHash(
+    normalizedHashName,
+    outputLength ? { outputLength } : undefined,
+  );
   hash.update(bufferLikeToArrayBuffer(data));
   const result = hash.digest();
   const arrayBuffer = new ArrayBuffer(result.length);

package/src/hkdf.ts

@@ -3,6 +3,7 @@ import { NitroModules } from 'react-native-nitro-modules';
 import type { Hkdf as HkdfNative } from './specs/hkdf.nitro';
 import { binaryLikeToArrayBuffer, normalizeHashName } from './utils';
 import type { BinaryLike } from './utils';
+import type { CryptoKey } from './keys';
 
 type KeyMaterial = BinaryLike;
 type Salt = BinaryLike;
@@ -15,12 +16,6 @@ export interface HkdfAlgorithm {
   info: BinaryLike;
 }
 
-export interface CryptoKeyInternal {
-  keyObject: {
-    export: () => Buffer;
-  };
-}
-
 export interface HkdfCallback {
   (err: Error | null, derivedKey?: Buffer): void;
 }
@@ -122,7 +117,7 @@ export function hkdfSync(
 
 export function hkdfDeriveBits(
   algorithm: HkdfAlgorithm,
-  baseKey: CryptoKeyInternal,
+  baseKey: CryptoKey,
   length: number,
 ): ArrayBuffer {
   const hash = algorithm.hash;

package/src/index.ts

@@ -2,6 +2,7 @@
 import { Buffer } from '@craftzdog/react-native-buffer';
 
 // API imports
+import * as argon2Module from './argon2';
 import * as keys from './keys';
 import * as blake3 from './blake3';
 import * as cipher from './cipher';
@@ -10,10 +11,14 @@ import { hashExports as hash } from './hash';
 import { hmacExports as hmac } from './hmac';
 import * as hkdf from './hkdf';
 import * as pbkdf2 from './pbkdf2';
+import * as prime from './prime';
 import * as scrypt from './scrypt';
 import * as random from './random';
 import * as ecdh from './ecdh';
 import * as dh from './diffie-hellman';
+import * as mlkem from './mlkem';
+import { Certificate } from './certificate';
+import { X509Certificate } from './x509certificate';
 import { getCurves } from './ec';
 import { constants } from './constants';
 
@@ -26,6 +31,7 @@ import * as subtle from './subtle';
  * See `docs/implementation-coverage.md` for status.
  */
 const QuickCrypto = {
+  ...argon2Module,
   ...keys,
   ...blake3,
   ...cipher,
@@ -34,12 +40,16 @@ const QuickCrypto = {
   ...hmac,
   ...hkdf,
   ...pbkdf2,
+  ...prime,
   ...scrypt,
   ...random,
   ...ecdh,
   ...dh,
+  ...mlkem,
   ...utils,
   ...subtle,
+  Certificate,
+  X509Certificate,
   getCurves,
   constants,
   Buffer,
@@ -72,7 +82,11 @@ if (global.process.nextTick == null) {
 
 // exports
 export default QuickCrypto;
+export * from './argon2';
 export * from './blake3';
+export { Certificate } from './certificate';
+export { X509Certificate } from './x509certificate';
+export type { CheckOptions, X509LegacyObject } from './x509certificate';
 export * from './cipher';
 export * from './ed';
 export * from './keys';
@@ -80,11 +94,13 @@ export * from './hash';
 export * from './hmac';
 export * from './hkdf';
 export * from './pbkdf2';
+export * from './prime';
 export * from './scrypt';
 export * from './random';
 export * from './ecdh';
 export { getCurves } from './ec';
 export * from './diffie-hellman';
+export * from './mlkem';
 export * from './utils';
 export * from './subtle';
 export { subtle, isCryptoKeyPair } from './subtle';

package/src/keys/classes.ts

@@ -3,6 +3,7 @@ import { NitroModules } from 'react-native-nitro-modules';
 import type {
   AsymmetricKeyType,
   EncodingOptions,
+  JWK,
   KeyDetail,
   KeyObjectHandle,
   KeyUsage,
@@ -81,10 +82,10 @@ export class KeyObject {
 
   export(options: { format: 'pem' } & EncodingOptions): string | Buffer;
   export(options?: { format: 'der' } & EncodingOptions): Buffer;
-  export(options?: { format: 'jwk' } & EncodingOptions): never;
-  export(options?: EncodingOptions): string | Buffer;
+  export(options?: { format: 'jwk' } & EncodingOptions): JWK;
+  export(options?: EncodingOptions): string | Buffer | JWK;
   // eslint-disable-next-line @typescript-eslint/no-unused-vars
-  export(_options?: EncodingOptions): string | Buffer {
+  export(_options?: EncodingOptions): string | Buffer | JWK {
     // This is a placeholder and should be overridden by subclasses.
     throw new Error('export() must be implemented by subclasses');
   }
@@ -126,11 +127,22 @@ export class KeyObject {
     this.type = type as 'public' | 'secret' | 'private';
   }
 
-  // static from(key) {
-  //   if (!isCryptoKey(key))
-  //     throw new ERR_INVALID_ARG_TYPE('key', 'CryptoKey', key);
-  //   return key[kKeyObject];
-  // }
+  static from(key: CryptoKey): KeyObject {
+    if (!(key instanceof CryptoKey)) {
+      throw new TypeError(
+        `The "key" argument must be an instance of CryptoKey. Received ${typeof key}`,
+      );
+    }
+    return key.keyObject;
+  }
+
+  toCryptoKey(
+    algorithm: SubtleAlgorithm,
+    extractable: boolean,
+    keyUsages: KeyUsage[],
+  ): CryptoKey {
+    return new CryptoKey(this, algorithm, keyUsages, extractable);
+  }
 
   static createKeyObject(
     type: string,
@@ -273,10 +285,10 @@ export class PublicKeyObject extends AsymmetricKeyObject {
 
   export(options: { format: 'pem' } & EncodingOptions): string;
   export(options: { format: 'der' } & EncodingOptions): Buffer;
-  export(options: { format: 'jwk' } & EncodingOptions): never;
-  export(options: EncodingOptions): string | Buffer {
+  export(options: { format: 'jwk' } & EncodingOptions): JWK;
+  export(options: EncodingOptions): string | Buffer | JWK {
     if (options?.format === 'jwk') {
-      throw new Error('PublicKey export for jwk is not implemented');
+      return this.handle.exportJwk({}, false);
     }
     const { format, type } = parsePublicKeyEncoding(
       options,
@@ -298,13 +310,13 @@ export class PrivateKeyObject extends AsymmetricKeyObject {
 
   export(options: { format: 'pem' } & EncodingOptions): string;
   export(options: { format: 'der' } & EncodingOptions): Buffer;
-  export(options: { format: 'jwk' } & EncodingOptions): never;
-  export(options: EncodingOptions): string | Buffer {
+  export(options: { format: 'jwk' } & EncodingOptions): JWK;
+  export(options: EncodingOptions): string | Buffer | JWK {
     if (options?.format === 'jwk') {
       if (options.passphrase !== undefined) {
         throw new Error('jwk does not support encryption');
       }
-      throw new Error('PrivateKey export for jwk is not implemented');
+      return this.handle.exportJwk({}, false);
     }
     const { format, type, cipher, passphrase } = parsePrivateKeyEncoding(
       options,

package/src/keys/generateKeyPair.ts

@@ -1,6 +1,11 @@
 import { ed_generateKeyPair } from '../ed';
 import { rsa_generateKeyPairNode, rsa_generateKeyPairNodeSync } from '../rsa';
 import { ec_generateKeyPairNode, ec_generateKeyPairNodeSync } from '../ec';
+import { dsa_generateKeyPairNode, dsa_generateKeyPairNodeSync } from '../dsa';
+import {
+  dh_generateKeyPairNode,
+  dh_generateKeyPairNodeSync,
+} from '../dhKeyPair';
 import {
   kEmptyObject,
   validateFunction,
@@ -139,6 +144,7 @@ function internalGenerateKeyPair(
     case 'rsa-pss':
     case 'dsa':
     case 'ec':
+    case 'dh':
       break;
     default: {
       const err = new Error(`
@@ -158,6 +164,10 @@ function internalGenerateKeyPair(
           result = await rsa_generateKeyPairNode(type, options, encoding);
         } else if (type === 'ec') {
           result = await ec_generateKeyPairNode(options, encoding);
+        } else if (type === 'dsa') {
+          result = await dsa_generateKeyPairNode(options, encoding);
+        } else if (type === 'dh') {
+          result = await dh_generateKeyPairNode(options, encoding);
         } else {
           throw new Error(`Unsupported key type: ${type}`);
         }
@@ -184,6 +194,10 @@ function internalGenerateKeyPair(
       result = rsa_generateKeyPairNodeSync(type, options, encoding);
     } else if (type === 'ec') {
       result = ec_generateKeyPairNodeSync(options, encoding);
+    } else if (type === 'dsa') {
+      result = dsa_generateKeyPairNodeSync(options, encoding);
+    } else if (type === 'dh') {
+      result = dh_generateKeyPairNodeSync(options, encoding);
     } else {
       throw new Error(`Unsupported key type: ${type}`);
     }

package/src/keys/index.ts

@@ -27,17 +27,19 @@ import {
   parsePrivateKeyEncoding,
   parsePublicKeyEncoding,
 } from './utils';
-import type { BinaryLike } from '../utils';
+import { NitroModules } from 'react-native-nitro-modules';
+import type { BinaryLike, JWK, KeyObjectHandle } from '../utils';
 import {
   binaryLikeToArrayBuffer as toAB,
   isStringOrBuffer,
   KFormatType,
   KeyEncoding,
+  KeyType,
 } from '../utils';
 import { randomBytes } from '../random';
 
 interface KeyInputObject {
-  key: BinaryLike | KeyObject | CryptoKey;
+  key: BinaryLike | KeyObject | CryptoKey | JWK;
   format?: 'pem' | 'der' | 'jwk';
   type?: 'pkcs1' | 'pkcs8' | 'spki' | 'sec1';
   passphrase?: BinaryLike;
@@ -123,6 +125,29 @@ function prepareAsymmetricKey(
 }
 
 function createPublicKey(key: KeyInput): PublicKeyObject {
+  if (typeof key === 'object' && 'key' in key && key.format === 'jwk') {
+    const handle =
+      NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+    const keyType = handle.initJwk(key.key as JWK);
+    if (keyType === undefined) {
+      throw new Error('Failed to import JWK');
+    }
+    if (keyType === KeyType.PRIVATE) {
+      // Extract public from private
+      const exported = handle.exportKey(KFormatType.DER, KeyEncoding.SPKI);
+      const pubHandle =
+        NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+      pubHandle.init(
+        KeyType.PUBLIC,
+        exported,
+        KFormatType.DER,
+        KeyEncoding.SPKI,
+      );
+      return new PublicKeyObject(pubHandle);
+    }
+    return new PublicKeyObject(handle);
+  }
+
   const { data, format, type } = prepareAsymmetricKey(key, true);
 
   // Map format string to KFormatType enum
@@ -144,6 +169,16 @@ function createPublicKey(key: KeyInput): PublicKeyObject {
 }
 
 function createPrivateKey(key: KeyInput): PrivateKeyObject {
+  if (typeof key === 'object' && 'key' in key && key.format === 'jwk') {
+    const handle =
+      NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+    const keyType = handle.initJwk(key.key as JWK);
+    if (keyType === undefined || keyType !== KeyType.PRIVATE) {
+      throw new Error('Failed to import private key from JWK');
+    }
+    return new PrivateKeyObject(handle);
+  }
+
   const { data, format, type } = prepareAsymmetricKey(key, false);
 
   // Map format string to KFormatType enum

package/src/keys/signVerify.ts

@@ -119,12 +119,7 @@ function prepareKey(key: KeyInput, isPublic: boolean): PreparedKey {
 
     const keyType = isPublic ? 'public' : 'private';
     // Always convert to ArrayBuffer to avoid Nitro bridge string truncation bug
-    const originalLength =
-      typeof data === 'string' ? data.length : data.byteLength;
     const keyData = toAB(data);
-    console.log(
-      `[prepareKey KeyInputObject] ${keyType} key, original length: ${originalLength}, ArrayBuffer size: ${keyData.byteLength}`,
-    );
     const keyObject = KeyObject.createKeyObject(
       keyType,
       keyData,