npm - react-native-quick-crypto - Versions diffs - 1.0.11 → 1.0.13 - Mend

react-native-quick-crypto 1.0.11 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (197) hide show

package/android/CMakeLists.txt +7 -0
package/cpp/cipher/CCMCipher.cpp +4 -1
package/cpp/cipher/ChaCha20Cipher.cpp +3 -1
package/cpp/cipher/ChaCha20Poly1305Cipher.cpp +5 -5
package/cpp/cipher/ChaCha20Poly1305Cipher.hpp +1 -2
package/cpp/cipher/HybridCipher.cpp +10 -1
package/cpp/cipher/HybridCipher.hpp +2 -0
package/cpp/cipher/HybridRsaCipher.cpp +0 -13
package/cpp/cipher/XChaCha20Poly1305Cipher.cpp +7 -5
package/cpp/cipher/XChaCha20Poly1305Cipher.hpp +1 -2
package/cpp/cipher/XSalsa20Cipher.cpp +4 -0
package/cpp/cipher/XSalsa20Poly1305Cipher.cpp +7 -5
package/cpp/cipher/XSalsa20Poly1305Cipher.hpp +1 -2
package/cpp/ecdh/HybridECDH.cpp +20 -133
package/cpp/keys/HybridKeyObjectHandle.cpp +144 -141
package/cpp/keys/HybridKeyObjectHandle.hpp +6 -3
package/cpp/keys/KeyObjectData.hpp +2 -0
package/cpp/kmac/HybridKmac.cpp +83 -0
package/cpp/kmac/HybridKmac.hpp +31 -0
package/cpp/mldsa/HybridMlDsaKeyPair.cpp +11 -20
package/cpp/mldsa/HybridMlDsaKeyPair.hpp +4 -2
package/cpp/mlkem/HybridMlKemKeyPair.cpp +319 -0
package/cpp/mlkem/HybridMlKemKeyPair.hpp +48 -0
package/cpp/sign/SignUtils.hpp +9 -26
package/cpp/utils/QuickCryptoUtils.cpp +44 -0
package/cpp/utils/QuickCryptoUtils.hpp +39 -0
package/cpp/x509/HybridX509Certificate.cpp +174 -0
package/cpp/x509/HybridX509Certificate.hpp +51 -0
package/lib/commonjs/cipher.js +15 -2
package/lib/commonjs/cipher.js.map +1 -1
package/lib/commonjs/dhKeyPair.js +3 -3
package/lib/commonjs/dhKeyPair.js.map +1 -1
package/lib/commonjs/dsa.js +3 -3
package/lib/commonjs/dsa.js.map +1 -1
package/lib/commonjs/ec.js +18 -18
package/lib/commonjs/ec.js.map +1 -1
package/lib/commonjs/ed.js +9 -9
package/lib/commonjs/ed.js.map +1 -1
package/lib/commonjs/hash.js +17 -12
package/lib/commonjs/hash.js.map +1 -1
package/lib/commonjs/hkdf.js.map +1 -1
package/lib/commonjs/index.js +22 -0
package/lib/commonjs/index.js.map +1 -1
package/lib/commonjs/keys/classes.js +2 -2
package/lib/commonjs/keys/classes.js.map +1 -1
package/lib/commonjs/keys/index.js +24 -0
package/lib/commonjs/keys/index.js.map +1 -1
package/lib/commonjs/keys/publicCipher.js +2 -2
package/lib/commonjs/keys/publicCipher.js.map +1 -1
package/lib/commonjs/keys/signVerify.js +0 -2
package/lib/commonjs/keys/signVerify.js.map +1 -1
package/lib/commonjs/mlkem.js +219 -0
package/lib/commonjs/mlkem.js.map +1 -0
package/lib/commonjs/pbkdf2.js +18 -1
package/lib/commonjs/pbkdf2.js.map +1 -1
package/lib/commonjs/rsa.js +7 -7
package/lib/commonjs/rsa.js.map +1 -1
package/lib/commonjs/specs/kmac.nitro.js +6 -0
package/lib/commonjs/specs/kmac.nitro.js.map +1 -0
package/lib/commonjs/specs/mlKemKeyPair.nitro.js +6 -0
package/lib/commonjs/specs/mlKemKeyPair.nitro.js.map +1 -0
package/lib/commonjs/specs/x509certificate.nitro.js +6 -0
package/lib/commonjs/specs/x509certificate.nitro.js.map +1 -0
package/lib/commonjs/subtle.js +292 -112
package/lib/commonjs/subtle.js.map +1 -1
package/lib/commonjs/utils/conversion.js +3 -3
package/lib/commonjs/utils/conversion.js.map +1 -1
package/lib/commonjs/utils/hashnames.js +31 -0
package/lib/commonjs/utils/hashnames.js.map +1 -1
package/lib/commonjs/utils/types.js.map +1 -1
package/lib/commonjs/x509certificate.js +189 -0
package/lib/commonjs/x509certificate.js.map +1 -0
package/lib/module/cipher.js +16 -3
package/lib/module/cipher.js.map +1 -1
package/lib/module/dhKeyPair.js +1 -1
package/lib/module/dhKeyPair.js.map +1 -1
package/lib/module/dsa.js +1 -1
package/lib/module/dsa.js.map +1 -1
package/lib/module/ec.js +6 -6
package/lib/module/ec.js.map +1 -1
package/lib/module/ed.js +1 -1
package/lib/module/ed.js.map +1 -1
package/lib/module/hash.js +17 -12
package/lib/module/hash.js.map +1 -1
package/lib/module/hkdf.js.map +1 -1
package/lib/module/index.js +6 -0
package/lib/module/index.js.map +1 -1
package/lib/module/keys/classes.js +2 -2
package/lib/module/keys/classes.js.map +1 -1
package/lib/module/keys/index.js +25 -1
package/lib/module/keys/index.js.map +1 -1
package/lib/module/keys/publicCipher.js +2 -2
package/lib/module/keys/publicCipher.js.map +1 -1
package/lib/module/keys/signVerify.js +0 -2
package/lib/module/keys/signVerify.js.map +1 -1
package/lib/module/mlkem.js +211 -0
package/lib/module/mlkem.js.map +1 -0
package/lib/module/pbkdf2.js +18 -1
package/lib/module/pbkdf2.js.map +1 -1
package/lib/module/rsa.js +1 -1
package/lib/module/rsa.js.map +1 -1
package/lib/module/specs/kmac.nitro.js +4 -0
package/lib/module/specs/kmac.nitro.js.map +1 -0
package/lib/module/specs/mlKemKeyPair.nitro.js +4 -0
package/lib/module/specs/mlKemKeyPair.nitro.js.map +1 -0
package/lib/module/specs/x509certificate.nitro.js +4 -0
package/lib/module/specs/x509certificate.nitro.js.map +1 -0
package/lib/module/subtle.js +292 -112
package/lib/module/subtle.js.map +1 -1
package/lib/module/utils/conversion.js +3 -4
package/lib/module/utils/conversion.js.map +1 -1
package/lib/module/utils/hashnames.js +31 -0
package/lib/module/utils/hashnames.js.map +1 -1
package/lib/module/utils/types.js.map +1 -1
package/lib/module/x509certificate.js +184 -0
package/lib/module/x509certificate.js.map +1 -0
package/lib/tsconfig.tsbuildinfo +1 -1
package/lib/typescript/cipher.d.ts +3 -0
package/lib/typescript/cipher.d.ts.map +1 -1
package/lib/typescript/dhKeyPair.d.ts +1 -1
package/lib/typescript/dhKeyPair.d.ts.map +1 -1
package/lib/typescript/dsa.d.ts +1 -1
package/lib/typescript/dsa.d.ts.map +1 -1
package/lib/typescript/ec.d.ts +1 -1
package/lib/typescript/ec.d.ts.map +1 -1
package/lib/typescript/ed.d.ts +1 -1
package/lib/typescript/ed.d.ts.map +1 -1
package/lib/typescript/hash.d.ts.map +1 -1
package/lib/typescript/hkdf.d.ts +2 -6
package/lib/typescript/hkdf.d.ts.map +1 -1
package/lib/typescript/index.d.ts +15 -4
package/lib/typescript/index.d.ts.map +1 -1
package/lib/typescript/keys/classes.d.ts +5 -5
package/lib/typescript/keys/classes.d.ts.map +1 -1
package/lib/typescript/keys/index.d.ts +2 -2
package/lib/typescript/keys/index.d.ts.map +1 -1
package/lib/typescript/keys/signVerify.d.ts.map +1 -1
package/lib/typescript/mlkem.d.ts +30 -0
package/lib/typescript/mlkem.d.ts.map +1 -0
package/lib/typescript/pbkdf2.d.ts +2 -2
package/lib/typescript/pbkdf2.d.ts.map +1 -1
package/lib/typescript/rsa.d.ts +1 -1
package/lib/typescript/rsa.d.ts.map +1 -1
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts +1 -0
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts.map +1 -1
package/lib/typescript/specs/kmac.nitro.d.ts +10 -0
package/lib/typescript/specs/kmac.nitro.d.ts.map +1 -0
package/lib/typescript/specs/mlKemKeyPair.nitro.d.ts +18 -0
package/lib/typescript/specs/mlKemKeyPair.nitro.d.ts.map +1 -0
package/lib/typescript/specs/x509certificate.nitro.d.ts +34 -0
package/lib/typescript/specs/x509certificate.nitro.d.ts.map +1 -0
package/lib/typescript/subtle.d.ts +10 -0
package/lib/typescript/subtle.d.ts.map +1 -1
package/lib/typescript/utils/conversion.d.ts.map +1 -1
package/lib/typescript/utils/hashnames.d.ts +1 -1
package/lib/typescript/utils/hashnames.d.ts.map +1 -1
package/lib/typescript/utils/types.d.ts +13 -7
package/lib/typescript/utils/types.d.ts.map +1 -1
package/lib/typescript/x509certificate.d.ts +64 -0
package/lib/typescript/x509certificate.d.ts.map +1 -0
package/nitrogen/generated/android/QuickCrypto+autolinking.cmake +3 -0
package/nitrogen/generated/android/QuickCryptoOnLoad.cpp +30 -0
package/nitrogen/generated/ios/QuickCryptoAutolinking.mm +30 -0
package/nitrogen/generated/shared/c++/AsymmetricKeyType.hpp +12 -0
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.cpp +1 -0
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.hpp +1 -0
package/nitrogen/generated/shared/c++/HybridKmacSpec.cpp +23 -0
package/nitrogen/generated/shared/c++/HybridKmacSpec.hpp +66 -0
package/nitrogen/generated/shared/c++/HybridMlKemKeyPairSpec.cpp +31 -0
package/nitrogen/generated/shared/c++/HybridMlKemKeyPairSpec.hpp +74 -0
package/nitrogen/generated/shared/c++/HybridX509CertificateHandleSpec.cpp +46 -0
package/nitrogen/generated/shared/c++/HybridX509CertificateHandleSpec.hpp +96 -0
package/package.json +4 -1
package/src/cipher.ts +17 -3
package/src/dhKeyPair.ts +1 -1
package/src/dsa.ts +1 -1
package/src/ec.ts +9 -9
package/src/ed.ts +2 -2
package/src/hash.ts +34 -11
package/src/hkdf.ts +2 -7
package/src/index.ts +7 -0
package/src/keys/classes.ts +10 -9
package/src/keys/index.ts +37 -2
package/src/keys/publicCipher.ts +2 -2
package/src/keys/signVerify.ts +0 -5
package/src/mlkem.ts +350 -0
package/src/pbkdf2.ts +34 -5
package/src/rsa.ts +1 -1
package/src/specs/keyObjectHandle.nitro.ts +5 -0
package/src/specs/kmac.nitro.ts +12 -0
package/src/specs/mlKemKeyPair.nitro.ts +32 -0
package/src/specs/x509certificate.nitro.ts +38 -0
package/src/subtle.ts +551 -125
package/src/utils/conversion.ts +10 -4
package/src/utils/hashnames.ts +33 -2
package/src/utils/types.ts +42 -5
package/src/x509certificate.ts +277 -0

package/src/mlkem.ts ADDED Viewed

@@ -0,0 +1,350 @@
+import { NitroModules } from 'react-native-nitro-modules';
+import type { MlKemKeyPair } from './specs/mlKemKeyPair.nitro';
+import {
+  CryptoKey,
+  KeyObject,
+  PublicKeyObject,
+  PrivateKeyObject,
+  isCryptoKey,
+} from './keys';
+import type {
+  CryptoKeyPair,
+  KeyUsage,
+  SubtleAlgorithm,
+  EncapsulateResult,
+  BinaryLike,
+} from './utils';
+import {
+  hasAnyNotIn,
+  lazyDOMException,
+  getUsagesUnion,
+  KFormatType,
+  KeyEncoding,
+  isStringOrBuffer,
+  binaryLikeToArrayBuffer as toAB,
+} from './utils';
+export type MlKemVariant = 'ML-KEM-512' | 'ML-KEM-768' | 'ML-KEM-1024';
+type MlKemKeyType = 'ml-kem-512' | 'ml-kem-768' | 'ml-kem-1024';
+type KeyInput = BinaryLike | KeyObject | CryptoKey | KeyInputObject;
+export interface KeyInputObject {
+  key: BinaryLike | KeyObject | CryptoKey;
+  format?: 'pem' | 'der';
+  type?: 'pkcs1' | 'pkcs8' | 'spki' | 'sec1';
+}
+const ML_KEM_VARIANTS: Record<MlKemKeyType, MlKemVariant> = {
+  'ml-kem-512': 'ML-KEM-512',
+  'ml-kem-768': 'ML-KEM-768',
+  'ml-kem-1024': 'ML-KEM-1024',
+};
+function isMlKemKeyType(type: string): type is MlKemKeyType {
+  return type in ML_KEM_VARIANTS;
+}
+function unpackEncapsulateResult(packed: ArrayBuffer): EncapsulateResult {
+  const view = new DataView(packed);
+  const ciphertextLen = view.getUint32(0, true);
+  const sharedKeyLen = view.getUint32(4, true);
+  const headerSize = 8;
+  const ciphertext = packed.slice(headerSize, headerSize + ciphertextLen);
+  const sharedKey = packed.slice(
+    headerSize + ciphertextLen,
+    headerSize + ciphertextLen + sharedKeyLen,
+  );
+  return { ciphertext, sharedKey };
+}
+export class MlKem {
+  variant: MlKemVariant;
+  native: MlKemKeyPair;
+  constructor(variant: MlKemVariant) {
+    this.variant = variant;
+    this.native = NitroModules.createHybridObject<MlKemKeyPair>('MlKemKeyPair');
+    this.native.setVariant(variant);
+  }
+  async generateKeyPair(): Promise<void> {
+    await this.native.generateKeyPair(
+      KFormatType.DER,
+      KeyEncoding.SPKI,
+      KFormatType.DER,
+      KeyEncoding.PKCS8,
+    );
+  }
+  generateKeyPairSync(): void {
+    this.native.generateKeyPairSync(
+      KFormatType.DER,
+      KeyEncoding.SPKI,
+      KFormatType.DER,
+      KeyEncoding.PKCS8,
+    );
+  }
+  getPublicKey(): ArrayBuffer {
+    return this.native.getPublicKey();
+  }
+  getPrivateKey(): ArrayBuffer {
+    return this.native.getPrivateKey();
+  }
+  setPublicKey(keyData: ArrayBuffer, format: number, type: number): void {
+    this.native.setPublicKey(keyData, format, type);
+  }
+  setPrivateKey(keyData: ArrayBuffer, format: number, type: number): void {
+    this.native.setPrivateKey(keyData, format, type);
+  }
+  async encapsulate(): Promise<EncapsulateResult> {
+    const packed = await this.native.encapsulate();
+    return unpackEncapsulateResult(packed);
+  }
+  encapsulateSync(): EncapsulateResult {
+    const packed = this.native.encapsulateSync();
+    return unpackEncapsulateResult(packed);
+  }
+  async decapsulate(ciphertext: ArrayBuffer): Promise<ArrayBuffer> {
+    return this.native.decapsulate(ciphertext);
+  }
+  decapsulateSync(ciphertext: ArrayBuffer): ArrayBuffer {
+    return this.native.decapsulateSync(ciphertext);
+  }
+}
+function prepareKey(
+  key: KeyInput,
+  isPublic: boolean,
+): { keyObject: KeyObject } {
+  if (key instanceof KeyObject) {
+    if (isPublic) {
+      if (key.type === 'secret') {
+        throw new Error('Cannot use secret key for encapsulation');
+      }
+    } else {
+      if (key.type !== 'private') {
+        throw new Error('Key must be a private key for decapsulation');
+      }
+    }
+    return { keyObject: key };
+  }
+  if (isCryptoKey(key)) {
+    const cryptoKey = key as CryptoKey;
+    return prepareKey(cryptoKey.keyObject, isPublic);
+  }
+  if (isStringOrBuffer(key)) {
+    const isPem = typeof key === 'string' && key.includes('-----BEGIN');
+    const format = isPem ? KFormatType.PEM : undefined;
+    const keyType = isPublic ? 'public' : 'private';
+    const keyData = toAB(key);
+    const keyObject = KeyObject.createKeyObject(keyType, keyData, format);
+    return { keyObject };
+  }
+  if (typeof key === 'object' && 'key' in key) {
+    const keyObj = key as KeyInputObject;
+    const { key: data, format, type } = keyObj;
+    if (data instanceof KeyObject) {
+      return { keyObject: data };
+    }
+    if (isCryptoKey(data)) {
+      return { keyObject: (data as CryptoKey).keyObject };
+    }
+    if (!isStringOrBuffer(data)) {
+      throw new Error('Invalid key data type');
+    }
+    const isPem =
+      format === 'pem' ||
+      (typeof data === 'string' && data.includes('-----BEGIN'));
+    const kFormat = isPem
+      ? KFormatType.PEM
+      : format === 'der'
+        ? KFormatType.DER
+        : undefined;
+    let kType: KeyEncoding | undefined;
+    if (type === 'pkcs8') kType = KeyEncoding.PKCS8;
+    else if (type === 'pkcs1') kType = KeyEncoding.PKCS1;
+    else if (type === 'sec1') kType = KeyEncoding.SEC1;
+    else if (type === 'spki') kType = KeyEncoding.SPKI;
+    const keyType = isPublic ? 'public' : 'private';
+    const keyData = toAB(data);
+    const keyObject = KeyObject.createKeyObject(
+      keyType,
+      keyData,
+      kFormat,
+      kType,
+    );
+    return { keyObject };
+  }
+  throw new Error('Invalid key input');
+}
+function getVariantFromKey(keyObject: KeyObject): MlKemVariant {
+  const keyType = keyObject.handle.getAsymmetricKeyType();
+  if (!isMlKemKeyType(keyType)) {
+    throw new Error(
+      `Key is not an ML-KEM key. Got asymmetricKeyType: ${keyType}`,
+    );
+  }
+  return ML_KEM_VARIANTS[keyType];
+}
+export function encapsulate(
+  key: KeyInput,
+  callback?: (err: Error | null, result?: EncapsulateResult) => void,
+): EncapsulateResult | void {
+  const doEncapsulate = (): EncapsulateResult => {
+    if (key === null || key === undefined) {
+      throw new Error('Public key is required for encapsulation');
+    }
+    const { keyObject } = prepareKey(key, true);
+    const variant = getVariantFromKey(keyObject);
+    const mlkem = new MlKem(variant);
+    const keyData = keyObject.handle.exportKey(
+      KFormatType.DER,
+      KeyEncoding.SPKI,
+    );
+    mlkem.setPublicKey(keyData, KFormatType.DER, KeyEncoding.SPKI);
+    return mlkem.encapsulateSync();
+  };
+  if (callback) {
+    try {
+      const result = doEncapsulate();
+      process.nextTick(callback, null, result);
+    } catch (err) {
+      process.nextTick(callback, err as Error);
+    }
+    return;
+  }
+  return doEncapsulate();
+}
+export function decapsulate(
+  key: KeyInput,
+  ciphertext: BinaryLike,
+  callback?: (err: Error | null, result?: ArrayBuffer) => void,
+): ArrayBuffer | void {
+  const doDecapsulate = (): ArrayBuffer => {
+    if (key === null || key === undefined) {
+      throw new Error('Private key is required for decapsulation');
+    }
+    const { keyObject } = prepareKey(key, false);
+    const variant = getVariantFromKey(keyObject);
+    const mlkem = new MlKem(variant);
+    const keyData = keyObject.handle.exportKey(
+      KFormatType.DER,
+      KeyEncoding.PKCS8,
+    );
+    mlkem.setPrivateKey(keyData, KFormatType.DER, KeyEncoding.PKCS8);
+    const ciphertextBuffer = toAB(ciphertext) as ArrayBuffer;
+    return mlkem.decapsulateSync(ciphertextBuffer);
+  };
+  if (callback) {
+    try {
+      const result = doDecapsulate();
+      process.nextTick(callback, null, result);
+    } catch (err) {
+      process.nextTick(callback, err as Error);
+    }
+    return;
+  }
+  return doDecapsulate();
+}
+export async function mlkem_generateKeyPairWebCrypto(
+  variant: MlKemVariant,
+  extractable: boolean,
+  keyUsages: KeyUsage[],
+): Promise<CryptoKeyPair> {
+  if (
+    hasAnyNotIn(keyUsages, [
+      'encapsulateBits',
+      'encapsulateKey',
+      'decapsulateBits',
+      'decapsulateKey',
+    ])
+  ) {
+    throw lazyDOMException(
+      `Unsupported key usage for ${variant}`,
+      'SyntaxError',
+    );
+  }
+  const publicUsages = getUsagesUnion(
+    keyUsages,
+    'encapsulateBits',
+    'encapsulateKey',
+  );
+  const privateUsages = getUsagesUnion(
+    keyUsages,
+    'decapsulateBits',
+    'decapsulateKey',
+  );
+  if (privateUsages.length === 0) {
+    throw lazyDOMException('Usages cannot be empty', 'SyntaxError');
+  }
+  const mlkem = new MlKem(variant);
+  await mlkem.generateKeyPair();
+  const publicKeyData = mlkem.getPublicKey();
+  const privateKeyData = mlkem.getPrivateKey();
+  const pub = KeyObject.createKeyObject(
+    'public',
+    publicKeyData,
+    KFormatType.DER,
+    KeyEncoding.SPKI,
+  ) as PublicKeyObject;
+  const publicKey = new CryptoKey(
+    pub,
+    { name: variant } as SubtleAlgorithm,
+    publicUsages,
+    true,
+  );
+  const priv = KeyObject.createKeyObject(
+    'private',
+    privateKeyData,
+    KFormatType.DER,
+    KeyEncoding.PKCS8,
+  ) as PrivateKeyObject;
+  const privateKey = new CryptoKey(
+    priv,
+    { name: variant } as SubtleAlgorithm,
+    privateUsages,
+    extractable,
+  );
+  return { publicKey, privateKey };
+}

package/src/pbkdf2.ts CHANGED Viewed

@@ -8,7 +8,7 @@ import {
   lazyDOMException,
   normalizeHashName,
 } from './utils';
-import type { HashAlgorithm, SubtleAlgorithm } from './utils';
+import type { SubtleAlgorithm } from './utils';
 import type { Pbkdf2 } from './specs/pbkdf2.nitro';
 import { promisify } from 'util';
 import type { CryptoKey } from './keys';
@@ -31,6 +31,33 @@ function getNative(): Pbkdf2 {
   return native;
 }
+const MAX_INT32 = 2147483647;
+function validateParameters(iterations: number, keylen: number): void {
+  if (typeof iterations !== 'number') {
+    throw new TypeError('Iterations not a number');
+  }
+  if (typeof keylen !== 'number') {
+    throw new TypeError('Key length not a number');
+  }
+  if (
+    iterations < 1 ||
+    !Number.isFinite(iterations) ||
+    !Number.isInteger(iterations) ||
+    iterations > MAX_INT32
+  ) {
+    throw new TypeError('Bad iterations');
+  }
+  if (
+    keylen < 0 ||
+    !Number.isFinite(keylen) ||
+    !Number.isInteger(keylen) ||
+    keylen > MAX_INT32
+  ) {
+    throw new TypeError('Bad key length');
+  }
+}
 function sanitizeInput(input: BinaryLike, errorMsg: string): ArrayBuffer {
   try {
     return binaryLikeToArrayBuffer(input);
@@ -51,6 +78,7 @@ export function pbkdf2(
   if (callback === undefined || typeof callback !== 'function') {
     throw new Error('No callback provided to pbkdf2');
   }
+  validateParameters(iterations, keylen);
   const sanitizedPassword = sanitizeInput(password, WRONG_PASS);
   const sanitizedSalt = sanitizeInput(salt, WRONG_SALT);
   const normalizedDigest = normalizeHashName(digest, HashContext.Node);
@@ -79,12 +107,13 @@ export function pbkdf2Sync(
   salt: Salt,
   iterations: number,
   keylen: number,
-  digest?: HashAlgorithm,
+  digest: string,
 ): Buffer {
+  validateParameters(iterations, keylen);
   const sanitizedPassword = sanitizeInput(password, WRONG_PASS);
   const sanitizedSalt = sanitizeInput(salt, WRONG_SALT);
-  const algo = digest ? normalizeHashName(digest, HashContext.Node) : 'sha1';
+  const algo = normalizeHashName(digest, HashContext.Node);
   getNative();
   const result: ArrayBuffer = native.pbkdf2Sync(
     sanitizedPassword,
@@ -104,7 +133,7 @@ const pbkdf2WithDigest = (
   salt: Salt,
   iterations: number,
   keylen: number,
-  digest: HashAlgorithm,
+  digest: string,
   callback: Pbkdf2Callback,
 ) => pbkdf2(password, salt, iterations, keylen, digest, callback);
@@ -142,7 +171,7 @@ export async function pbkdf2DeriveBits(
     sanitizedSalt,
     iterations,
     length / 8,
-    normalizedHash as HashAlgorithm,
+    normalizedHash,
   );
   if (!result) {
     throw lazyDOMException(

package/src/rsa.ts CHANGED Viewed

@@ -4,7 +4,7 @@ import {
   KeyObject,
   PrivateKeyObject,
   PublicKeyObject,
-} from './keys';
+} from './keys/classes';
 import {
   getUsagesUnion,
   hasAnyNotIn,

package/src/specs/keyObjectHandle.nitro.ts CHANGED Viewed

@@ -27,6 +27,11 @@ export interface KeyObjectHandle
     passphrase?: ArrayBuffer,
   ): boolean;
   initECRaw(namedCurve: string, keyData: ArrayBuffer): boolean;
+  initPqcRaw(
+    algorithmName: string,
+    keyData: ArrayBuffer,
+    isPublic: boolean,
+  ): boolean;
   initJwk(keyData: JWK, namedCurve?: NamedCurve): KeyType | undefined;
   keyDetail(): KeyDetail;
   keyEquals(other: KeyObjectHandle): boolean;

package/src/specs/kmac.nitro.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+export interface Kmac extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  createKmac(
+    algorithm: string,
+    key: ArrayBuffer,
+    outputLength: number,
+    customization?: ArrayBuffer,
+  ): void;
+  update(data: ArrayBuffer): void;
+  digest(): ArrayBuffer;
+}

package/src/specs/mlKemKeyPair.nitro.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+export interface MlKemKeyPair
+  extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  setVariant(variant: string): void;
+  generateKeyPair(
+    publicFormat: number,
+    publicType: number,
+    privateFormat: number,
+    privateType: number,
+  ): Promise<void>;
+  generateKeyPairSync(
+    publicFormat: number,
+    publicType: number,
+    privateFormat: number,
+    privateType: number,
+  ): void;
+  getPublicKey(): ArrayBuffer;
+  getPrivateKey(): ArrayBuffer;
+  setPublicKey(keyData: ArrayBuffer, format: number, type: number): void;
+  setPrivateKey(keyData: ArrayBuffer, format: number, type: number): void;
+  encapsulate(): Promise<ArrayBuffer>;
+  encapsulateSync(): ArrayBuffer;
+  decapsulate(ciphertext: ArrayBuffer): Promise<ArrayBuffer>;
+  decapsulateSync(ciphertext: ArrayBuffer): ArrayBuffer;
+}

package/src/specs/x509certificate.nitro.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+import type { KeyObjectHandle } from './keyObjectHandle.nitro';
+export interface X509CertificateHandle
+  extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  init(buffer: ArrayBuffer): void;
+  subject(): string;
+  subjectAltName(): string;
+  issuer(): string;
+  infoAccess(): string;
+  validFrom(): string;
+  validTo(): string;
+  validFromDate(): number;
+  validToDate(): number;
+  signatureAlgorithm(): string;
+  signatureAlgorithmOid(): string;
+  serialNumber(): string;
+  fingerprint(): string;
+  fingerprint256(): string;
+  fingerprint512(): string;
+  raw(): ArrayBuffer;
+  pem(): string;
+  publicKey(): KeyObjectHandle;
+  keyUsage(): string[];
+  ca(): boolean;
+  checkIssued(other: X509CertificateHandle): boolean;
+  checkPrivateKey(key: KeyObjectHandle): boolean;
+  verify(key: KeyObjectHandle): boolean;
+  checkHost(name: string, flags: number): string | undefined;
+  checkEmail(email: string, flags: number): string | undefined;
+  checkIP(ip: string): string | undefined;
+}