react-native-quick-crypto 1.0.2 → 1.0.3

package/src/scrypt.ts

@@ -0,0 +1,134 @@
+import { Buffer } from '@craftzdog/react-native-buffer';
+import { NitroModules } from 'react-native-nitro-modules';
+import type { Scrypt as NativeScrypt } from './specs/scrypt.nitro';
+import { binaryLikeToArrayBuffer } from './utils';
+import type { BinaryLike } from './utils';
+
+type Password = BinaryLike;
+type Salt = BinaryLike;
+
+export interface ScryptOptions {
+  N?: number;
+  r?: number;
+  p?: number;
+  cost?: number;
+  blockSize?: number;
+  parallelization?: number;
+  maxmem?: number;
+}
+
+type ScryptCallback = (err: Error | null, derivedKey?: Buffer) => void;
+
+// Lazy load native module
+let native: NativeScrypt;
+function getNative(): NativeScrypt {
+  if (native == null) {
+    native = NitroModules.createHybridObject<NativeScrypt>('Scrypt');
+  }
+  return native;
+}
+
+const defaults = {
+  N: 16384,
+  r: 8,
+  p: 1,
+  maxmem: 32 * 1024 * 1024,
+};
+
+function getScryptParams(options?: ScryptOptions) {
+  const N = options?.N ?? options?.cost ?? defaults.N;
+  const r = options?.r ?? options?.blockSize ?? defaults.r;
+  const p = options?.p ?? options?.parallelization ?? defaults.p;
+  const maxmem = options?.maxmem ?? defaults.maxmem;
+
+  return { N, r, p, maxmem };
+}
+
+function validateCallback(callback: ScryptCallback) {
+  if (callback === undefined || typeof callback !== 'function') {
+    throw new Error('No callback provided to scrypt');
+  }
+}
+
+function sanitizeInput(input: BinaryLike, name: string): ArrayBuffer {
+  try {
+    return binaryLikeToArrayBuffer(input);
+  } catch {
+    throw new Error(
+      `${name} must be a string, a Buffer, a typed array, or a DataView`,
+    );
+  }
+}
+
+export function scrypt(
+  password: Password,
+  salt: Salt,
+  keylen: number,
+  options?: ScryptOptions | ScryptCallback,
+  callback?: ScryptCallback,
+): void {
+  let cb: ScryptCallback;
+  let opts: ScryptOptions | undefined;
+
+  if (typeof options === 'function') {
+    cb = options;
+    opts = undefined;
+  } else {
+    cb = callback!;
+    opts = options;
+  }
+
+  validateCallback(cb);
+
+  try {
+    const { N, r, p, maxmem } = getScryptParams(opts);
+    const sanitizedPassword = sanitizeInput(password, 'Password');
+    const sanitizedSalt = sanitizeInput(salt, 'Salt');
+
+    if (keylen < 0) {
+      throw new TypeError('Bad key length');
+    }
+
+    const nativeMod = getNative();
+    nativeMod
+      .deriveKey(sanitizedPassword, sanitizedSalt, N, r, p, maxmem, keylen)
+      .then(
+        res => {
+          cb(null, Buffer.from(res));
+        },
+        err => {
+          cb(err);
+        },
+      );
+  } catch (err) {
+    cb(err as Error);
+  }
+}
+
+export function scryptSync(
+  password: Password,
+  salt: Salt,
+  keylen: number,
+  options?: ScryptOptions,
+): Buffer {
+  const { N, r, p, maxmem } = getScryptParams(options);
+  const sanitizedPassword = sanitizeInput(password, 'Password');
+  const sanitizedSalt = sanitizeInput(salt, 'Salt');
+
+  if (keylen < 0) {
+    throw new TypeError('Bad key length');
+  }
+
+  const nativeMod = getNative();
+  const result = nativeMod.deriveKeySync(
+    sanitizedPassword,
+    sanitizedSalt,
+    N,
+    r,
+    p,
+    maxmem,
+    keylen,
+  );
+
+  return Buffer.from(result);
+}

package/src/specs/hkdf.nitro.ts

@@ -0,0 +1,19 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export interface Hkdf extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  deriveKeySync(
+    algorithm: string,
+    key: ArrayBuffer,
+    salt: ArrayBuffer,
+    info: ArrayBuffer,
+    length: number,
+  ): ArrayBuffer;
+
+  deriveKey(
+    algorithm: string,
+    key: ArrayBuffer,
+    salt: ArrayBuffer,
+    info: ArrayBuffer,
+    length: number,
+  ): Promise<ArrayBuffer>;
+}

package/src/specs/scrypt.nitro.ts

@@ -0,0 +1,23 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export interface Scrypt extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  deriveKey(
+    password: ArrayBuffer,
+    salt: ArrayBuffer,
+    N: number,
+    r: number,
+    p: number,
+    maxmem: number,
+    keylen: number,
+  ): Promise<ArrayBuffer>;
+
+  deriveKeySync(
+    password: ArrayBuffer,
+    salt: ArrayBuffer,
+    N: number,
+    r: number,
+    p: number,
+    maxmem: number,
+    keylen: number,
+  ): ArrayBuffer;
+}

package/src/subtle.ts

@@ -49,6 +49,7 @@ import {
   Ed,
 } from './ed';
 import { mldsa_generateKeyPairWebCrypto, type MlDsaVariant } from './mldsa';
+import { hkdfDeriveBits, type HkdfAlgorithm } from './hkdf';
 // import { pbkdf2DeriveBits } from './pbkdf2';
 // import { aesCipher, aesGenerateKey, aesImportKey, getAlgorithmName } from './aes';
 // import { rsaCipher, rsaExportKey, rsaImportKey, rsaKeyGenerate } from './rsa';
@@ -1235,6 +1236,28 @@ const importGenericSecretKey = async (
   throw new Error(`Unable to import ${name} key with format ${format}`);
 };
 
+const hkdfImportKey = async (
+  format: ImportFormat,
+  keyData: BufferLike | BinaryLike,
+  algorithm: SubtleAlgorithm,
+  extractable: boolean,
+  keyUsages: KeyUsage[],
+): Promise<CryptoKey> => {
+  const { name } = algorithm;
+  if (hasAnyNotIn(keyUsages, ['deriveKey', 'deriveBits'])) {
+    throw new Error(`Unsupported key usage for a ${name} key`);
+  }
+
+  switch (format) {
+    case 'raw': {
+      const keyObject = createSecretKey(keyData as BinaryLike);
+      return new CryptoKey(keyObject, { name }, keyUsages, extractable);
+    }
+    default:
+      throw new Error(`Unable to import ${name} key with format ${format}`);
+  }
+};
+
 const checkCryptoKeyPairUsages = (pair: CryptoKeyPair) => {
   if (
     pair.privateKey &&
@@ -1536,6 +1559,12 @@ export class Subtle {
       // Fall through
       case 'X448':
         return xDeriveBits(algorithm, baseKey, length);
+      case 'HKDF':
+        return hkdfDeriveBits(
+          algorithm as unknown as HkdfAlgorithm,
+          baseKey,
+          length,
+        );
     }
     throw new Error(
       `'subtle.deriveBits()' for ${algorithm.name} is not implemented.`,
@@ -1577,6 +1606,13 @@ export class Subtle {
       case 'X448':
         derivedBits = await xDeriveBits(algorithm, baseKey, length);
         break;
+      case 'HKDF':
+        derivedBits = hkdfDeriveBits(
+          algorithm as unknown as HkdfAlgorithm,
+          baseKey,
+          length,
+        );
+        break;
       default:
         throw new Error(
           `'subtle.deriveKey()' for ${algorithm.name} is not implemented.`,
@@ -1908,6 +1944,15 @@ export class Subtle {
           keyUsages,
         );
         break;
+      case 'HKDF':
+        result = await hkdfImportKey(
+          format,
+          data as BufferLike | BinaryLike,
+          normalizedAlgorithm,
+          extractable,
+          keyUsages,
+        );
+        break;
       case 'X25519':
       // Fall through
       case 'X448':