npm - react-native-quick-crypto - Versions diffs - 1.0.9 → 1.0.10 - Mend

react-native-quick-crypto 1.0.9 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (170) hide show

package/QuickCrypto.podspec +9 -2
package/README.md +13 -9
package/android/CMakeLists.txt +4 -0
package/cpp/cipher/HybridCipherFactory.hpp +15 -1
package/cpp/cipher/OCBCipher.cpp +4 -4
package/cpp/cipher/XChaCha20Poly1305Cipher.cpp +161 -0
package/cpp/cipher/XChaCha20Poly1305Cipher.hpp +43 -0
package/cpp/cipher/XSalsa20Poly1305Cipher.cpp +145 -0
package/cpp/cipher/XSalsa20Poly1305Cipher.hpp +42 -0
package/cpp/dh/HybridDiffieHellman.cpp +10 -0
package/cpp/dh/HybridDiffieHellman.hpp +1 -0
package/cpp/ec/HybridEcKeyPair.cpp +21 -0
package/cpp/ec/HybridEcKeyPair.hpp +1 -0
package/cpp/hash/HybridHash.cpp +1 -1
package/cpp/hash/HybridHash.hpp +1 -1
package/cpp/hmac/HybridHmac.cpp +1 -1
package/cpp/hmac/HybridHmac.hpp +1 -1
package/cpp/keys/HybridKeyObjectHandle.cpp +112 -1
package/cpp/keys/HybridKeyObjectHandle.hpp +5 -1
package/deps/ncrypto/.bazelrc +0 -1
package/deps/ncrypto/.bazelversion +1 -1
package/deps/ncrypto/.github/workflows/commitlint.yml +16 -0
package/deps/ncrypto/.github/workflows/linter.yml +2 -2
package/deps/ncrypto/.github/workflows/release-please.yml +16 -0
package/deps/ncrypto/.github/workflows/ubuntu.yml +82 -0
package/deps/ncrypto/.release-please-manifest.json +3 -0
package/deps/ncrypto/BUILD.bazel +9 -1
package/deps/ncrypto/CHANGELOG.md +37 -0
package/deps/ncrypto/CMakeLists.txt +35 -11
package/deps/ncrypto/MODULE.bazel +16 -1
package/deps/ncrypto/MODULE.bazel.lock +299 -118
package/deps/ncrypto/cmake/ncrypto-flags.cmake +1 -0
package/deps/ncrypto/include/ncrypto/aead.h +137 -0
package/deps/ncrypto/include/ncrypto/version.h +14 -0
package/deps/ncrypto/include/ncrypto.h +85 -230
package/deps/ncrypto/ncrypto.pc.in +10 -0
package/deps/ncrypto/release-please-config.json +11 -0
package/deps/ncrypto/src/CMakeLists.txt +31 -6
package/deps/ncrypto/src/aead.cpp +302 -0
package/deps/ncrypto/src/ncrypto.cpp +274 -556
package/deps/ncrypto/tests/BUILD.bazel +2 -0
package/deps/ncrypto/tests/basic.cpp +772 -2
package/deps/ncrypto/tools/run-clang-format.sh +5 -5
package/lib/commonjs/diffie-hellman.js +4 -1
package/lib/commonjs/diffie-hellman.js.map +1 -1
package/lib/commonjs/ec.js +20 -25
package/lib/commonjs/ec.js.map +1 -1
package/lib/commonjs/ed.js +1 -2
package/lib/commonjs/ed.js.map +1 -1
package/lib/commonjs/hash.js +7 -0
package/lib/commonjs/hash.js.map +1 -1
package/lib/commonjs/index.js +11 -1
package/lib/commonjs/index.js.map +1 -1
package/lib/commonjs/keys/classes.js +9 -5
package/lib/commonjs/keys/classes.js.map +1 -1
package/lib/commonjs/subtle.js +82 -31
package/lib/commonjs/subtle.js.map +1 -1
package/lib/commonjs/utils/types.js.map +1 -1
package/lib/module/diffie-hellman.js +4 -0
package/lib/module/diffie-hellman.js.map +1 -1
package/lib/module/ec.js +19 -25
package/lib/module/ec.js.map +1 -1
package/lib/module/ed.js +1 -2
package/lib/module/ed.js.map +1 -1
package/lib/module/hash.js +6 -0
package/lib/module/hash.js.map +1 -1
package/lib/module/index.js +3 -0
package/lib/module/index.js.map +1 -1
package/lib/module/keys/classes.js +9 -5
package/lib/module/keys/classes.js.map +1 -1
package/lib/module/subtle.js +83 -32
package/lib/module/subtle.js.map +1 -1
package/lib/module/utils/types.js.map +1 -1
package/lib/tsconfig.tsbuildinfo +1 -1
package/lib/typescript/diffie-hellman.d.ts +2 -0
package/lib/typescript/diffie-hellman.d.ts.map +1 -1
package/lib/typescript/ec.d.ts +1 -0
package/lib/typescript/ec.d.ts.map +1 -1
package/lib/typescript/ed.d.ts.map +1 -1
package/lib/typescript/hash.d.ts +2 -0
package/lib/typescript/hash.d.ts.map +1 -1
package/lib/typescript/index.d.ts +5 -0
package/lib/typescript/index.d.ts.map +1 -1
package/lib/typescript/keys/classes.d.ts +2 -0
package/lib/typescript/keys/classes.d.ts.map +1 -1
package/lib/typescript/specs/diffie-hellman.nitro.d.ts +1 -0
package/lib/typescript/specs/diffie-hellman.nitro.d.ts.map +1 -1
package/lib/typescript/specs/ecKeyPair.nitro.d.ts +1 -0
package/lib/typescript/specs/ecKeyPair.nitro.d.ts.map +1 -1
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts +2 -0
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts.map +1 -1
package/lib/typescript/subtle.d.ts.map +1 -1
package/lib/typescript/utils/types.d.ts +12 -5
package/lib/typescript/utils/types.d.ts.map +1 -1
package/nitrogen/generated/android/QuickCrypto+autolinking.cmake +8 -5
package/nitrogen/generated/android/QuickCrypto+autolinking.gradle +1 -1
package/nitrogen/generated/android/QuickCryptoOnLoad.cpp +54 -54
package/nitrogen/generated/android/QuickCryptoOnLoad.hpp +1 -1
package/nitrogen/generated/android/kotlin/com/margelo/nitro/crypto/QuickCryptoOnLoad.kt +1 -1
package/nitrogen/generated/ios/QuickCrypto+autolinking.rb +2 -2
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Bridge.cpp +1 -1
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Bridge.hpp +1 -1
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Umbrella.hpp +1 -1
package/nitrogen/generated/ios/QuickCryptoAutolinking.mm +54 -54
package/nitrogen/generated/ios/QuickCryptoAutolinking.swift +5 -1
package/nitrogen/generated/shared/c++/AsymmetricKeyType.hpp +1 -1
package/nitrogen/generated/shared/c++/CipherArgs.hpp +34 -19
package/nitrogen/generated/shared/c++/HybridBlake3Spec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridBlake3Spec.hpp +1 -3
package/nitrogen/generated/shared/c++/HybridCipherFactorySpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridCipherFactorySpec.hpp +1 -1
package/nitrogen/generated/shared/c++/HybridCipherSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridCipherSpec.hpp +1 -3
package/nitrogen/generated/shared/c++/HybridDiffieHellmanSpec.cpp +2 -1
package/nitrogen/generated/shared/c++/HybridDiffieHellmanSpec.hpp +3 -3
package/nitrogen/generated/shared/c++/HybridECDHSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridECDHSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridEcKeyPairSpec.cpp +2 -1
package/nitrogen/generated/shared/c++/HybridEcKeyPairSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridEdKeyPairSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridEdKeyPairSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridHashSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridHashSpec.hpp +2 -4
package/nitrogen/generated/shared/c++/HybridHkdfSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridHkdfSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridHmacSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridHmacSpec.hpp +3 -4
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.cpp +3 -1
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.hpp +8 -4
package/nitrogen/generated/shared/c++/HybridMlDsaKeyPairSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridMlDsaKeyPairSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridPbkdf2Spec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridPbkdf2Spec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridRandomSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridRandomSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridRsaCipherSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridRsaCipherSpec.hpp +1 -3
package/nitrogen/generated/shared/c++/HybridRsaKeyPairSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridRsaKeyPairSpec.hpp +1 -3
package/nitrogen/generated/shared/c++/HybridScryptSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridScryptSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridSignHandleSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridSignHandleSpec.hpp +1 -3
package/nitrogen/generated/shared/c++/HybridUtilsSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridUtilsSpec.hpp +2 -3
package/nitrogen/generated/shared/c++/HybridVerifyHandleSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridVerifyHandleSpec.hpp +1 -3
package/nitrogen/generated/shared/c++/JWK.hpp +84 -68
package/nitrogen/generated/shared/c++/JWKkty.hpp +5 -1
package/nitrogen/generated/shared/c++/JWKuse.hpp +1 -1
package/nitrogen/generated/shared/c++/KFormatType.hpp +1 -1
package/nitrogen/generated/shared/c++/KeyDetail.hpp +39 -23
package/nitrogen/generated/shared/c++/KeyEncoding.hpp +1 -1
package/nitrogen/generated/shared/c++/KeyObject.hpp +21 -5
package/nitrogen/generated/shared/c++/KeyType.hpp +1 -1
package/nitrogen/generated/shared/c++/KeyUsage.hpp +1 -1
package/nitrogen/generated/shared/c++/NamedCurve.hpp +1 -1
package/package.json +1 -1
package/src/diffie-hellman.ts +6 -0
package/src/ec.ts +23 -19
package/src/ed.ts +1 -2
package/src/hash.ts +11 -0
package/src/index.ts +3 -0
package/src/keys/classes.ts +10 -3
package/src/specs/diffie-hellman.nitro.ts +1 -0
package/src/specs/ecKeyPair.nitro.ts +2 -0
package/src/specs/keyObjectHandle.nitro.ts +2 -0
package/src/subtle.ts +131 -32
package/src/utils/types.ts +18 -3
package/deps/ncrypto/WORKSPACE +0 -15

package/src/subtle.ts CHANGED Viewed

@@ -14,10 +14,11 @@ import type {
   AesCtrParams,
   AesCbcParams,
   AesGcmParams,
+  AesOcbParams,
   RsaOaepParams,
   ChaCha20Poly1305Params,
 } from './utils';
-import { KFormatType, KeyEncoding } from './utils';
+import { KFormatType, KeyEncoding, KeyType } from './utils';
 import {
   CryptoKey,
   KeyObject,
@@ -90,7 +91,22 @@ function normalizeAlgorithm(
 }
 function getAlgorithmName(name: string, length: number): string {
-  return `${name}${length}`;
+  switch (name) {
+    case 'AES-CBC':
+      return `A${length}CBC`;
+    case 'AES-CTR':
+      return `A${length}CTR`;
+    case 'AES-GCM':
+      return `A${length}GCM`;
+    case 'AES-KW':
+      return `A${length}KW`;
+    case 'AES-OCB':
+      return `A${length}OCB`;
+    case 'ChaCha20-Poly1305':
+      return 'C20P';
+    default:
+      return `${name}${length}`;
+  }
 }
 // Placeholder implementations for missing functions
@@ -198,6 +214,8 @@ async function aesCipher(
       return aesCbcCipher(mode, key, data, algorithm as AesCbcParams);
     case 'AES-GCM':
       return aesGcmCipher(mode, key, data, algorithm as AesGcmParams);
+    case 'AES-OCB':
+      return aesOcbCipher(mode, key, data, algorithm as AesOcbParams);
     default:
       throw lazyDOMException(
         `Unsupported AES algorithm: ${name}`,
@@ -294,45 +312,45 @@ async function aesCbcCipher(
   return result.buffer;
 }
-async function aesGcmCipher(
+interface AeadCipherConfig {
+  algorithmName: string;
+  validTagLengths: number[];
+  cipherSuffix: string;
+  iv: ArrayBuffer;
+}
+async function aesAeadCipher(
   mode: CipherOrWrapMode,
   key: CryptoKey,
   data: ArrayBuffer,
-  algorithm: AesGcmParams,
+  config: AeadCipherConfig,
+  additionalData?: BufferLike,
+  tagLength: number = 128,
 ): Promise<ArrayBuffer> {
-  const { tagLength = 128 } = algorithm;
-  // Validate tag length
-  const validTagLengths = [32, 64, 96, 104, 112, 120, 128];
-  if (!validTagLengths.includes(tagLength)) {
+  if (!config.validTagLengths.includes(tagLength)) {
     throw lazyDOMException(
-      `${tagLength} is not a valid AES-GCM tag length`,
+      `${tagLength} is not a valid ${config.algorithmName} tag length`,
       'OperationError',
     );
   }
   const tagByteLength = tagLength / 8;
-  // Get cipher type based on key length
   const keyLength = (key.algorithm as { length: number }).length;
-  const cipherType = `aes-${keyLength}-gcm`;
+  const cipherType = `aes-${keyLength}-${config.cipherSuffix}`;
-  // Create cipher
   const factory =
     NitroModules.createHybridObject<CipherFactory>('CipherFactory');
   const cipher = factory.createCipher({
     isCipher: mode === CipherOrWrapMode.kWebCryptoCipherEncrypt,
     cipherType,
     cipherKey: bufferLikeToArrayBuffer(key.keyObject.export()),
-    iv: bufferLikeToArrayBuffer(algorithm.iv),
+    iv: config.iv,
     authTagLen: tagByteLength,
   });
   let processData: ArrayBuffer;
-  let authTag: ArrayBuffer | undefined;
   if (mode === CipherOrWrapMode.kWebCryptoCipherDecrypt) {
-    // For decryption, extract auth tag from end of data
     const dataView = new Uint8Array(data);
     if (dataView.byteLength < tagByteLength) {
@@ -342,28 +360,22 @@ async function aesGcmCipher(
       );
     }
-    // Split data and tag
     const ciphertextLength = dataView.byteLength - tagByteLength;
     processData = dataView.slice(0, ciphertextLength).buffer;
-    authTag = dataView.slice(ciphertextLength).buffer;
-    // Set auth tag for verification
+    const authTag = dataView.slice(ciphertextLength).buffer;
     cipher.setAuthTag(authTag);
   } else {
     processData = data;
   }
-  // Set additional authenticated data if provided
-  if (algorithm.additionalData) {
-    cipher.setAAD(bufferLikeToArrayBuffer(algorithm.additionalData));
+  if (additionalData) {
+    cipher.setAAD(bufferLikeToArrayBuffer(additionalData));
   }
-  // Process data
   const updated = cipher.update(processData);
   const final = cipher.final();
   if (mode === CipherOrWrapMode.kWebCryptoCipherEncrypt) {
-    // For encryption, append auth tag to result
     const tag = cipher.getAuthTag();
     const result = new Uint8Array(
       updated.byteLength + final.byteLength + tag.byteLength,
@@ -373,7 +385,6 @@ async function aesGcmCipher(
     result.set(new Uint8Array(tag), updated.byteLength + final.byteLength);
     return result.buffer;
   } else {
-    // For decryption, just concatenate plaintext
     const result = new Uint8Array(updated.byteLength + final.byteLength);
     result.set(new Uint8Array(updated), 0);
     result.set(new Uint8Array(final), updated.byteLength);
@@ -381,6 +392,56 @@ async function aesGcmCipher(
   }
 }
+async function aesGcmCipher(
+  mode: CipherOrWrapMode,
+  key: CryptoKey,
+  data: ArrayBuffer,
+  algorithm: AesGcmParams,
+): Promise<ArrayBuffer> {
+  return aesAeadCipher(
+    mode,
+    key,
+    data,
+    {
+      algorithmName: 'AES-GCM',
+      validTagLengths: [32, 64, 96, 104, 112, 120, 128],
+      cipherSuffix: 'gcm',
+      iv: bufferLikeToArrayBuffer(algorithm.iv),
+    },
+    algorithm.additionalData,
+    algorithm.tagLength,
+  );
+}
+async function aesOcbCipher(
+  mode: CipherOrWrapMode,
+  key: CryptoKey,
+  data: ArrayBuffer,
+  algorithm: AesOcbParams,
+): Promise<ArrayBuffer> {
+  const ivBuffer = bufferLikeToArrayBuffer(algorithm.iv);
+  if (ivBuffer.byteLength < 1 || ivBuffer.byteLength > 15) {
+    throw lazyDOMException(
+      'AES-OCB algorithm.iv must be between 1 and 15 bytes',
+      'OperationError',
+    );
+  }
+  return aesAeadCipher(
+    mode,
+    key,
+    data,
+    {
+      algorithmName: 'AES-OCB',
+      validTagLengths: [64, 96, 128],
+      cipherSuffix: 'ocb',
+      iv: ivBuffer,
+    },
+    algorithm.additionalData,
+    algorithm.tagLength,
+  );
+}
 async function aesKwCipher(
   mode: CipherOrWrapMode,
   key: CryptoKey,
@@ -891,7 +952,7 @@ async function aesImportKey(
 function edImportKey(
   format: ImportFormat,
-  data: BufferLike,
+  data: BufferLike | JWK,
   algorithm: SubtleAlgorithm,
   extractable: boolean,
   keyUsages: KeyUsage[],
@@ -915,7 +976,7 @@ function edImportKey(
   if (format === 'spki') {
     // Import public key
-    const keyData = bufferLikeToArrayBuffer(data);
+    const keyData = bufferLikeToArrayBuffer(data as BufferLike);
     keyObject = KeyObject.createKeyObject(
       'public',
       keyData,
@@ -924,7 +985,7 @@ function edImportKey(
     );
   } else if (format === 'pkcs8') {
     // Import private key
-    const keyData = bufferLikeToArrayBuffer(data);
+    const keyData = bufferLikeToArrayBuffer(data as BufferLike);
     keyObject = KeyObject.createKeyObject(
       'private',
       keyData,
@@ -933,13 +994,26 @@ function edImportKey(
     );
   } else if (format === 'raw') {
     // Raw format - public key only for Ed keys
-    const keyData = bufferLikeToArrayBuffer(data);
+    const keyData = bufferLikeToArrayBuffer(data as BufferLike);
     const handle =
       NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
     // For raw Ed keys, we need to create them differently
     // Raw public keys are just the key bytes
     handle.init(1, keyData); // 1 = public key type
     keyObject = new PublicKeyObject(handle);
+  } else if (format === 'jwk') {
+    const jwkData = data as JWK;
+    const handle =
+      NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+    const keyType = handle.initJwk(jwkData);
+    if (keyType === undefined) {
+      throw lazyDOMException('Invalid JWK data', 'DataError');
+    }
+    if (keyType === KeyType.PRIVATE) {
+      keyObject = new PrivateKeyObject(handle);
+    } else {
+      keyObject = new PublicKeyObject(handle);
+    }
   } else {
     throw lazyDOMException(
       `Unsupported format for ${name} import: ${format}`,
@@ -1133,6 +1207,8 @@ const exportKeyRaw = (key: CryptoKey): ArrayBuffer | unknown => {
     // Fall through
     case 'AES-KW':
     // Fall through
+    case 'AES-OCB':
+    // Fall through
     case 'ChaCha20-Poly1305':
     // Fall through
     case 'HMAC': {
@@ -1177,6 +1253,14 @@ const exportKeyJWK = (key: CryptoKey): ArrayBuffer | unknown => {
     case 'ECDH':
       jwk.crv ||= key.algorithm.namedCurve;
       return jwk;
+    case 'Ed25519':
+    // Fall through
+    case 'Ed448':
+    // Fall through
+    case 'X25519':
+    // Fall through
+    case 'X448':
+      return jwk;
     case 'AES-CTR':
     // Fall through
     case 'AES-CBC':
@@ -1185,6 +1269,8 @@ const exportKeyJWK = (key: CryptoKey): ArrayBuffer | unknown => {
     // Fall through
     case 'AES-KW':
     // Fall through
+    case 'AES-OCB':
+    // Fall through
     case 'ChaCha20-Poly1305':
       if (key.algorithm.length === undefined) {
         throw lazyDOMException(
@@ -1503,6 +1589,8 @@ const cipherOrWrap = async (
     case 'AES-CBC':
     // Fall through
     case 'AES-GCM':
+    // Fall through
+    case 'AES-OCB':
       return aesCipher(mode, key, data, algorithm);
     case 'AES-KW':
       return aesKwCipher(mode, key, data);
@@ -1613,6 +1701,9 @@ export class Subtle {
       case 'X448':
         derivedBits = await xDeriveBits(algorithm, baseKey, length);
         break;
+      case 'ECDH':
+        derivedBits = await ecDeriveBits(algorithm, baseKey, length);
+        break;
       case 'HKDF':
         derivedBits = hkdfDeriveBits(
           algorithm as unknown as HkdfAlgorithm,
@@ -1657,6 +1748,8 @@ export class Subtle {
   ): Promise<ArrayBuffer | JWK> {
     if (!key.extractable) throw new Error('key is not extractable');
+    if (format === 'raw-secret') format = 'raw';
     switch (format) {
       case 'spki':
         return (await exportKeySpki(key)) as ArrayBuffer;
@@ -1811,6 +1904,8 @@ export class Subtle {
       case 'AES-GCM':
       // Fall through
       case 'AES-KW':
+      // Fall through
+      case 'AES-OCB':
         result = await aesGenerateKey(
           algorithm as AesKeyGenParams,
           extractable,
@@ -1889,6 +1984,7 @@ export class Subtle {
     extractable: boolean,
     keyUsages: KeyUsage[],
   ): Promise<CryptoKey> {
+    if (format === 'raw-secret') format = 'raw';
     const normalizedAlgorithm = normalizeAlgorithm(algorithm, 'importKey');
     let result: CryptoKey;
     switch (normalizedAlgorithm.name) {
@@ -1933,6 +2029,8 @@ export class Subtle {
       // Fall through
       case 'AES-KW':
       // Fall through
+      case 'AES-OCB':
+      // Fall through
       case 'ChaCha20-Poly1305':
         result = await aesImportKey(
           normalizedAlgorithm,
@@ -1969,7 +2067,7 @@ export class Subtle {
       case 'Ed448':
         result = edImportKey(
           format,
-          data as BufferLike,
+          data as BufferLike | JWK,
           normalizedAlgorithm,
           extractable,
           keyUsages,
@@ -2121,6 +2219,7 @@ function getKeyLength(algorithm: SubtleAlgorithm): number {
     case 'AES-CBC':
     case 'AES-GCM':
     case 'AES-KW':
+    case 'AES-OCB':
     case 'ChaCha20-Poly1305':
       return (algorithm as AesKeyGenParams).length || 256;

package/src/utils/types.ts CHANGED Viewed

@@ -80,7 +80,12 @@ export type KeyPairAlgorithm =
   | CFRGKeyPairAlgorithm
   | PQCKeyPairAlgorithm;
-export type AESAlgorithm = 'AES-CTR' | 'AES-CBC' | 'AES-GCM' | 'AES-KW';
+export type AESAlgorithm =
+  | 'AES-CTR'
+  | 'AES-CBC'
+  | 'AES-GCM'
+  | 'AES-KW'
+  | 'AES-OCB';
 export type SecretKeyAlgorithm = 'HMAC' | AESAlgorithm;
@@ -108,6 +113,7 @@ export type EncryptDecryptAlgorithm =
   | 'AES-CBC'
   | 'AES-GCM'
   | 'AES-KW'
+  | 'AES-OCB'
   | 'ChaCha20-Poly1305';
 export type RsaOaepParams = {
@@ -140,6 +146,13 @@ export type ChaCha20Poly1305Params = {
   additionalData?: BufferLike;
 };
+export type AesOcbParams = {
+  name: 'AES-OCB';
+  iv: BufferLike;
+  tagLength?: 64 | 96 | 128;
+  additionalData?: BufferLike;
+};
 export type AesKwParams = {
   name: 'AES-KW';
   wrappingKey?: BufferLike;
@@ -158,6 +171,7 @@ export type EncryptDecryptParams =
   | AesCbcParams
   | AesCtrParams
   | AesGcmParams
+  | AesOcbParams
   | AesKwParams
   | RsaOaepParams
   | ChaCha20Poly1305Params;
@@ -187,6 +201,7 @@ export type SubtleAlgorithm = {
   modulusLength?: number;
   publicExponent?: number | Uint8Array;
   saltLength?: number;
+  public?: CryptoKey;
 };
 export type KeyPairType =
@@ -264,7 +279,7 @@ export type AsymmetricKeyType =
   | CFRGKeyPairType
   | PQCKeyPairType;
-type JWKkty = 'AES' | 'RSA' | 'EC' | 'oct';
+type JWKkty = 'AES' | 'RSA' | 'EC' | 'oct' | 'OKP';
 type JWKuse = 'sig' | 'enc';
 export interface JWK {
@@ -447,7 +462,7 @@ export type DiffieHellmanCallback = (
 // from @paulmillr/noble-curves
 export type Hex = string | Uint8Array;
-export type ImportFormat = 'raw' | 'pkcs8' | 'spki' | 'jwk';
+export type ImportFormat = 'raw' | 'raw-secret' | 'pkcs8' | 'spki' | 'jwk';
 export type Operation =
   | 'encrypt'

package/deps/ncrypto/WORKSPACE DELETED Viewed

@@ -1,15 +0,0 @@
-workspace(name = "ncrypto")
-load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
-http_archive(
-    name = "ssl",
-    sha256 = "64529449ef458381346b163302523a1fb876e5b667bec4a4bd38d0d2fff8b42b",
-    strip_prefix = "boringssl-0.20250818.0",
-    type = "tgz",
-    urls = ["https://github.com/google/boringssl/archive/refs/tags/0.20250818.0.tar.gz"],
-    patches = [
-         "@ncrypto//:patches/0001-Expose-libdecrepit-so-NodeJS-can-use-it-for-ncrypto.patch"
-    ],
-    patch_strip = 1
-)