react-native-quick-crypto 1.1.1 → 1.1.2

package/src/keys/index.ts

@@ -40,14 +40,68 @@ import { randomBytes } from '../random';
 
 interface KeyInputObject {
   key: BinaryLike | KeyObject | CryptoKey | JWK;
-  format?: 'pem' | 'der' | 'jwk';
+  format?: 'pem' | 'der' | 'jwk' | 'raw-public' | 'raw-private' | 'raw-seed';
   type?: 'pkcs1' | 'pkcs8' | 'spki' | 'sec1';
   passphrase?: BinaryLike;
   encoding?: BufferEncoding;
+  asymmetricKeyType?: string;
+  namedCurve?: string;
 }
 
 type KeyInput = BinaryLike | KeyInputObject | KeyObject | CryptoKey;
 
+function isRawFormat(
+  format: string | undefined,
+): format is 'raw-public' | 'raw-private' | 'raw-seed' {
+  return (
+    format === 'raw-public' || format === 'raw-private' || format === 'raw-seed'
+  );
+}
+
+function createPublicKeyFromRaw(input: KeyInputObject): PublicKeyObject {
+  if (input.format !== 'raw-public') {
+    throw new Error('Invalid format for createPublicKey raw import');
+  }
+  if (typeof input.asymmetricKeyType !== 'string') {
+    throw new Error('options.asymmetricKeyType is required for raw key import');
+  }
+  if (input.asymmetricKeyType === 'ec' && !input.namedCurve) {
+    throw new Error('options.namedCurve is required for EC raw key import');
+  }
+  const handle =
+    NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+  handle.initRawPublic(
+    input.asymmetricKeyType,
+    toAB(input.key as BinaryLike),
+    input.namedCurve,
+  );
+  return new PublicKeyObject(handle);
+}
+
+function createPrivateKeyFromRaw(input: KeyInputObject): PrivateKeyObject {
+  if (input.format !== 'raw-private' && input.format !== 'raw-seed') {
+    throw new Error('Invalid format for createPrivateKey raw import');
+  }
+  if (typeof input.asymmetricKeyType !== 'string') {
+    throw new Error('options.asymmetricKeyType is required for raw key import');
+  }
+  if (input.asymmetricKeyType === 'ec' && !input.namedCurve) {
+    throw new Error('options.namedCurve is required for EC raw key import');
+  }
+  const handle =
+    NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
+  if (input.format === 'raw-seed') {
+    handle.initRawSeed(input.asymmetricKeyType, toAB(input.key as BinaryLike));
+  } else {
+    handle.initRawPrivate(
+      input.asymmetricKeyType,
+      toAB(input.key as BinaryLike),
+      input.namedCurve,
+    );
+  }
+  return new PrivateKeyObject(handle);
+}
+
 function createSecretKey(key: BinaryLike): SecretKeyObject {
   const keyBuffer = toAB(key);
   return KeyObject.createKeyObject('secret', keyBuffer) as SecretKeyObject;
@@ -116,8 +170,10 @@ function prepareAsymmetricKey(
       return { data: toAB(data), format: 'pem', type };
     }
 
-    // Filter out 'jwk' format - only 'pem' and 'der' are supported here
-    const filteredFormat = format === 'jwk' ? undefined : format;
+    // Filter to only 'pem' or 'der' — JWK and raw formats are handled
+    // separately via dedicated paths.
+    const filteredFormat: 'pem' | 'der' | undefined =
+      format === 'pem' || format === 'der' ? format : undefined;
     return { data: toAB(data), format: filteredFormat, type };
   }
 
@@ -125,6 +181,14 @@ function prepareAsymmetricKey(
 }
 
 function createPublicKey(key: KeyInput): PublicKeyObject {
+  if (typeof key === 'object' && 'key' in key && isRawFormat(key.format)) {
+    if (key.format !== 'raw-public') {
+      throw new Error(
+        `Invalid format ${key.format} for createPublicKey — only 'raw-public' is allowed`,
+      );
+    }
+    return createPublicKeyFromRaw(key as KeyInputObject);
+  }
   if (typeof key === 'object' && 'key' in key && key.format === 'jwk') {
     const handle =
       NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');
@@ -169,6 +233,12 @@ function createPublicKey(key: KeyInput): PublicKeyObject {
 }
 
 function createPrivateKey(key: KeyInput): PrivateKeyObject {
+  if (typeof key === 'object' && 'key' in key && isRawFormat(key.format)) {
+    if (key.format === 'raw-public') {
+      throw new Error("Invalid format 'raw-public' for createPrivateKey");
+    }
+    return createPrivateKeyFromRaw(key as KeyInputObject);
+  }
   if (typeof key === 'object' && 'key' in key && key.format === 'jwk') {
     const handle =
       NitroModules.createHybridObject<KeyObjectHandle>('KeyObjectHandle');

package/src/keys/signVerify.ts

@@ -13,6 +13,7 @@ import {
   KFormatType,
   KeyEncoding,
 } from '../utils';
+import { constants } from '../constants';
 
 type KeyInput = BinaryLike | KeyObject | CryptoKey | KeyInputObject;
 
@@ -144,6 +145,16 @@ function dsaEncodingToNumber(
   return undefined;
 }
 
+function getSaltLength(options?: SignOptions): number | undefined {
+  if (
+    options?.padding === constants.RSA_PKCS1_PSS_PADDING &&
+    options?.saltLength === undefined
+  ) {
+    return constants.RSA_PSS_SALTLEN_MAX_SIGN;
+  }
+  return options?.saltLength;
+}
+
 export class Sign {
   private handle: SignHandleSpec;
 
@@ -169,7 +180,7 @@ export class Sign {
     const signature = this.handle.sign(
       keyObject.handle,
       options?.padding,
-      options?.saltLength,
+      getSaltLength(options),
       dsaEncodingToNumber(options?.dsaEncoding),
     );
 
@@ -219,7 +230,7 @@ export class Verify {
       keyObject.handle,
       sigBuffer,
       options?.padding,
-      options?.saltLength,
+      getSaltLength(options),
       dsaEncodingToNumber(options?.dsaEncoding),
     );
   }

package/src/keys/utils.ts

@@ -5,13 +5,36 @@ import {
   KFormatType,
 } from '../utils';
 import type { CryptoKeyPair, EncodingOptions } from '../utils';
-import type { CryptoKey } from './classes';
+import type { CryptoKey, PublicKeyObject, PrivateKeyObject } from './classes';
 
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export const isCryptoKey = (obj: any): boolean => {
   return obj !== null && obj?.keyObject !== undefined;
 };
 
+export function exportPublicKeyRaw(
+  pub: PublicKeyObject,
+  pointType: 'compressed' | 'uncompressed' | undefined,
+): ArrayBuffer {
+  if (pub.asymmetricKeyType === 'ec') {
+    return pub.handle.exportECPublicRaw(pointType === 'compressed');
+  }
+  return pub.handle.exportRawPublic();
+}
+
+export function exportPrivateKeyRaw(
+  priv: PrivateKeyObject,
+  format: 'raw-private' | 'raw-seed',
+): ArrayBuffer {
+  if (format === 'raw-seed') {
+    return priv.handle.exportRawSeed();
+  }
+  if (priv.asymmetricKeyType === 'ec') {
+    return priv.handle.exportECPrivateRaw();
+  }
+  return priv.handle.exportRawPrivate();
+}
+
 export function getCryptoKeyPair(
   key: CryptoKey | CryptoKeyPair,
 ): CryptoKeyPair {
@@ -62,6 +85,19 @@ export function parseKeyEncoding(
     objName,
   );
 
+  if (
+    format === 'raw-public' ||
+    format === 'raw-private' ||
+    format === 'raw-seed'
+  ) {
+    if (enc.cipher != null || enc.passphrase !== undefined) {
+      throw new Error(
+        `Incompatible key options: ${format} does not support encryption`,
+      );
+    }
+    return { format, type, cipher: undefined, passphrase: undefined };
+  }
+
   let cipher, passphrase, encoding;
   if (isPublic !== true) {
     ({ cipher, passphrase, encoding } = enc);
@@ -77,7 +113,7 @@ export function parseKeyEncoding(
           (type === KeyEncoding.PKCS1 || type === KeyEncoding.SEC1)
         ) {
           throw new Error(
-            `Incompatible key options ${encodingNames[type]} does not support encryption`,
+            `Incompatible key options ${encodingNames[type as KeyEncoding]} does not support encryption`,
           );
         }
       } else if (passphrase !== undefined) {
@@ -120,12 +156,15 @@ function parseKeyFormat(
   formatStr?: string,
   defaultFormat?: KFormatType,
   optionName?: string,
-) {
+): KFormatType | 'raw-public' | 'raw-private' | 'raw-seed' {
   if (formatStr === undefined && defaultFormat !== undefined)
     return defaultFormat;
   else if (formatStr === 'pem') return KFormatType.PEM;
   else if (formatStr === 'der') return KFormatType.DER;
   else if (formatStr === 'jwk') return KFormatType.JWK;
+  else if (formatStr === 'raw-public') return 'raw-public';
+  else if (formatStr === 'raw-private') return 'raw-private';
+  else if (formatStr === 'raw-seed') return 'raw-seed';
   throw new Error(`Invalid key format str: ${optionName}`);
 }
 
@@ -166,7 +205,10 @@ function parseKeyFormatAndType(
   keyType?: string,
   isPublic?: boolean,
   objName?: string,
-) {
+): {
+  format: KFormatType | 'raw-public' | 'raw-private' | 'raw-seed';
+  type: KeyEncoding | 'compressed' | 'uncompressed' | undefined;
+} {
   const { format: formatStr, type: typeStr } = enc;
 
   const isInput = keyType === undefined;
@@ -176,11 +218,42 @@ function parseKeyFormatAndType(
     option('format', objName),
   );
 
+  if (format === 'raw-public') {
+    if (isPublic === false) {
+      throw new Error(
+        `Invalid format 'raw-public' for ${option('format', objName)}`,
+      );
+    }
+    if (typeStr === undefined || typeStr === 'uncompressed') {
+      return { format, type: 'uncompressed' };
+    }
+    if (typeStr === 'compressed') {
+      return { format, type: 'compressed' };
+    }
+    throw new Error(
+      `Invalid ${option('type', objName)} for raw-public: ${typeStr}`,
+    );
+  }
+
+  if (format === 'raw-private' || format === 'raw-seed') {
+    if (isPublic === true) {
+      throw new Error(
+        `Invalid format '${format}' for ${option('format', objName)}`,
+      );
+    }
+    if (typeStr !== undefined) {
+      throw new Error(
+        `Invalid ${option('type', objName)} for ${format}: ${typeStr}`,
+      );
+    }
+    return { format, type: undefined };
+  }
+
   const isRequired =
     (!isInput || format === KFormatType.DER) && format !== KFormatType.JWK;
 
   const type = parseKeyType(
-    typeStr,
+    typeStr as string | undefined,
     isRequired,
     keyType,
     isPublic,

package/src/random.ts

@@ -1,6 +1,11 @@
 import { Buffer } from '@craftzdog/react-native-buffer';
 import type { ABV, RandomCallback } from './utils';
-import { abvToArrayBuffer } from './utils';
+import {
+  abvToArrayBuffer,
+  lazyDOMException,
+  QuotaExceededError,
+  rejectSharedArrayBuffer,
+} from './utils';
 import { NitroModules } from 'react-native-nitro-modules';
 import type { Random } from './specs/random.nitro';
 
@@ -288,6 +293,27 @@ export type RandomTypedArrays =
   | Uint16Array
   | Uint32Array;
 
+// WebCrypto §getRandomValues only accepts integer-typed views. Float and
+// non-TypedArray ABVs (DataView) must be rejected with a TypeMismatchError
+// DOMException — see https://w3c.github.io/webcrypto/#Crypto-method-getRandomValues
+const INTEGER_TYPED_ARRAY_TAGS = new Set([
+  'Int8Array',
+  'Int16Array',
+  'Int32Array',
+  'Uint8Array',
+  'Uint8ClampedArray',
+  'Uint16Array',
+  'Uint32Array',
+  'BigInt64Array',
+  'BigUint64Array',
+]);
+
+function isIntegerTypedArray(value: unknown): boolean {
+  if (!ArrayBuffer.isView(value)) return false;
+  const tag = (value as { [Symbol.toStringTag]?: string })[Symbol.toStringTag];
+  return tag !== undefined && INTEGER_TYPED_ARRAY_TAGS.has(tag);
+}
+
 /**
  * Fills the provided typed array with cryptographically strong random values.
  *
@@ -295,8 +321,24 @@ export type RandomTypedArrays =
  * @returns The filled data
  */
 export function getRandomValues(data: RandomTypedArrays) {
+  // WebIDL BufferSource conversion (TypeError) must run before the
+  // WebCrypto-specific integer-type / size checks (TypeMismatchError /
+  // QuotaExceededError). `randomFillSync` below also rejects SAB via
+  // `abvToArrayBuffer`, but by then we'd already have thrown the wrong
+  // error type for a non-integer SAB-view, so the explicit early call is
+  // load-bearing for spec compliance — not redundant.
+  rejectSharedArrayBuffer(data);
+  if (!isIntegerTypedArray(data)) {
+    throw lazyDOMException(
+      'The data argument must be an integer-type TypedArray',
+      'TypeMismatchError',
+    );
+  }
   if (data.byteLength > 65536) {
-    throw new Error('The requested length exceeds 65,536 bytes');
+    throw new QuotaExceededError('The requested length exceeds 65,536 bytes', {
+      quota: 65536,
+      requested: data.byteLength,
+    });
   }
   randomFillSync(data, 0);
   return data;
@@ -308,14 +350,28 @@ for (let i = 0; i < 256; ++i) {
   byteToHex.push((i + 0x100).toString(16).slice(1));
 }
 
-// Based on https://github.com/uuidjs/uuid/blob/main/src/v4.js
-export function randomUUID() {
-  const size = 16;
-  const buffer = new Buffer(size);
-  randomFillSync(buffer, 0, size);
+export interface RandomUUIDOptions {
+  // Accepted for Node.js parity. RNQC does not buffer entropy, so this is a
+  // no-op: every UUID already pulls fresh bytes from the OS CSPRNG.
+  disableEntropyCache?: boolean;
+}
 
-  // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`
-  buffer[6] = (buffer[6]! & 0x0f) | 0x40;
+function validateRandomUUIDOptions(options?: RandomUUIDOptions): void {
+  if (options === undefined) return;
+  if (typeof options !== 'object' || options === null) {
+    throw new TypeError('options must be an object');
+  }
+  if (
+    options.disableEntropyCache !== undefined &&
+    typeof options.disableEntropyCache !== 'boolean'
+  ) {
+    throw new TypeError('options.disableEntropyCache must be a boolean');
+  }
+}
+
+// RFC 9562 variant 10xx is shared by v4 and v7.
+function serializeUUID(buffer: Buffer, version: number): string {
+  buffer[6] = (buffer[6]! & 0x0f) | (version << 4);
   buffer[8] = (buffer[8]! & 0x3f) | 0x80;
 
   return (
@@ -341,3 +397,31 @@ export function randomUUID() {
     byteToHex[buffer[15]!]
   ).toLowerCase();
 }
+
+// RFC 9562 §5.4 — random UUID (v4).
+export function randomUUID(options?: RandomUUIDOptions): string {
+  validateRandomUUIDOptions(options);
+  const buffer = new Buffer(16);
+  randomFillSync(buffer, 0, 16);
+  return serializeUUID(buffer, 4);
+}
+
+// RFC 9562 §5.7 — Unix-ms timestamped UUID (v7).
+// Layout: 48-bit big-endian Unix-ms timestamp | 4-bit version (7) |
+// 12 bits random | 2-bit variant (10) | 62 bits random.
+export function randomUUIDv7(options?: RandomUUIDOptions): string {
+  validateRandomUUIDOptions(options);
+  const buffer = new Buffer(16);
+  randomFillSync(buffer, 6, 10);
+
+  const now = Date.now();
+  const msb = Math.floor(now / 0x100000000);
+  buffer[0] = (msb >>> 8) & 0xff;
+  buffer[1] = msb & 0xff;
+  buffer[2] = (now >>> 24) & 0xff;
+  buffer[3] = (now >>> 16) & 0xff;
+  buffer[4] = (now >>> 8) & 0xff;
+  buffer[5] = now & 0xff;
+
+  return serializeUUID(buffer, 7);
+}

package/src/rsa.ts

@@ -260,6 +260,14 @@ function rsa_formatKeyPairOutput(
   let publicKey: PublicKeyObject | Buffer | string | ArrayBuffer;
   let privateKey: PrivateKeyObject | Buffer | string | ArrayBuffer;
 
+  if (
+    publicFormat === 'raw-public' ||
+    privateFormat === 'raw-private' ||
+    privateFormat === 'raw-seed'
+  ) {
+    throw new Error('Raw key formats are not supported for RSA keys');
+  }
+
   if (publicFormat === -1) {
     publicKey = pub;
   } else {

package/src/slhdsa.ts

@@ -0,0 +1,146 @@
+import { NitroModules } from 'react-native-nitro-modules';
+import type { SlhDsaKeyPair } from './specs/slhDsaKeyPair.nitro';
+import {
+  CryptoKey,
+  KeyObject,
+  PublicKeyObject,
+  PrivateKeyObject as PrivateKeyObjectClass,
+} from './keys/classes';
+import type {
+  CryptoKeyPair,
+  KeyUsage,
+  SubtleAlgorithm,
+  SlhDsaAlgorithm,
+} from './utils';
+import {
+  hasAnyNotIn,
+  lazyDOMException,
+  getUsagesUnion,
+  KFormatType,
+  KeyEncoding,
+} from './utils';
+
+export type SlhDsaVariant = SlhDsaAlgorithm;
+
+export const SLH_DSA_VARIANTS: readonly SlhDsaVariant[] = [
+  'SLH-DSA-SHA2-128s',
+  'SLH-DSA-SHA2-128f',
+  'SLH-DSA-SHA2-192s',
+  'SLH-DSA-SHA2-192f',
+  'SLH-DSA-SHA2-256s',
+  'SLH-DSA-SHA2-256f',
+  'SLH-DSA-SHAKE-128s',
+  'SLH-DSA-SHAKE-128f',
+  'SLH-DSA-SHAKE-192s',
+  'SLH-DSA-SHAKE-192f',
+  'SLH-DSA-SHAKE-256s',
+  'SLH-DSA-SHAKE-256f',
+] as const;
+
+export class SlhDsa {
+  variant: SlhDsaVariant;
+  native: SlhDsaKeyPair;
+
+  constructor(variant: SlhDsaVariant) {
+    this.variant = variant;
+    this.native =
+      NitroModules.createHybridObject<SlhDsaKeyPair>('SlhDsaKeyPair');
+    this.native.setVariant(variant);
+  }
+
+  async generateKeyPair(): Promise<void> {
+    await this.native.generateKeyPair(
+      KFormatType.DER,
+      KeyEncoding.SPKI,
+      KFormatType.DER,
+      KeyEncoding.PKCS8,
+    );
+  }
+
+  generateKeyPairSync(): void {
+    this.native.generateKeyPairSync(
+      KFormatType.DER,
+      KeyEncoding.SPKI,
+      KFormatType.DER,
+      KeyEncoding.PKCS8,
+    );
+  }
+
+  getPublicKey(): ArrayBuffer {
+    return this.native.getPublicKey();
+  }
+
+  getPrivateKey(): ArrayBuffer {
+    return this.native.getPrivateKey();
+  }
+
+  async sign(message: ArrayBuffer): Promise<ArrayBuffer> {
+    return this.native.sign(message);
+  }
+
+  signSync(message: ArrayBuffer): ArrayBuffer {
+    return this.native.signSync(message);
+  }
+
+  async verify(signature: ArrayBuffer, message: ArrayBuffer): Promise<boolean> {
+    return this.native.verify(signature, message);
+  }
+
+  verifySync(signature: ArrayBuffer, message: ArrayBuffer): boolean {
+    return this.native.verifySync(signature, message);
+  }
+}
+
+export async function slhdsa_generateKeyPairWebCrypto(
+  variant: SlhDsaVariant,
+  extractable: boolean,
+  keyUsages: KeyUsage[],
+): Promise<CryptoKeyPair> {
+  if (hasAnyNotIn(keyUsages, ['sign', 'verify'])) {
+    throw lazyDOMException(
+      `Unsupported key usage for ${variant}`,
+      'SyntaxError',
+    );
+  }
+
+  const publicUsages = getUsagesUnion(keyUsages, 'verify');
+  const privateUsages = getUsagesUnion(keyUsages, 'sign');
+
+  if (privateUsages.length === 0) {
+    throw lazyDOMException('Usages cannot be empty', 'SyntaxError');
+  }
+
+  const slhdsa = new SlhDsa(variant);
+  await slhdsa.generateKeyPair();
+
+  const publicKeyData = slhdsa.getPublicKey();
+  const privateKeyData = slhdsa.getPrivateKey();
+
+  const pub = KeyObject.createKeyObject(
+    'public',
+    publicKeyData,
+    KFormatType.DER,
+    KeyEncoding.SPKI,
+  ) as PublicKeyObject;
+  const publicKey = new CryptoKey(
+    pub,
+    { name: variant } as SubtleAlgorithm,
+    publicUsages,
+    true,
+  );
+
+  const priv = KeyObject.createKeyObject(
+    'private',
+    privateKeyData,
+    KFormatType.DER,
+    KeyEncoding.PKCS8,
+  ) as PrivateKeyObjectClass;
+  const privateKey = new CryptoKey(
+    priv,
+    { name: variant } as SubtleAlgorithm,
+    privateUsages,
+    extractable,
+  );
+
+  return { publicKey, privateKey };
+}

package/src/specs/keyObjectHandle.nitro.ts

@@ -18,6 +18,11 @@ export interface KeyObjectHandle
     passphrase?: ArrayBuffer,
   ): ArrayBuffer;
   exportJwk(key: JWK, handleRsaPss: boolean): JWK;
+  exportRawPublic(): ArrayBuffer;
+  exportRawPrivate(): ArrayBuffer;
+  exportRawSeed(): ArrayBuffer;
+  exportECPublicRaw(compressed: boolean): ArrayBuffer;
+  exportECPrivateRaw(): ArrayBuffer;
   getAsymmetricKeyType(): AsymmetricKeyType;
   init(
     keyType: KeyType,
@@ -32,8 +37,20 @@ export interface KeyObjectHandle
     keyData: ArrayBuffer,
     isPublic: boolean,
   ): boolean;
+  initRawPublic(
+    asymmetricKeyType: string,
+    keyData: ArrayBuffer,
+    namedCurve?: string,
+  ): boolean;
+  initRawPrivate(
+    asymmetricKeyType: string,
+    keyData: ArrayBuffer,
+    namedCurve?: string,
+  ): boolean;
+  initRawSeed(asymmetricKeyType: string, keyData: ArrayBuffer): boolean;
   initJwk(keyData: JWK, namedCurve?: NamedCurve): KeyType | undefined;
   keyDetail(): KeyDetail;
   keyEquals(other: KeyObjectHandle): boolean;
   getSymmetricKeySize(): number;
+  checkEcKeyData(): boolean;
 }

package/src/specs/slhDsaKeyPair.nitro.ts

@@ -0,0 +1,29 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export interface SlhDsaKeyPair
+  extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  generateKeyPair(
+    publicFormat: number,
+    publicType: number,
+    privateFormat: number,
+    privateType: number,
+  ): Promise<void>;
+
+  generateKeyPairSync(
+    publicFormat: number,
+    publicType: number,
+    privateFormat: number,
+    privateType: number,
+  ): void;
+
+  getPublicKey(): ArrayBuffer;
+  getPrivateKey(): ArrayBuffer;
+
+  sign(message: ArrayBuffer): Promise<ArrayBuffer>;
+  signSync(message: ArrayBuffer): ArrayBuffer;
+
+  verify(signature: ArrayBuffer, message: ArrayBuffer): Promise<boolean>;
+  verifySync(signature: ArrayBuffer, message: ArrayBuffer): boolean;
+
+  setVariant(variant: string): void;
+}

package/src/specs/turboshake.nitro.ts

@@ -0,0 +1,21 @@
+import type { HybridObject } from 'react-native-nitro-modules';
+
+export type TurboShakeVariant = 'TurboSHAKE128' | 'TurboSHAKE256';
+export type KangarooTwelveVariant = 'KT128' | 'KT256';
+
+export interface TurboShake
+  extends HybridObject<{ ios: 'c++'; android: 'c++' }> {
+  turboShake(
+    variant: TurboShakeVariant,
+    domainSeparation: number,
+    outputLength: number,
+    data: ArrayBuffer,
+  ): Promise<ArrayBuffer>;
+
+  kangarooTwelve(
+    variant: KangarooTwelveVariant,
+    outputLength: number,
+    data: ArrayBuffer,
+    customization?: ArrayBuffer,
+  ): Promise<ArrayBuffer>;
+}