react-native-quick-crypto 1.1.1 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/QuickCrypto.podspec +1 -0
- package/android/CMakeLists.txt +4 -0
- package/cpp/cipher/CCMCipher.cpp +7 -11
- package/cpp/cipher/ChaCha20Cipher.cpp +6 -10
- package/cpp/cipher/ChaCha20Poly1305Cipher.cpp +10 -16
- package/cpp/cipher/GCMCipher.cpp +3 -5
- package/cpp/cipher/HybridCipher.cpp +7 -13
- package/cpp/cipher/HybridRsaCipher.cpp +19 -27
- package/cpp/cipher/OCBCipher.cpp +2 -3
- package/cpp/cipher/XChaCha20Poly1305Cipher.cpp +13 -19
- package/cpp/cipher/XSalsa20Cipher.cpp +8 -12
- package/cpp/cipher/XSalsa20Poly1305Cipher.cpp +11 -16
- package/cpp/keys/HybridKeyObjectHandle.cpp +630 -2
- package/cpp/keys/HybridKeyObjectHandle.hpp +21 -1
- package/cpp/sign/HybridSignHandle.cpp +26 -8
- package/cpp/sign/HybridVerifyHandle.cpp +28 -11
- package/cpp/slhdsa/HybridSlhDsaKeyPair.cpp +245 -0
- package/cpp/slhdsa/HybridSlhDsaKeyPair.hpp +48 -0
- package/cpp/turboshake/HybridTurboShake.cpp +379 -0
- package/cpp/turboshake/HybridTurboShake.hpp +28 -0
- package/cpp/utils/HybridUtils.cpp +83 -21
- package/cpp/utils/HybridUtils.hpp +4 -0
- package/deps/blake3/README.md +6 -7
- package/deps/blake3/c/blake3.c +3 -2
- package/deps/blake3/c/blake3.h +2 -2
- package/deps/blake3/c/blake3_dispatch.c +2 -2
- package/deps/blake3/c/blake3_impl.h +1 -1
- package/deps/blake3/c/blake3_neon.c +5 -4
- package/deps/ncrypto/include/ncrypto/version.h +2 -2
- package/deps/ncrypto/include/ncrypto.h +9 -2
- package/deps/ncrypto/src/ncrypto.cpp +130 -35
- package/lib/commonjs/dhKeyPair.js +3 -0
- package/lib/commonjs/dhKeyPair.js.map +1 -1
- package/lib/commonjs/dsa.js +3 -0
- package/lib/commonjs/dsa.js.map +1 -1
- package/lib/commonjs/ec.js +37 -30
- package/lib/commonjs/ec.js.map +1 -1
- package/lib/commonjs/ed.js +60 -6
- package/lib/commonjs/ed.js.map +1 -1
- package/lib/commonjs/expo-plugin/withXCode.js +3 -3
- package/lib/commonjs/hash.js +52 -5
- package/lib/commonjs/hash.js.map +1 -1
- package/lib/commonjs/keys/classes.js +33 -7
- package/lib/commonjs/keys/classes.js.map +1 -1
- package/lib/commonjs/keys/generateKeyPair.js +85 -4
- package/lib/commonjs/keys/generateKeyPair.js.map +1 -1
- package/lib/commonjs/keys/index.js +50 -2
- package/lib/commonjs/keys/index.js.map +1 -1
- package/lib/commonjs/keys/signVerify.js +9 -2
- package/lib/commonjs/keys/signVerify.js.map +1 -1
- package/lib/commonjs/keys/utils.js +59 -1
- package/lib/commonjs/keys/utils.js.map +1 -1
- package/lib/commonjs/random.js +63 -9
- package/lib/commonjs/random.js.map +1 -1
- package/lib/commonjs/rsa.js +3 -0
- package/lib/commonjs/rsa.js.map +1 -1
- package/lib/commonjs/slhdsa.js +70 -0
- package/lib/commonjs/slhdsa.js.map +1 -0
- package/lib/commonjs/specs/slhDsaKeyPair.nitro.js +6 -0
- package/lib/commonjs/specs/slhDsaKeyPair.nitro.js.map +1 -0
- package/lib/commonjs/specs/turboshake.nitro.js +6 -0
- package/lib/commonjs/specs/turboshake.nitro.js.map +1 -0
- package/lib/commonjs/subtle.js +926 -275
- package/lib/commonjs/subtle.js.map +1 -1
- package/lib/commonjs/utils/conversion.js +61 -25
- package/lib/commonjs/utils/conversion.js.map +1 -1
- package/lib/commonjs/utils/errors.js +63 -4
- package/lib/commonjs/utils/errors.js.map +1 -1
- package/lib/commonjs/utils/types.js.map +1 -1
- package/lib/commonjs/utils/validation.js +46 -0
- package/lib/commonjs/utils/validation.js.map +1 -1
- package/lib/module/dhKeyPair.js +3 -0
- package/lib/module/dhKeyPair.js.map +1 -1
- package/lib/module/dsa.js +3 -0
- package/lib/module/dsa.js.map +1 -1
- package/lib/module/ec.js +38 -31
- package/lib/module/ec.js.map +1 -1
- package/lib/module/ed.js +61 -7
- package/lib/module/ed.js.map +1 -1
- package/lib/module/expo-plugin/withXCode.js +3 -3
- package/lib/module/hash.js +52 -5
- package/lib/module/hash.js.map +1 -1
- package/lib/module/keys/classes.js +31 -5
- package/lib/module/keys/classes.js.map +1 -1
- package/lib/module/keys/generateKeyPair.js +86 -5
- package/lib/module/keys/generateKeyPair.js.map +1 -1
- package/lib/module/keys/index.js +50 -2
- package/lib/module/keys/index.js.map +1 -1
- package/lib/module/keys/signVerify.js +9 -2
- package/lib/module/keys/signVerify.js.map +1 -1
- package/lib/module/keys/utils.js +57 -1
- package/lib/module/keys/utils.js.map +1 -1
- package/lib/module/random.js +63 -10
- package/lib/module/random.js.map +1 -1
- package/lib/module/rsa.js +3 -0
- package/lib/module/rsa.js.map +1 -1
- package/lib/module/slhdsa.js +64 -0
- package/lib/module/slhdsa.js.map +1 -0
- package/lib/module/specs/slhDsaKeyPair.nitro.js +4 -0
- package/lib/module/specs/slhDsaKeyPair.nitro.js.map +1 -0
- package/lib/module/specs/turboshake.nitro.js +4 -0
- package/lib/module/specs/turboshake.nitro.js.map +1 -0
- package/lib/module/subtle.js +927 -276
- package/lib/module/subtle.js.map +1 -1
- package/lib/module/utils/conversion.js +59 -25
- package/lib/module/utils/conversion.js.map +1 -1
- package/lib/module/utils/errors.js +61 -4
- package/lib/module/utils/errors.js.map +1 -1
- package/lib/module/utils/types.js.map +1 -1
- package/lib/module/utils/validation.js +44 -0
- package/lib/module/utils/validation.js.map +1 -1
- package/lib/typescript/dhKeyPair.d.ts.map +1 -1
- package/lib/typescript/dsa.d.ts.map +1 -1
- package/lib/typescript/ec.d.ts.map +1 -1
- package/lib/typescript/ed.d.ts.map +1 -1
- package/lib/typescript/hash.d.ts.map +1 -1
- package/lib/typescript/index.d.ts +12 -7
- package/lib/typescript/index.d.ts.map +1 -1
- package/lib/typescript/keys/classes.d.ts +10 -1
- package/lib/typescript/keys/classes.d.ts.map +1 -1
- package/lib/typescript/keys/generateKeyPair.d.ts +12 -1
- package/lib/typescript/keys/generateKeyPair.d.ts.map +1 -1
- package/lib/typescript/keys/index.d.ts +3 -1
- package/lib/typescript/keys/index.d.ts.map +1 -1
- package/lib/typescript/keys/signVerify.d.ts.map +1 -1
- package/lib/typescript/keys/utils.d.ts +21 -4
- package/lib/typescript/keys/utils.d.ts.map +1 -1
- package/lib/typescript/random.d.ts +5 -1
- package/lib/typescript/random.d.ts.map +1 -1
- package/lib/typescript/rsa.d.ts.map +1 -1
- package/lib/typescript/slhdsa.d.ts +19 -0
- package/lib/typescript/slhdsa.d.ts.map +1 -0
- package/lib/typescript/specs/keyObjectHandle.nitro.d.ts +9 -0
- package/lib/typescript/specs/keyObjectHandle.nitro.d.ts.map +1 -1
- package/lib/typescript/specs/slhDsaKeyPair.nitro.d.ts +16 -0
- package/lib/typescript/specs/slhDsaKeyPair.nitro.d.ts.map +1 -0
- package/lib/typescript/specs/turboshake.nitro.d.ts +11 -0
- package/lib/typescript/specs/turboshake.nitro.d.ts.map +1 -0
- package/lib/typescript/subtle.d.ts +3 -2
- package/lib/typescript/subtle.d.ts.map +1 -1
- package/lib/typescript/utils/conversion.d.ts +9 -6
- package/lib/typescript/utils/conversion.d.ts.map +1 -1
- package/lib/typescript/utils/errors.d.ts +12 -0
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/types.d.ts +32 -15
- package/lib/typescript/utils/types.d.ts.map +1 -1
- package/lib/typescript/utils/validation.d.ts +3 -1
- package/lib/typescript/utils/validation.d.ts.map +1 -1
- package/nitrogen/generated/android/QuickCrypto+autolinking.cmake +2 -0
- package/nitrogen/generated/android/QuickCryptoOnLoad.cpp +20 -0
- package/nitrogen/generated/ios/QuickCryptoAutolinking.mm +20 -0
- package/nitrogen/generated/shared/c++/AsymmetricKeyType.hpp +48 -0
- package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.cpp +9 -0
- package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.hpp +9 -0
- package/nitrogen/generated/shared/c++/HybridSlhDsaKeyPairSpec.cpp +29 -0
- package/nitrogen/generated/shared/c++/HybridSlhDsaKeyPairSpec.hpp +72 -0
- package/nitrogen/generated/shared/c++/HybridTurboShakeSpec.cpp +22 -0
- package/nitrogen/generated/shared/c++/HybridTurboShakeSpec.hpp +70 -0
- package/nitrogen/generated/shared/c++/JWK.hpp +9 -1
- package/nitrogen/generated/shared/c++/JWKkty.hpp +4 -0
- package/nitrogen/generated/shared/c++/KangarooTwelveVariant.hpp +76 -0
- package/nitrogen/generated/shared/c++/TurboShakeVariant.hpp +76 -0
- package/package.json +4 -5
- package/src/dhKeyPair.ts +8 -0
- package/src/dsa.ts +8 -0
- package/src/ec.ts +52 -29
- package/src/ed.ts +95 -16
- package/src/expo-plugin/withXCode.ts +3 -3
- package/src/hash.ts +108 -5
- package/src/keys/classes.ts +46 -5
- package/src/keys/generateKeyPair.ts +151 -5
- package/src/keys/index.ts +73 -3
- package/src/keys/signVerify.ts +13 -2
- package/src/keys/utils.ts +78 -5
- package/src/random.ts +93 -9
- package/src/rsa.ts +8 -0
- package/src/slhdsa.ts +146 -0
- package/src/specs/keyObjectHandle.nitro.ts +17 -0
- package/src/specs/slhDsaKeyPair.nitro.ts +29 -0
- package/src/specs/turboshake.nitro.ts +21 -0
- package/src/subtle.ts +1191 -360
- package/src/utils/conversion.ts +80 -27
- package/src/utils/errors.ts +72 -4
- package/src/utils/types.ts +80 -15
- package/src/utils/validation.ts +70 -1
package/deps/blake3/c/blake3.h
CHANGED
|
@@ -30,7 +30,7 @@
|
|
|
30
30
|
extern "C" {
|
|
31
31
|
#endif
|
|
32
32
|
|
|
33
|
-
#define BLAKE3_VERSION_STRING "1.8.
|
|
33
|
+
#define BLAKE3_VERSION_STRING "1.8.5"
|
|
34
34
|
#define BLAKE3_KEY_LEN 32
|
|
35
35
|
#define BLAKE3_OUT_LEN 32
|
|
36
36
|
#define BLAKE3_BLOCK_LEN 64
|
|
@@ -38,7 +38,7 @@ extern "C" {
|
|
|
38
38
|
#define BLAKE3_MAX_DEPTH 54
|
|
39
39
|
|
|
40
40
|
// This struct is a private implementation detail. It has to be here because
|
|
41
|
-
// it's part of blake3_hasher below.
|
|
41
|
+
// it's part of the blake3_hasher structure defined below.
|
|
42
42
|
typedef struct {
|
|
43
43
|
uint32_t cv[8];
|
|
44
44
|
uint64_t chunk_counter;
|
|
@@ -89,7 +89,6 @@ static void cpuidex(uint32_t out[4], uint32_t id, uint32_t sid) {
|
|
|
89
89
|
#endif
|
|
90
90
|
}
|
|
91
91
|
|
|
92
|
-
#endif
|
|
93
92
|
|
|
94
93
|
enum cpu_feature {
|
|
95
94
|
SSE2 = 1 << 0,
|
|
@@ -164,6 +163,7 @@ static
|
|
|
164
163
|
#endif
|
|
165
164
|
}
|
|
166
165
|
}
|
|
166
|
+
#endif
|
|
167
167
|
|
|
168
168
|
void blake3_compress_in_place(uint32_t cv[8],
|
|
169
169
|
const uint8_t block[BLAKE3_BLOCK_LEN],
|
|
@@ -235,7 +235,7 @@ void blake3_xof_many(const uint32_t cv[8],
|
|
|
235
235
|
#if defined(IS_X86)
|
|
236
236
|
const enum cpu_feature features = get_cpu_features();
|
|
237
237
|
MAYBE_UNUSED(features);
|
|
238
|
-
#if !defined(_WIN32) && !defined(BLAKE3_NO_AVX512)
|
|
238
|
+
#if !defined(_WIN32) && !defined(__CYGWIN__) && !defined(BLAKE3_NO_AVX512)
|
|
239
239
|
if (features & AVX512VL) {
|
|
240
240
|
blake3_xof_many_avx512(cv, block, block_len, counter, flags, out, outblocks);
|
|
241
241
|
return;
|
|
@@ -309,7 +309,7 @@ void blake3_hash_many_avx512(const uint8_t *const *inputs, size_t num_inputs,
|
|
|
309
309
|
uint8_t flags, uint8_t flags_start,
|
|
310
310
|
uint8_t flags_end, uint8_t *out);
|
|
311
311
|
|
|
312
|
-
#if !defined(_WIN32)
|
|
312
|
+
#if !defined(_WIN32) && !defined(__CYGWIN__)
|
|
313
313
|
void blake3_xof_many_avx512(const uint32_t cv[8],
|
|
314
314
|
const uint8_t block[BLAKE3_BLOCK_LEN],
|
|
315
315
|
uint8_t block_len, uint64_t counter, uint8_t flags,
|
|
@@ -243,10 +243,11 @@ INLINE void load_counters4(uint64_t counter, bool increment_counter,
|
|
|
243
243
|
counter_high(counter + (mask & 2)), counter_high(counter + (mask & 3)));
|
|
244
244
|
}
|
|
245
245
|
|
|
246
|
-
void blake3_hash4_neon(const uint8_t *const *inputs, size_t blocks,
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
246
|
+
static void blake3_hash4_neon(const uint8_t *const *inputs, size_t blocks,
|
|
247
|
+
const uint32_t key[8], uint64_t counter,
|
|
248
|
+
bool increment_counter, uint8_t flags,
|
|
249
|
+
uint8_t flags_start, uint8_t flags_end,
|
|
250
|
+
uint8_t *out) {
|
|
250
251
|
uint32x4_t h_vecs[8] = {
|
|
251
252
|
set1_128(key[0]), set1_128(key[1]), set1_128(key[2]), set1_128(key[3]),
|
|
252
253
|
set1_128(key[4]), set1_128(key[5]), set1_128(key[6]), set1_128(key[7]),
|
|
@@ -3,12 +3,12 @@
|
|
|
3
3
|
#ifndef NCRYPTO_VERSION_H_
|
|
4
4
|
#define NCRYPTO_VERSION_H_
|
|
5
5
|
|
|
6
|
-
#define NCRYPTO_VERSION "1.1.
|
|
6
|
+
#define NCRYPTO_VERSION "1.1.4" // x-release-please-version
|
|
7
7
|
|
|
8
8
|
enum {
|
|
9
9
|
NCRYPTO_VERSION_MAJOR = 1, // x-release-please-major
|
|
10
10
|
NCRYPTO_VERSION_MINOR = 1, // x-release-please-minor
|
|
11
|
-
NCRYPTO_VERSION_REVISION =
|
|
11
|
+
NCRYPTO_VERSION_REVISION = 4, // x-release-please-patch
|
|
12
12
|
};
|
|
13
13
|
|
|
14
14
|
#endif // NCRYPTO_VERSION_H_
|
|
@@ -690,6 +690,8 @@ class DataPointer final {
|
|
|
690
690
|
bool isSecure() const { return secure_; }
|
|
691
691
|
|
|
692
692
|
private:
|
|
693
|
+
void free();
|
|
694
|
+
|
|
693
695
|
void* data_ = nullptr;
|
|
694
696
|
size_t len_ = 0;
|
|
695
697
|
bool secure_ = false;
|
|
@@ -897,6 +899,9 @@ class EVPKeyPointer final {
|
|
|
897
899
|
DER,
|
|
898
900
|
PEM,
|
|
899
901
|
JWK,
|
|
902
|
+
RAW_PUBLIC,
|
|
903
|
+
RAW_PRIVATE,
|
|
904
|
+
RAW_SEED,
|
|
900
905
|
};
|
|
901
906
|
|
|
902
907
|
enum class PKParseError { NOT_RECOGNIZED, NEED_PASSPHRASE, FAILED };
|
|
@@ -906,6 +911,7 @@ class EVPKeyPointer final {
|
|
|
906
911
|
bool output_key_object = false;
|
|
907
912
|
PKFormatType format = PKFormatType::DER;
|
|
908
913
|
PKEncodingType type = PKEncodingType::PKCS8;
|
|
914
|
+
int ec_point_form = POINT_CONVERSION_UNCOMPRESSED;
|
|
909
915
|
AsymmetricKeyEncodingConfig() = default;
|
|
910
916
|
AsymmetricKeyEncodingConfig(bool output_key_object,
|
|
911
917
|
PKFormatType format,
|
|
@@ -1620,8 +1626,9 @@ int NoPasswordCallback(char* buf, int size, int rwflag, void* u);
|
|
|
1620
1626
|
|
|
1621
1627
|
int PasswordCallback(char* buf, int size, int rwflag, void* u);
|
|
1622
1628
|
|
|
1623
|
-
bool SafeX509SubjectAltNamePrint(const BIOPointer& out,
|
|
1624
|
-
|
|
1629
|
+
bool SafeX509SubjectAltNamePrint(const BIOPointer& out,
|
|
1630
|
+
const X509_EXTENSION* ext);
|
|
1631
|
+
bool SafeX509InfoAccessPrint(const BIOPointer& out, const X509_EXTENSION* ext);
|
|
1625
1632
|
|
|
1626
1633
|
// ============================================================================
|
|
1627
1634
|
// SPKAC
|
|
@@ -15,10 +15,6 @@
|
|
|
15
15
|
#include <openssl/hkdf.h>
|
|
16
16
|
#endif
|
|
17
17
|
|
|
18
|
-
#if OPENSSL_VERSION_NUMBER >= 0x30200000L
|
|
19
|
-
#include <openssl/thread.h>
|
|
20
|
-
#endif
|
|
21
|
-
|
|
22
18
|
#include <algorithm>
|
|
23
19
|
#include <array>
|
|
24
20
|
#include <cstring>
|
|
@@ -28,6 +24,9 @@
|
|
|
28
24
|
#include <openssl/core_names.h>
|
|
29
25
|
#include <openssl/params.h>
|
|
30
26
|
#include <openssl/provider.h>
|
|
27
|
+
#if OPENSSL_VERSION_NUMBER >= 0x30200000L
|
|
28
|
+
#include <openssl/thread.h>
|
|
29
|
+
#endif
|
|
31
30
|
#endif
|
|
32
31
|
#if OPENSSL_WITH_PQC
|
|
33
32
|
struct PQCMapping {
|
|
@@ -228,7 +227,7 @@ void DataPointer::zero() {
|
|
|
228
227
|
OPENSSL_cleanse(data_, len_);
|
|
229
228
|
}
|
|
230
229
|
|
|
231
|
-
void DataPointer::
|
|
230
|
+
void DataPointer::free() {
|
|
232
231
|
if (data_ != nullptr) {
|
|
233
232
|
if (secure_) {
|
|
234
233
|
OPENSSL_secure_clear_free(data_, len_);
|
|
@@ -236,6 +235,10 @@ void DataPointer::reset(void* data, size_t length) {
|
|
|
236
235
|
OPENSSL_clear_free(data_, len_);
|
|
237
236
|
}
|
|
238
237
|
}
|
|
238
|
+
}
|
|
239
|
+
|
|
240
|
+
void DataPointer::reset(void* data, size_t length) {
|
|
241
|
+
free();
|
|
239
242
|
data_ = data;
|
|
240
243
|
len_ = length;
|
|
241
244
|
}
|
|
@@ -258,7 +261,12 @@ DataPointer DataPointer::resize(size_t len) {
|
|
|
258
261
|
size_t actual_len = std::min(len_, len);
|
|
259
262
|
auto buf = release();
|
|
260
263
|
if (actual_len == len_) return DataPointer(buf.data, actual_len);
|
|
261
|
-
|
|
264
|
+
auto new_data = OPENSSL_realloc(buf.data, actual_len);
|
|
265
|
+
if (new_data == nullptr) {
|
|
266
|
+
free();
|
|
267
|
+
return {};
|
|
268
|
+
}
|
|
269
|
+
buf.data = new_data;
|
|
262
270
|
buf.len = actual_len;
|
|
263
271
|
return DataPointer(buf);
|
|
264
272
|
}
|
|
@@ -810,11 +818,15 @@ bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
|
|
|
810
818
|
// Note that the preferred name syntax (see RFCs 5280 and 1034) with
|
|
811
819
|
// wildcards is a subset of what we consider "safe", so spec-compliant DNS
|
|
812
820
|
// names will never need to be escaped.
|
|
813
|
-
PrintAltName(out,
|
|
821
|
+
PrintAltName(out,
|
|
822
|
+
reinterpret_cast<const char*>(ASN1_STRING_get0_data(name)),
|
|
823
|
+
ASN1_STRING_length(name));
|
|
814
824
|
} else if (gen->type == GEN_EMAIL) {
|
|
815
825
|
ASN1_IA5STRING* name = gen->d.rfc822Name;
|
|
816
826
|
BIO_write(out.get(), "email:", 6);
|
|
817
|
-
PrintAltName(out,
|
|
827
|
+
PrintAltName(out,
|
|
828
|
+
reinterpret_cast<const char*>(ASN1_STRING_get0_data(name)),
|
|
829
|
+
ASN1_STRING_length(name));
|
|
818
830
|
} else if (gen->type == GEN_URI) {
|
|
819
831
|
ASN1_IA5STRING* name = gen->d.uniformResourceIdentifier;
|
|
820
832
|
BIO_write(out.get(), "URI:", 4);
|
|
@@ -822,7 +834,9 @@ bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
|
|
|
822
834
|
// with a few exceptions, most notably URIs that contains commas (see
|
|
823
835
|
// RFC 2396). In other words, most legitimate URIs will not require
|
|
824
836
|
// escaping.
|
|
825
|
-
PrintAltName(out,
|
|
837
|
+
PrintAltName(out,
|
|
838
|
+
reinterpret_cast<const char*>(ASN1_STRING_get0_data(name)),
|
|
839
|
+
ASN1_STRING_length(name));
|
|
826
840
|
} else if (gen->type == GEN_DIRNAME) {
|
|
827
841
|
// Earlier versions of Node.js used X509_NAME_oneline to print the X509_NAME
|
|
828
842
|
// object. The format was non standard and should be avoided. The use of
|
|
@@ -855,17 +869,18 @@ bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
|
|
|
855
869
|
} else if (gen->type == GEN_IPADD) {
|
|
856
870
|
BIO_printf(out.get(), "IP Address:");
|
|
857
871
|
const ASN1_OCTET_STRING* ip = gen->d.ip;
|
|
858
|
-
const unsigned char* b = ip
|
|
859
|
-
|
|
872
|
+
const unsigned char* b = ASN1_STRING_get0_data(ip);
|
|
873
|
+
int ip_len = ASN1_STRING_length(ip);
|
|
874
|
+
if (ip_len == 4) {
|
|
860
875
|
BIO_printf(out.get(), "%d.%d.%d.%d", b[0], b[1], b[2], b[3]);
|
|
861
|
-
} else if (
|
|
876
|
+
} else if (ip_len == 16) {
|
|
862
877
|
for (unsigned int j = 0; j < 8; j++) {
|
|
863
878
|
uint16_t pair = (b[2 * j] << 8) | b[2 * j + 1];
|
|
864
879
|
BIO_printf(out.get(), (j == 0) ? "%X" : ":%X", pair);
|
|
865
880
|
}
|
|
866
881
|
} else {
|
|
867
882
|
#if OPENSSL_VERSION_MAJOR >= 3
|
|
868
|
-
BIO_printf(out.get(), "<invalid length=%d>",
|
|
883
|
+
BIO_printf(out.get(), "<invalid length=%d>", ip_len);
|
|
869
884
|
#else
|
|
870
885
|
BIO_printf(out.get(), "<invalid>");
|
|
871
886
|
#endif
|
|
@@ -915,15 +930,15 @@ bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
|
|
|
915
930
|
if (unicode) {
|
|
916
931
|
auto name = gen->d.otherName->value->value.utf8string;
|
|
917
932
|
PrintAltName(out,
|
|
918
|
-
reinterpret_cast<const char*>(name
|
|
919
|
-
name
|
|
933
|
+
reinterpret_cast<const char*>(ASN1_STRING_get0_data(name)),
|
|
934
|
+
ASN1_STRING_length(name),
|
|
920
935
|
AltNameOption::UTF8,
|
|
921
936
|
prefix);
|
|
922
937
|
} else {
|
|
923
938
|
auto name = gen->d.otherName->value->value.ia5string;
|
|
924
939
|
PrintAltName(out,
|
|
925
|
-
reinterpret_cast<const char*>(name
|
|
926
|
-
name
|
|
940
|
+
reinterpret_cast<const char*>(ASN1_STRING_get0_data(name)),
|
|
941
|
+
ASN1_STRING_length(name),
|
|
927
942
|
AltNameOption::NONE,
|
|
928
943
|
prefix);
|
|
929
944
|
}
|
|
@@ -944,11 +959,14 @@ bool PrintGeneralName(const BIOPointer& out, const GENERAL_NAME* gen) {
|
|
|
944
959
|
}
|
|
945
960
|
} // namespace
|
|
946
961
|
|
|
947
|
-
bool SafeX509SubjectAltNamePrint(const BIOPointer& out,
|
|
948
|
-
|
|
962
|
+
bool SafeX509SubjectAltNamePrint(const BIOPointer& out,
|
|
963
|
+
const X509_EXTENSION* ext) {
|
|
964
|
+
// const_cast needed for OpenSSL < 4.0 which lacks const-correctness
|
|
965
|
+
auto* mext = const_cast<X509_EXTENSION*>(ext);
|
|
966
|
+
auto ret = OBJ_obj2nid(X509_EXTENSION_get_object(mext));
|
|
949
967
|
if (ret != NID_subject_alt_name) return false;
|
|
950
968
|
|
|
951
|
-
GENERAL_NAMES* names = static_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(
|
|
969
|
+
GENERAL_NAMES* names = static_cast<GENERAL_NAMES*>(X509V3_EXT_d2i(mext));
|
|
952
970
|
if (names == nullptr) return false;
|
|
953
971
|
|
|
954
972
|
bool ok = true;
|
|
@@ -967,12 +985,14 @@ bool SafeX509SubjectAltNamePrint(const BIOPointer& out, X509_EXTENSION* ext) {
|
|
|
967
985
|
return ok;
|
|
968
986
|
}
|
|
969
987
|
|
|
970
|
-
bool SafeX509InfoAccessPrint(const BIOPointer& out, X509_EXTENSION* ext) {
|
|
971
|
-
|
|
988
|
+
bool SafeX509InfoAccessPrint(const BIOPointer& out, const X509_EXTENSION* ext) {
|
|
989
|
+
// const_cast needed for OpenSSL < 4.0 which lacks const-correctness
|
|
990
|
+
auto* mext = const_cast<X509_EXTENSION*>(ext);
|
|
991
|
+
auto ret = OBJ_obj2nid(X509_EXTENSION_get_object(mext));
|
|
972
992
|
if (ret != NID_info_access) return false;
|
|
973
993
|
|
|
974
994
|
AUTHORITY_INFO_ACCESS* descs =
|
|
975
|
-
static_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(
|
|
995
|
+
static_cast<AUTHORITY_INFO_ACCESS*>(X509V3_EXT_d2i(mext));
|
|
976
996
|
if (descs == nullptr) return false;
|
|
977
997
|
|
|
978
998
|
bool ok = true;
|
|
@@ -1116,7 +1136,7 @@ BIOPointer X509View::getValidFrom() const {
|
|
|
1116
1136
|
if (cert_ == nullptr) return {};
|
|
1117
1137
|
BIOPointer bio(BIO_new(BIO_s_mem()));
|
|
1118
1138
|
if (!bio) return {};
|
|
1119
|
-
ASN1_TIME_print(bio.get(),
|
|
1139
|
+
ASN1_TIME_print(bio.get(), X509_get0_notBefore(cert_));
|
|
1120
1140
|
return bio;
|
|
1121
1141
|
}
|
|
1122
1142
|
|
|
@@ -1125,7 +1145,7 @@ BIOPointer X509View::getValidTo() const {
|
|
|
1125
1145
|
if (cert_ == nullptr) return {};
|
|
1126
1146
|
BIOPointer bio(BIO_new(BIO_s_mem()));
|
|
1127
1147
|
if (!bio) return {};
|
|
1128
|
-
ASN1_TIME_print(bio.get(),
|
|
1148
|
+
ASN1_TIME_print(bio.get(), X509_get0_notAfter(cert_));
|
|
1129
1149
|
return bio;
|
|
1130
1150
|
}
|
|
1131
1151
|
|
|
@@ -1515,6 +1535,7 @@ BIOPointer BIOPointer::NewSecMem() {
|
|
|
1515
1535
|
}
|
|
1516
1536
|
|
|
1517
1537
|
BIOPointer BIOPointer::New(const BIO_METHOD* method) {
|
|
1538
|
+
if (method == nullptr) return {};
|
|
1518
1539
|
return BIOPointer(BIO_new(method));
|
|
1519
1540
|
}
|
|
1520
1541
|
|
|
@@ -3402,19 +3423,21 @@ bool CipherCtxPointer::setKeyLength(size_t length) {
|
|
|
3402
3423
|
bool CipherCtxPointer::setIvLength(size_t length) {
|
|
3403
3424
|
if (!ctx_) return false;
|
|
3404
3425
|
return EVP_CIPHER_CTX_ctrl(
|
|
3405
|
-
|
|
3426
|
+
ctx_.get(), EVP_CTRL_AEAD_SET_IVLEN, length, nullptr) > 0;
|
|
3406
3427
|
}
|
|
3407
3428
|
|
|
3408
3429
|
bool CipherCtxPointer::setAeadTag(const Buffer<const char>& tag) {
|
|
3409
3430
|
if (!ctx_) return false;
|
|
3410
|
-
return EVP_CIPHER_CTX_ctrl(
|
|
3411
|
-
|
|
3431
|
+
return EVP_CIPHER_CTX_ctrl(ctx_.get(),
|
|
3432
|
+
EVP_CTRL_AEAD_SET_TAG,
|
|
3433
|
+
tag.len,
|
|
3434
|
+
const_cast<char*>(tag.data)) > 0;
|
|
3412
3435
|
}
|
|
3413
3436
|
|
|
3414
3437
|
bool CipherCtxPointer::setAeadTagLength(size_t length) {
|
|
3415
3438
|
if (!ctx_) return false;
|
|
3416
3439
|
return EVP_CIPHER_CTX_ctrl(
|
|
3417
|
-
|
|
3440
|
+
ctx_.get(), EVP_CTRL_AEAD_SET_TAG, length, nullptr) > 0;
|
|
3418
3441
|
}
|
|
3419
3442
|
|
|
3420
3443
|
bool CipherCtxPointer::setPadding(bool padding) {
|
|
@@ -3484,7 +3507,7 @@ bool CipherCtxPointer::update(const Buffer<const unsigned char>& in,
|
|
|
3484
3507
|
|
|
3485
3508
|
bool CipherCtxPointer::getAeadTag(size_t len, unsigned char* out) {
|
|
3486
3509
|
if (!ctx_) return false;
|
|
3487
|
-
return EVP_CIPHER_CTX_ctrl(ctx_.get(), EVP_CTRL_AEAD_GET_TAG, len, out);
|
|
3510
|
+
return EVP_CIPHER_CTX_ctrl(ctx_.get(), EVP_CTRL_AEAD_GET_TAG, len, out) > 0;
|
|
3488
3511
|
}
|
|
3489
3512
|
|
|
3490
3513
|
// ============================================================================
|
|
@@ -3667,8 +3690,38 @@ bool ECKeyPointer::setPublicKey(const ECPointPointer& pub) {
|
|
|
3667
3690
|
bool ECKeyPointer::setPublicKeyRaw(const BignumPointer& x,
|
|
3668
3691
|
const BignumPointer& y) {
|
|
3669
3692
|
if (!key_) return false;
|
|
3670
|
-
|
|
3671
|
-
|
|
3693
|
+
const EC_GROUP* group = EC_KEY_get0_group(key_.get());
|
|
3694
|
+
if (group == nullptr) return false;
|
|
3695
|
+
|
|
3696
|
+
// For curves with cofactor h=1, use EC_POINT_oct2point +
|
|
3697
|
+
// EC_KEY_set_public_key instead of EC_KEY_set_public_key_affine_coordinates.
|
|
3698
|
+
// The latter internally calls EC_KEY_check_key() which performs a scalar
|
|
3699
|
+
// multiplication (n*Q) for order validation — redundant when h=1 since every
|
|
3700
|
+
// on-curve point already has order n. EC_POINT_oct2point validates the point
|
|
3701
|
+
// is on the curve, which is sufficient. For curves with h!=1, fall back to
|
|
3702
|
+
// the full check.
|
|
3703
|
+
auto cofactor = BignumPointer::New();
|
|
3704
|
+
if (!cofactor || !EC_GROUP_get_cofactor(group, cofactor.get(), nullptr) ||
|
|
3705
|
+
!cofactor.isOne()) {
|
|
3706
|
+
return EC_KEY_set_public_key_affine_coordinates(
|
|
3707
|
+
key_.get(), x.get(), y.get()) == 1;
|
|
3708
|
+
}
|
|
3709
|
+
|
|
3710
|
+
// Field element byte length: ceil(degree_bits / 8).
|
|
3711
|
+
size_t field_len = (EC_GROUP_get_degree(group) + 7) / 8;
|
|
3712
|
+
// Build an uncompressed point: 0x04 || x || y, each padded to field_len.
|
|
3713
|
+
size_t uncompressed_len = 1 + 2 * field_len;
|
|
3714
|
+
auto buf = DataPointer::Alloc(uncompressed_len);
|
|
3715
|
+
if (!buf) return false;
|
|
3716
|
+
unsigned char* ptr = static_cast<unsigned char*>(buf.get());
|
|
3717
|
+
ptr[0] = POINT_CONVERSION_UNCOMPRESSED;
|
|
3718
|
+
x.encodePaddedInto(ptr + 1, field_len);
|
|
3719
|
+
y.encodePaddedInto(ptr + 1 + field_len, field_len);
|
|
3720
|
+
|
|
3721
|
+
auto point = ECPointPointer::New(group);
|
|
3722
|
+
if (!point) return false;
|
|
3723
|
+
if (!point.setFromBuffer({ptr, uncompressed_len}, group)) return false;
|
|
3724
|
+
return EC_KEY_set_public_key(key_.get(), point.get()) == 1;
|
|
3672
3725
|
}
|
|
3673
3726
|
|
|
3674
3727
|
bool ECKeyPointer::setPrivateKey(const BignumPointer& priv) {
|
|
@@ -4490,6 +4543,27 @@ std::optional<EVP_PKEY_CTX*> EVPMDCtxPointer::signInitWithContext(
|
|
|
4490
4543
|
#ifdef OSSL_SIGNATURE_PARAM_CONTEXT_STRING
|
|
4491
4544
|
EVP_PKEY_CTX* ctx = nullptr;
|
|
4492
4545
|
|
|
4546
|
+
#ifdef OSSL_SIGNATURE_PARAM_INSTANCE
|
|
4547
|
+
// Ed25519 requires the INSTANCE param to switch into Ed25519ctx mode.
|
|
4548
|
+
// Without it, OpenSSL silently ignores the context string.
|
|
4549
|
+
if (key.id() == EVP_PKEY_ED25519) {
|
|
4550
|
+
const OSSL_PARAM params[] = {
|
|
4551
|
+
OSSL_PARAM_construct_utf8_string(
|
|
4552
|
+
OSSL_SIGNATURE_PARAM_INSTANCE, const_cast<char*>("Ed25519ctx"), 0),
|
|
4553
|
+
OSSL_PARAM_construct_octet_string(
|
|
4554
|
+
OSSL_SIGNATURE_PARAM_CONTEXT_STRING,
|
|
4555
|
+
const_cast<unsigned char*>(context_string.data),
|
|
4556
|
+
context_string.len),
|
|
4557
|
+
OSSL_PARAM_END};
|
|
4558
|
+
|
|
4559
|
+
if (!EVP_DigestSignInit_ex(
|
|
4560
|
+
ctx_.get(), &ctx, nullptr, nullptr, nullptr, key.get(), params)) {
|
|
4561
|
+
return std::nullopt;
|
|
4562
|
+
}
|
|
4563
|
+
return ctx;
|
|
4564
|
+
}
|
|
4565
|
+
#endif // OSSL_SIGNATURE_PARAM_INSTANCE
|
|
4566
|
+
|
|
4493
4567
|
const OSSL_PARAM params[] = {
|
|
4494
4568
|
OSSL_PARAM_construct_octet_string(
|
|
4495
4569
|
OSSL_SIGNATURE_PARAM_CONTEXT_STRING,
|
|
@@ -4514,6 +4588,27 @@ std::optional<EVP_PKEY_CTX*> EVPMDCtxPointer::verifyInitWithContext(
|
|
|
4514
4588
|
#ifdef OSSL_SIGNATURE_PARAM_CONTEXT_STRING
|
|
4515
4589
|
EVP_PKEY_CTX* ctx = nullptr;
|
|
4516
4590
|
|
|
4591
|
+
#ifdef OSSL_SIGNATURE_PARAM_INSTANCE
|
|
4592
|
+
// Ed25519 requires the INSTANCE param to switch into Ed25519ctx mode.
|
|
4593
|
+
// Without it, OpenSSL silently ignores the context string.
|
|
4594
|
+
if (key.id() == EVP_PKEY_ED25519) {
|
|
4595
|
+
const OSSL_PARAM params[] = {
|
|
4596
|
+
OSSL_PARAM_construct_utf8_string(
|
|
4597
|
+
OSSL_SIGNATURE_PARAM_INSTANCE, const_cast<char*>("Ed25519ctx"), 0),
|
|
4598
|
+
OSSL_PARAM_construct_octet_string(
|
|
4599
|
+
OSSL_SIGNATURE_PARAM_CONTEXT_STRING,
|
|
4600
|
+
const_cast<unsigned char*>(context_string.data),
|
|
4601
|
+
context_string.len),
|
|
4602
|
+
OSSL_PARAM_END};
|
|
4603
|
+
|
|
4604
|
+
if (!EVP_DigestVerifyInit_ex(
|
|
4605
|
+
ctx_.get(), &ctx, nullptr, nullptr, nullptr, key.get(), params)) {
|
|
4606
|
+
return std::nullopt;
|
|
4607
|
+
}
|
|
4608
|
+
return ctx;
|
|
4609
|
+
}
|
|
4610
|
+
#endif // OSSL_SIGNATURE_PARAM_INSTANCE
|
|
4611
|
+
|
|
4517
4612
|
const OSSL_PARAM params[] = {
|
|
4518
4613
|
OSSL_PARAM_construct_octet_string(
|
|
4519
4614
|
OSSL_SIGNATURE_PARAM_CONTEXT_STRING,
|
|
@@ -4812,12 +4907,12 @@ bool X509Name::Iterator::operator!=(const Iterator& other) const {
|
|
|
4812
4907
|
std::pair<std::string, std::string> X509Name::Iterator::operator*() const {
|
|
4813
4908
|
if (loc_ == name_.total_) return {{}, {}};
|
|
4814
4909
|
|
|
4815
|
-
X509_NAME_ENTRY* entry = X509_NAME_get_entry(name_, loc_);
|
|
4910
|
+
const X509_NAME_ENTRY* entry = X509_NAME_get_entry(name_, loc_);
|
|
4816
4911
|
if (entry == nullptr) [[unlikely]]
|
|
4817
4912
|
return {{}, {}};
|
|
4818
4913
|
|
|
4819
|
-
ASN1_OBJECT* name = X509_NAME_ENTRY_get_object(entry);
|
|
4820
|
-
ASN1_STRING* value = X509_NAME_ENTRY_get_data(entry);
|
|
4914
|
+
const ASN1_OBJECT* name = X509_NAME_ENTRY_get_object(entry);
|
|
4915
|
+
const ASN1_STRING* value = X509_NAME_ENTRY_get_data(entry);
|
|
4821
4916
|
|
|
4822
4917
|
if (name == nullptr || value == nullptr) [[unlikely]] {
|
|
4823
4918
|
return {{}, {}};
|
|
@@ -69,6 +69,9 @@ function dh_formatKeyPairOutput(dh, encoding) {
|
|
|
69
69
|
const priv = _classes.KeyObject.createKeyObject('private', privateKeyData, _utils.KFormatType.DER, _utils.KeyEncoding.PKCS8);
|
|
70
70
|
let publicKey;
|
|
71
71
|
let privateKey;
|
|
72
|
+
if (publicFormat === 'raw-public' || privateFormat === 'raw-private' || privateFormat === 'raw-seed') {
|
|
73
|
+
throw new Error('Raw key formats are not supported for DH keys');
|
|
74
|
+
}
|
|
72
75
|
if (publicFormat === -1) {
|
|
73
76
|
publicKey = pub;
|
|
74
77
|
} else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_reactNativeNitroModules","require","_reactNativeBuffer","_classes","_utils","_dhGroups","DhKeyPairGen","constructor","options","native","NitroModules","createHybridObject","groupName","prime","primeLength","generator","group","DH_GROUPS","Error","primeBuf","Buffer","from","setPrime","buffer","slice","byteOffset","byteLength","gen","parseInt","setGenerator","setPrimeLength","generateKeyPair","generateKeyPairSync","exports","dh_prepareKeyGenParams","dh_formatKeyPairOutput","dh","encoding","publicFormat","privateFormat","cipher","passphrase","publicKeyData","getPublicKey","privateKeyData","getPrivateKey","pub","KeyObject","createKeyObject","KFormatType","DER","KeyEncoding","SPKI","priv","PKCS8","publicKey","privateKey","format","PEM","exported","handle","exportKey","Uint8Array","toString","dh_generateKeyPairNode","dh_generateKeyPairNodeSync"],"sourceRoot":"../../src","sources":["dhKeyPair.ts"],"mappings":";;;;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AAGA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AAEO,MAAMK,YAAY,CAAC;EAGxBC,WAAWA,CAACC,OAA+B,EAAE;IAC3C,IAAI,CAACC,MAAM,GAAGC,qCAAY,CAACC,kBAAkB,CAAY,WAAW,CAAC;IAErE,MAAM;MAAEC,SAAS;MAAEC,KAAK;MAAEC,WAAW;MAAEC;IAAU,CAAC,GAAGP,OAAO;IAE5D,IAAII,SAAS,EAAE;MACb;MACA,MAAMI,KAAK,GAAGC,mBAAS,CAACL,SAAS,CAAC;MAClC,IAAI,CAACI,KAAK,EAAE;QACV,MAAM,IAAIE,KAAK,CAAC,qBAAqBN,SAAS,EAAE,CAAC;MACnD;MACA,MAAMO,QAAQ,GAAGC,yBAAM,CAACC,IAAI,CAACL,KAAK,CAACH,KAAK,EAAE,KAAK,CAAC;MAChD,IAAI,CAACJ,MAAM,CAACa,QAAQ,CAClBH,QAAQ,CAACI,MAAM,CAACC,KAAK,CACnBL,QAAQ,CAACM,UAAU,EACnBN,QAAQ,CAACM,UAAU,GAAGN,QAAQ,CAACO,UACjC,CACF,CAAC;MACD,MAAMC,GAAG,GAAGC,QAAQ,CAACZ,KAAK,CAACD,SAAS,EAAE,EAAE,CAAC;MACzC,IAAI,CAACN,MAAM,CAACoB,YAAY,CAACF,GAAG,CAAC;IAC/B,CAAC,MAAM,IAAId,KAAK,EAAE;MAChB;MACA,MAAMM,QAAQ,GAAGC,yBAAM,CAACC,IAAI,CAACR,KAAK,CAAC;MACnC,IAAI,CAACJ,MAAM,CAACa,QAAQ,CAClBH,QAAQ,CAACI,MAAM,CAACC,KAAK,CACnBL,QAAQ,CAACM,UAAU,EACnBN,QAAQ,CAACM,UAAU,GAAGN,QAAQ,CAACO,UACjC,CACF,CAAC;MACD,IAAI,CAACjB,MAAM,CAACoB,YAAY,CAACd,SAAS,IAAI,CAAC,CAAC;IAC1C,CAAC,MAAM,IAAID,WAAW,EAAE;MACtB,IAAI,CAACL,MAAM,CAACqB,cAAc,CAAChB,WAAW,CAAC;MACvC,IAAI,CAACL,MAAM,CAACoB,YAAY,CAACd,SAAS,IAAI,CAAC,CAAC;IAC1C,CAAC,MAAM;MACL,MAAM,IAAIG,KAAK,CACb,qEACF,CAAC;IACH;EACF;EAEA,MAAMa,eAAeA,CAAA,EAAkB;IACrC,MAAM,IAAI,CAACtB,MAAM,CAACsB,eAAe,CAAC,CAAC;EACrC;EAEAC,mBAAmBA,CAAA,EAAS;IAC1B,IAAI,CAACvB,MAAM,CAACuB,mBAAmB,CAAC,CAAC;EACnC;AACF;AAACC,OAAA,CAAA3B,YAAA,GAAAA,YAAA;AAED,SAAS4B,sBAAsBA,CAC7B1B,OAA2C,EAC7B;EACd,IAAI,CAACA,OAAO,EAAE;IACZ,MAAM,IAAIU,KAAK,CAAC,4CAA4C,CAAC;EAC/D;EAEA,OAAO,IAAIZ,YAAY,CAACE,OAAO,CAAC;AAClC;AAEA,SAAS2B,sBAAsBA,CAC7BC,EAAgB,EAChBC,QAA0B,EAI1B;EACA,MAAM;IAAEC,YAAY;IAAEC,aAAa;IAAEC,MAAM;IAAEC;EAAW,CAAC,GAAGJ,QAAQ;EAEpE,MAAMK,aAAa,GAAGN,EAAE,CAAC3B,MAAM,CAACkC,YAAY,CAAC,CAAC;EAC9C,MAAMC,cAAc,GAAGR,EAAE,CAAC3B,MAAM,CAACoC,aAAa,CAAC,CAAC;EAEhD,MAAMC,GAAG,GAAGC,kBAAS,CAACC,eAAe,CACnC,QAAQ,EACRN,aAAa,EACbO,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACC,IACd,CAAoB;EAEpB,MAAMC,IAAI,GAAGN,kBAAS,CAACC,eAAe,CACpC,SAAS,EACTJ,cAAc,EACdK,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACG,KACd,CAAqB;EAErB,IAAIC,SAA0D;EAC9D,IAAIC,UAA4D;EAEhE,
|
|
1
|
+
{"version":3,"names":["_reactNativeNitroModules","require","_reactNativeBuffer","_classes","_utils","_dhGroups","DhKeyPairGen","constructor","options","native","NitroModules","createHybridObject","groupName","prime","primeLength","generator","group","DH_GROUPS","Error","primeBuf","Buffer","from","setPrime","buffer","slice","byteOffset","byteLength","gen","parseInt","setGenerator","setPrimeLength","generateKeyPair","generateKeyPairSync","exports","dh_prepareKeyGenParams","dh_formatKeyPairOutput","dh","encoding","publicFormat","privateFormat","cipher","passphrase","publicKeyData","getPublicKey","privateKeyData","getPrivateKey","pub","KeyObject","createKeyObject","KFormatType","DER","KeyEncoding","SPKI","priv","PKCS8","publicKey","privateKey","format","PEM","exported","handle","exportKey","Uint8Array","toString","dh_generateKeyPairNode","dh_generateKeyPairNodeSync"],"sourceRoot":"../../src","sources":["dhKeyPair.ts"],"mappings":";;;;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AAGA,IAAAG,MAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AAEO,MAAMK,YAAY,CAAC;EAGxBC,WAAWA,CAACC,OAA+B,EAAE;IAC3C,IAAI,CAACC,MAAM,GAAGC,qCAAY,CAACC,kBAAkB,CAAY,WAAW,CAAC;IAErE,MAAM;MAAEC,SAAS;MAAEC,KAAK;MAAEC,WAAW;MAAEC;IAAU,CAAC,GAAGP,OAAO;IAE5D,IAAII,SAAS,EAAE;MACb;MACA,MAAMI,KAAK,GAAGC,mBAAS,CAACL,SAAS,CAAC;MAClC,IAAI,CAACI,KAAK,EAAE;QACV,MAAM,IAAIE,KAAK,CAAC,qBAAqBN,SAAS,EAAE,CAAC;MACnD;MACA,MAAMO,QAAQ,GAAGC,yBAAM,CAACC,IAAI,CAACL,KAAK,CAACH,KAAK,EAAE,KAAK,CAAC;MAChD,IAAI,CAACJ,MAAM,CAACa,QAAQ,CAClBH,QAAQ,CAACI,MAAM,CAACC,KAAK,CACnBL,QAAQ,CAACM,UAAU,EACnBN,QAAQ,CAACM,UAAU,GAAGN,QAAQ,CAACO,UACjC,CACF,CAAC;MACD,MAAMC,GAAG,GAAGC,QAAQ,CAACZ,KAAK,CAACD,SAAS,EAAE,EAAE,CAAC;MACzC,IAAI,CAACN,MAAM,CAACoB,YAAY,CAACF,GAAG,CAAC;IAC/B,CAAC,MAAM,IAAId,KAAK,EAAE;MAChB;MACA,MAAMM,QAAQ,GAAGC,yBAAM,CAACC,IAAI,CAACR,KAAK,CAAC;MACnC,IAAI,CAACJ,MAAM,CAACa,QAAQ,CAClBH,QAAQ,CAACI,MAAM,CAACC,KAAK,CACnBL,QAAQ,CAACM,UAAU,EACnBN,QAAQ,CAACM,UAAU,GAAGN,QAAQ,CAACO,UACjC,CACF,CAAC;MACD,IAAI,CAACjB,MAAM,CAACoB,YAAY,CAACd,SAAS,IAAI,CAAC,CAAC;IAC1C,CAAC,MAAM,IAAID,WAAW,EAAE;MACtB,IAAI,CAACL,MAAM,CAACqB,cAAc,CAAChB,WAAW,CAAC;MACvC,IAAI,CAACL,MAAM,CAACoB,YAAY,CAACd,SAAS,IAAI,CAAC,CAAC;IAC1C,CAAC,MAAM;MACL,MAAM,IAAIG,KAAK,CACb,qEACF,CAAC;IACH;EACF;EAEA,MAAMa,eAAeA,CAAA,EAAkB;IACrC,MAAM,IAAI,CAACtB,MAAM,CAACsB,eAAe,CAAC,CAAC;EACrC;EAEAC,mBAAmBA,CAAA,EAAS;IAC1B,IAAI,CAACvB,MAAM,CAACuB,mBAAmB,CAAC,CAAC;EACnC;AACF;AAACC,OAAA,CAAA3B,YAAA,GAAAA,YAAA;AAED,SAAS4B,sBAAsBA,CAC7B1B,OAA2C,EAC7B;EACd,IAAI,CAACA,OAAO,EAAE;IACZ,MAAM,IAAIU,KAAK,CAAC,4CAA4C,CAAC;EAC/D;EAEA,OAAO,IAAIZ,YAAY,CAACE,OAAO,CAAC;AAClC;AAEA,SAAS2B,sBAAsBA,CAC7BC,EAAgB,EAChBC,QAA0B,EAI1B;EACA,MAAM;IAAEC,YAAY;IAAEC,aAAa;IAAEC,MAAM;IAAEC;EAAW,CAAC,GAAGJ,QAAQ;EAEpE,MAAMK,aAAa,GAAGN,EAAE,CAAC3B,MAAM,CAACkC,YAAY,CAAC,CAAC;EAC9C,MAAMC,cAAc,GAAGR,EAAE,CAAC3B,MAAM,CAACoC,aAAa,CAAC,CAAC;EAEhD,MAAMC,GAAG,GAAGC,kBAAS,CAACC,eAAe,CACnC,QAAQ,EACRN,aAAa,EACbO,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACC,IACd,CAAoB;EAEpB,MAAMC,IAAI,GAAGN,kBAAS,CAACC,eAAe,CACpC,SAAS,EACTJ,cAAc,EACdK,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACG,KACd,CAAqB;EAErB,IAAIC,SAA0D;EAC9D,IAAIC,UAA4D;EAEhE,IACElB,YAAY,KAAK,YAAY,IAC7BC,aAAa,KAAK,aAAa,IAC/BA,aAAa,KAAK,UAAU,EAC5B;IACA,MAAM,IAAIrB,KAAK,CAAC,+CAA+C,CAAC;EAClE;EAEA,IAAIoB,YAAY,KAAK,CAAC,CAAC,EAAE;IACvBiB,SAAS,GAAGT,GAAG;EACjB,CAAC,MAAM;IACL,MAAMW,MAAM,GACVnB,YAAY,KAAKW,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACC,GAAG;IACtE,MAAMS,QAAQ,GAAGb,GAAG,CAACc,MAAM,CAACC,SAAS,CAACJ,MAAM,EAAEN,kBAAW,CAACC,IAAI,CAAC;IAC/D,IAAIK,MAAM,KAAKR,kBAAW,CAACS,GAAG,EAAE;MAC9BH,SAAS,GAAGnC,yBAAM,CAACC,IAAI,CAAC,IAAIyC,UAAU,CAACH,QAAQ,CAAC,CAAC,CAACI,QAAQ,CAAC,OAAO,CAAC;IACrE,CAAC,MAAM;MACLR,SAAS,GAAGI,QAAQ;IACtB;EACF;EAEA,IAAIpB,aAAa,KAAK,CAAC,CAAC,EAAE;IACxBiB,UAAU,GAAGH,IAAI;EACnB,CAAC,MAAM;IACL,MAAMI,MAAM,GACVlB,aAAa,KAAKU,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACC,GAAG;IACvE,MAAMS,QAAQ,GAAGN,IAAI,CAACO,MAAM,CAACC,SAAS,CACpCJ,MAAM,EACNN,kBAAW,CAACG,KAAK,EACjBd,MAAM,EACNC,UACF,CAAC;IACD,IAAIgB,MAAM,KAAKR,kBAAW,CAACS,GAAG,EAAE;MAC9BF,UAAU,GAAGpC,yBAAM,CAACC,IAAI,CAAC,IAAIyC,UAAU,CAACH,QAAQ,CAAC,CAAC,CAACI,QAAQ,CAAC,OAAO,CAAC;IACtE,CAAC,MAAM;MACLP,UAAU,GAAGG,QAAQ;IACvB;EACF;EAEA,OAAO;IAAEJ,SAAS;IAAEC;EAAW,CAAC;AAClC;AAEO,eAAeQ,sBAAsBA,CAC1CxD,OAA2C,EAC3C6B,QAA0B,EAIzB;EACD,MAAMD,EAAE,GAAGF,sBAAsB,CAAC1B,OAAO,CAAC;EAC1C,MAAM4B,EAAE,CAACL,eAAe,CAAC,CAAC;EAC1B,OAAOI,sBAAsB,CAACC,EAAE,EAAEC,QAAQ,CAAC;AAC7C;AAEO,SAAS4B,0BAA0BA,CACxCzD,OAA2C,EAC3C6B,QAA0B,EAI1B;EACA,MAAMD,EAAE,GAAGF,sBAAsB,CAAC1B,OAAO,CAAC;EAC1C4B,EAAE,CAACJ,mBAAmB,CAAC,CAAC;EACxB,OAAOG,sBAAsB,CAACC,EAAE,EAAEC,QAAQ,CAAC;AAC7C","ignoreList":[]}
|
package/lib/commonjs/dsa.js
CHANGED
|
@@ -58,6 +58,9 @@ function dsa_formatKeyPairOutput(dsa, encoding) {
|
|
|
58
58
|
const priv = _classes.KeyObject.createKeyObject('private', privateKeyData, _utils.KFormatType.DER, _utils.KeyEncoding.PKCS8);
|
|
59
59
|
let publicKey;
|
|
60
60
|
let privateKey;
|
|
61
|
+
if (publicFormat === 'raw-public' || privateFormat === 'raw-private' || privateFormat === 'raw-seed') {
|
|
62
|
+
throw new Error('Raw key formats are not supported for DSA keys');
|
|
63
|
+
}
|
|
61
64
|
if (publicFormat === -1) {
|
|
62
65
|
publicKey = pub;
|
|
63
66
|
} else {
|
package/lib/commonjs/dsa.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_reactNativeNitroModules","require","_reactNativeBuffer","_classes","_utils","Dsa","constructor","modulusLength","divisorLength","native","NitroModules","createHybridObject","setModulusLength","undefined","setDivisorLength","generateKeyPair","generateKeyPairSync","exports","DSA_MIN_MODULUS_LENGTH","dsa_prepareKeyGenParams","options","Error","RangeError","dsa_formatKeyPairOutput","dsa","encoding","publicFormat","privateFormat","cipher","passphrase","publicKeyData","getPublicKey","privateKeyData","getPrivateKey","pub","KeyObject","createKeyObject","KFormatType","DER","KeyEncoding","SPKI","priv","PKCS8","publicKey","privateKey","format","PEM","exported","handle","exportKey","Buffer","from","Uint8Array","toString","dsa_generateKeyPairNode","dsa_generateKeyPairNodeSync"],"sourceRoot":"../../src","sources":["dsa.ts"],"mappings":";;;;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AAGA,IAAAG,MAAA,GAAAH,OAAA;AAEO,MAAMI,GAAG,CAAC;EAGfC,WAAWA,CAACC,aAAqB,EAAEC,aAAsB,EAAE;IACzD,IAAI,CAACC,MAAM,GAAGC,qCAAY,CAACC,kBAAkB,CAAa,YAAY,CAAC;IACvE,IAAI,CAACF,MAAM,CAACG,gBAAgB,CAACL,aAAa,CAAC;IAC3C,IAAIC,aAAa,KAAKK,SAAS,IAAIL,aAAa,IAAI,CAAC,EAAE;MACrD,IAAI,CAACC,MAAM,CAACK,gBAAgB,CAACN,aAAa,CAAC;IAC7C;EACF;EAEA,MAAMO,eAAeA,CAAA,EAAkB;IACrC,MAAM,IAAI,CAACN,MAAM,CAACM,eAAe,CAAC,CAAC;EACrC;EAEAC,mBAAmBA,CAAA,EAAS;IAC1B,IAAI,CAACP,MAAM,CAACO,mBAAmB,CAAC,CAAC;EACnC;AACF;;AAEA;AACA;AACA;AACA;AAAAC,OAAA,CAAAZ,GAAA,GAAAA,GAAA;AACA,MAAMa,sBAAsB,GAAG,IAAI;AAEnC,SAASC,uBAAuBA,CAC9BC,OAA2C,EACtC;EACL,IAAI,CAACA,OAAO,EAAE;IACZ,MAAM,IAAIC,KAAK,CAAC,6CAA6C,CAAC;EAChE;EAEA,MAAM;IAAEd,aAAa;IAAEC;EAAc,CAAC,GAAGY,OAAO;EAEhD,IAAI,CAACb,aAAa,IAAIA,aAAa,GAAGW,sBAAsB,EAAE;IAC5D,MAAM,IAAII,UAAU,CAClB,sCAAsCJ,sBAAsB,QAAQ,GAClE,QAAQX,aAAa,IAAI,CAAC,GAC9B,CAAC;EACH;EAEA,OAAO,IAAIF,GAAG,CAACE,aAAa,EAAEC,aAAa,CAAC;AAC9C;AAEA,SAASe,uBAAuBA,CAC9BC,GAAQ,EACRC,QAA0B,EAI1B;EACA,MAAM;IAAEC,YAAY;IAAEC,aAAa;IAAEC,MAAM;IAAEC;EAAW,CAAC,GAAGJ,QAAQ;EAEpE,MAAMK,aAAa,GAAGN,GAAG,CAACf,MAAM,CAACsB,YAAY,CAAC,CAAC;EAC/C,MAAMC,cAAc,GAAGR,GAAG,CAACf,MAAM,CAACwB,aAAa,CAAC,CAAC;EAEjD,MAAMC,GAAG,GAAGC,kBAAS,CAACC,eAAe,CACnC,QAAQ,EACRN,aAAa,EACbO,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACC,IACd,CAAoB;EAEpB,MAAMC,IAAI,GAAGN,kBAAS,CAACC,eAAe,CACpC,SAAS,EACTJ,cAAc,EACdK,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACG,KACd,CAAqB;EAErB,IAAIC,SAA0D;EAC9D,IAAIC,UAA4D;EAEhE,
|
|
1
|
+
{"version":3,"names":["_reactNativeNitroModules","require","_reactNativeBuffer","_classes","_utils","Dsa","constructor","modulusLength","divisorLength","native","NitroModules","createHybridObject","setModulusLength","undefined","setDivisorLength","generateKeyPair","generateKeyPairSync","exports","DSA_MIN_MODULUS_LENGTH","dsa_prepareKeyGenParams","options","Error","RangeError","dsa_formatKeyPairOutput","dsa","encoding","publicFormat","privateFormat","cipher","passphrase","publicKeyData","getPublicKey","privateKeyData","getPrivateKey","pub","KeyObject","createKeyObject","KFormatType","DER","KeyEncoding","SPKI","priv","PKCS8","publicKey","privateKey","format","PEM","exported","handle","exportKey","Buffer","from","Uint8Array","toString","dsa_generateKeyPairNode","dsa_generateKeyPairNodeSync"],"sourceRoot":"../../src","sources":["dsa.ts"],"mappings":";;;;;;;;AAAA,IAAAA,wBAAA,GAAAC,OAAA;AACA,IAAAC,kBAAA,GAAAD,OAAA;AACA,IAAAE,QAAA,GAAAF,OAAA;AAGA,IAAAG,MAAA,GAAAH,OAAA;AAEO,MAAMI,GAAG,CAAC;EAGfC,WAAWA,CAACC,aAAqB,EAAEC,aAAsB,EAAE;IACzD,IAAI,CAACC,MAAM,GAAGC,qCAAY,CAACC,kBAAkB,CAAa,YAAY,CAAC;IACvE,IAAI,CAACF,MAAM,CAACG,gBAAgB,CAACL,aAAa,CAAC;IAC3C,IAAIC,aAAa,KAAKK,SAAS,IAAIL,aAAa,IAAI,CAAC,EAAE;MACrD,IAAI,CAACC,MAAM,CAACK,gBAAgB,CAACN,aAAa,CAAC;IAC7C;EACF;EAEA,MAAMO,eAAeA,CAAA,EAAkB;IACrC,MAAM,IAAI,CAACN,MAAM,CAACM,eAAe,CAAC,CAAC;EACrC;EAEAC,mBAAmBA,CAAA,EAAS;IAC1B,IAAI,CAACP,MAAM,CAACO,mBAAmB,CAAC,CAAC;EACnC;AACF;;AAEA;AACA;AACA;AACA;AAAAC,OAAA,CAAAZ,GAAA,GAAAA,GAAA;AACA,MAAMa,sBAAsB,GAAG,IAAI;AAEnC,SAASC,uBAAuBA,CAC9BC,OAA2C,EACtC;EACL,IAAI,CAACA,OAAO,EAAE;IACZ,MAAM,IAAIC,KAAK,CAAC,6CAA6C,CAAC;EAChE;EAEA,MAAM;IAAEd,aAAa;IAAEC;EAAc,CAAC,GAAGY,OAAO;EAEhD,IAAI,CAACb,aAAa,IAAIA,aAAa,GAAGW,sBAAsB,EAAE;IAC5D,MAAM,IAAII,UAAU,CAClB,sCAAsCJ,sBAAsB,QAAQ,GAClE,QAAQX,aAAa,IAAI,CAAC,GAC9B,CAAC;EACH;EAEA,OAAO,IAAIF,GAAG,CAACE,aAAa,EAAEC,aAAa,CAAC;AAC9C;AAEA,SAASe,uBAAuBA,CAC9BC,GAAQ,EACRC,QAA0B,EAI1B;EACA,MAAM;IAAEC,YAAY;IAAEC,aAAa;IAAEC,MAAM;IAAEC;EAAW,CAAC,GAAGJ,QAAQ;EAEpE,MAAMK,aAAa,GAAGN,GAAG,CAACf,MAAM,CAACsB,YAAY,CAAC,CAAC;EAC/C,MAAMC,cAAc,GAAGR,GAAG,CAACf,MAAM,CAACwB,aAAa,CAAC,CAAC;EAEjD,MAAMC,GAAG,GAAGC,kBAAS,CAACC,eAAe,CACnC,QAAQ,EACRN,aAAa,EACbO,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACC,IACd,CAAoB;EAEpB,MAAMC,IAAI,GAAGN,kBAAS,CAACC,eAAe,CACpC,SAAS,EACTJ,cAAc,EACdK,kBAAW,CAACC,GAAG,EACfC,kBAAW,CAACG,KACd,CAAqB;EAErB,IAAIC,SAA0D;EAC9D,IAAIC,UAA4D;EAEhE,IACElB,YAAY,KAAK,YAAY,IAC7BC,aAAa,KAAK,aAAa,IAC/BA,aAAa,KAAK,UAAU,EAC5B;IACA,MAAM,IAAIN,KAAK,CAAC,gDAAgD,CAAC;EACnE;EAEA,IAAIK,YAAY,KAAK,CAAC,CAAC,EAAE;IACvBiB,SAAS,GAAGT,GAAG;EACjB,CAAC,MAAM;IACL,MAAMW,MAAM,GACVnB,YAAY,KAAKW,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACC,GAAG;IACtE,MAAMS,QAAQ,GAAGb,GAAG,CAACc,MAAM,CAACC,SAAS,CAACJ,MAAM,EAAEN,kBAAW,CAACC,IAAI,CAAC;IAC/D,IAAIK,MAAM,KAAKR,kBAAW,CAACS,GAAG,EAAE;MAC9BH,SAAS,GAAGO,yBAAM,CAACC,IAAI,CAAC,IAAIC,UAAU,CAACL,QAAQ,CAAC,CAAC,CAACM,QAAQ,CAAC,OAAO,CAAC;IACrE,CAAC,MAAM;MACLV,SAAS,GAAGI,QAAQ;IACtB;EACF;EAEA,IAAIpB,aAAa,KAAK,CAAC,CAAC,EAAE;IACxBiB,UAAU,GAAGH,IAAI;EACnB,CAAC,MAAM;IACL,MAAMI,MAAM,GACVlB,aAAa,KAAKU,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACS,GAAG,GAAGT,kBAAW,CAACC,GAAG;IACvE,MAAMS,QAAQ,GAAGN,IAAI,CAACO,MAAM,CAACC,SAAS,CACpCJ,MAAM,EACNN,kBAAW,CAACG,KAAK,EACjBd,MAAM,EACNC,UACF,CAAC;IACD,IAAIgB,MAAM,KAAKR,kBAAW,CAACS,GAAG,EAAE;MAC9BF,UAAU,GAAGM,yBAAM,CAACC,IAAI,CAAC,IAAIC,UAAU,CAACL,QAAQ,CAAC,CAAC,CAACM,QAAQ,CAAC,OAAO,CAAC;IACtE,CAAC,MAAM;MACLT,UAAU,GAAGG,QAAQ;IACvB;EACF;EAEA,OAAO;IAAEJ,SAAS;IAAEC;EAAW,CAAC;AAClC;AAEO,eAAeU,uBAAuBA,CAC3ClC,OAA2C,EAC3CK,QAA0B,EAIzB;EACD,MAAMD,GAAG,GAAGL,uBAAuB,CAACC,OAAO,CAAC;EAC5C,MAAMI,GAAG,CAACT,eAAe,CAAC,CAAC;EAC3B,OAAOQ,uBAAuB,CAACC,GAAG,EAAEC,QAAQ,CAAC;AAC/C;AAEO,SAAS8B,2BAA2BA,CACzCnC,OAA2C,EAC3CK,QAA0B,EAI1B;EACA,MAAMD,GAAG,GAAGL,uBAAuB,CAACC,OAAO,CAAC;EAC5CI,GAAG,CAACR,mBAAmB,CAAC,CAAC;EACzB,OAAOO,uBAAuB,CAACC,GAAG,EAAEC,QAAQ,CAAC;AAC/C","ignoreList":[]}
|
package/lib/commonjs/ec.js
CHANGED
|
@@ -61,70 +61,62 @@ function ecImportKey(format, keyData, algorithm, extractable, keyUsages) {
|
|
|
61
61
|
if (!namedCurve || !_utils.kNamedCurveAliases[namedCurve]) {
|
|
62
62
|
throw (0, _utils.lazyDOMException)('Unrecognized namedCurve', 'NotSupportedError');
|
|
63
63
|
}
|
|
64
|
-
|
|
65
|
-
// Handle JWK format
|
|
66
64
|
if (format === 'jwk') {
|
|
67
65
|
const jwk = keyData;
|
|
68
|
-
|
|
69
|
-
|
|
66
|
+
if (!jwk || typeof jwk !== 'object') {
|
|
67
|
+
throw (0, _utils.lazyDOMException)('Invalid keyData', 'DataError');
|
|
68
|
+
}
|
|
70
69
|
if (jwk.kty !== 'EC') {
|
|
71
70
|
throw (0, _utils.lazyDOMException)('Invalid JWK "kty" Parameter', 'DataError');
|
|
72
71
|
}
|
|
73
72
|
if (jwk.crv !== namedCurve) {
|
|
74
73
|
throw (0, _utils.lazyDOMException)('JWK "crv" does not match the requested algorithm', 'DataError');
|
|
75
74
|
}
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
if (jwk.use !== undefined) {
|
|
79
|
-
const expectedUse = name === 'ECDH' ? 'enc' : 'sig';
|
|
80
|
-
if (jwk.use !== expectedUse) {
|
|
81
|
-
throw (0, _utils.lazyDOMException)('Invalid JWK "use" Parameter', 'DataError');
|
|
82
|
-
}
|
|
83
|
-
}
|
|
84
|
-
|
|
85
|
-
// Check alg parameter if present
|
|
75
|
+
const expectedUse = name === 'ECDH' ? 'enc' : 'sig';
|
|
76
|
+
(0, _utils.validateJwkStructure)(jwk, extractable, keyUsages, expectedUse);
|
|
86
77
|
if (jwk.alg !== undefined) {
|
|
87
78
|
let expectedAlg;
|
|
88
79
|
if (name === 'ECDSA') {
|
|
89
|
-
// Map namedCurve to expected ECDSA algorithm
|
|
90
80
|
expectedAlg = namedCurve === 'P-256' ? 'ES256' : namedCurve === 'P-384' ? 'ES384' : namedCurve === 'P-521' ? 'ES512' : undefined;
|
|
91
81
|
} else if (name === 'ECDH') {
|
|
92
|
-
// ECDH uses ECDH-ES algorithm
|
|
93
82
|
expectedAlg = 'ECDH-ES';
|
|
94
83
|
}
|
|
95
|
-
if (expectedAlg && jwk.alg !==
|
|
84
|
+
if (expectedAlg && jwk.alg !== expectedAlg) {
|
|
96
85
|
throw (0, _utils.lazyDOMException)('JWK "alg" does not match the requested algorithm', 'DataError');
|
|
97
86
|
}
|
|
98
87
|
}
|
|
99
|
-
|
|
100
|
-
|
|
88
|
+
const isPublicJwk = jwk.d === undefined;
|
|
89
|
+
const validUsagesJwk = name === 'ECDSA' ? isPublicJwk ? ['verify'] : ['sign'] : isPublicJwk ? [] : ['deriveKey', 'deriveBits'];
|
|
90
|
+
if ((0, _utils.hasAnyNotIn)(keyUsages, validUsagesJwk)) {
|
|
91
|
+
throw (0, _utils.lazyDOMException)(`Unsupported key usage for a ${name} key`, 'SyntaxError');
|
|
92
|
+
}
|
|
101
93
|
const handle = _reactNativeNitroModules.NitroModules.createHybridObject('KeyObjectHandle');
|
|
102
|
-
|
|
94
|
+
let keyType;
|
|
95
|
+
try {
|
|
96
|
+
keyType = handle.initJwk(jwk, namedCurve);
|
|
97
|
+
} catch (err) {
|
|
98
|
+
throw (0, _utils.lazyDOMException)('Invalid keyData', {
|
|
99
|
+
name: 'DataError',
|
|
100
|
+
cause: err
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
103
|
if (keyType === undefined) {
|
|
104
|
-
throw (0, _utils.lazyDOMException)('Invalid
|
|
104
|
+
throw (0, _utils.lazyDOMException)('Invalid keyData', 'DataError');
|
|
105
105
|
}
|
|
106
|
-
|
|
107
|
-
// Create the appropriate KeyObject based on type
|
|
108
106
|
let keyObject;
|
|
109
107
|
if (keyType === 1) {
|
|
110
108
|
keyObject = new _classes.PublicKeyObject(handle);
|
|
111
109
|
} else if (keyType === 2) {
|
|
112
110
|
keyObject = new _classes.PrivateKeyObject(handle);
|
|
113
111
|
} else {
|
|
114
|
-
throw (0, _utils.lazyDOMException)('
|
|
112
|
+
throw (0, _utils.lazyDOMException)('Invalid keyData', 'DataError');
|
|
115
113
|
}
|
|
116
114
|
return new _classes.CryptoKey(keyObject, algorithm, keyUsages, extractable);
|
|
117
115
|
}
|
|
118
|
-
|
|
119
|
-
// Handle binary formats (spki, pkcs8, raw)
|
|
120
116
|
if (format !== 'spki' && format !== 'pkcs8' && format !== 'raw') {
|
|
121
117
|
throw (0, _utils.lazyDOMException)(`Unsupported format: ${format}`, 'NotSupportedError');
|
|
122
118
|
}
|
|
123
|
-
|
|
124
|
-
// Determine expected key type based on format
|
|
125
119
|
const expectedKeyType = format === 'spki' || format === 'raw' ? 'public' : 'private';
|
|
126
|
-
|
|
127
|
-
// Validate usages for the key type
|
|
128
120
|
const isPublicKey = expectedKeyType === 'public';
|
|
129
121
|
let validUsages;
|
|
130
122
|
if (name === 'ECDSA') {
|
|
@@ -155,6 +147,17 @@ function ecImportKey(format, keyData, algorithm, extractable, keyUsages) {
|
|
|
155
147
|
} else {
|
|
156
148
|
// Use standard DER import for spki/pkcs8
|
|
157
149
|
keyObject = _classes.KeyObject.createKeyObject(expectedKeyType, keyBuffer, _utils.KFormatType.DER, format === 'spki' ? _utils.KeyEncoding.SPKI : _utils.KeyEncoding.PKCS8);
|
|
150
|
+
|
|
151
|
+
// Validate the imported curve matches the requested algorithm.namedCurve.
|
|
152
|
+
const expectedAlias = _utils.kNamedCurveAliases[namedCurve];
|
|
153
|
+
if (keyObject.handle.keyDetail().namedCurve !== expectedAlias) {
|
|
154
|
+
throw (0, _utils.lazyDOMException)('Named curve mismatch', 'DataError');
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
|
|
158
|
+
// Verify the public/private point lies on the named curve.
|
|
159
|
+
if (!keyObject.handle.checkEcKeyData()) {
|
|
160
|
+
throw (0, _utils.lazyDOMException)('Invalid keyData', 'DataError');
|
|
158
161
|
}
|
|
159
162
|
return new _classes.CryptoKey(keyObject, algorithm, keyUsages, extractable);
|
|
160
163
|
}
|
|
@@ -282,6 +285,8 @@ function ec_formatKeyPairOutput(ec, encoding) {
|
|
|
282
285
|
let privateKey;
|
|
283
286
|
if (publicFormat === -1) {
|
|
284
287
|
publicKey = pub;
|
|
288
|
+
} else if (publicFormat === 'raw-public') {
|
|
289
|
+
publicKey = _reactNativeBuffer.Buffer.from(pub.handle.exportECPublicRaw(publicType === 'compressed'));
|
|
285
290
|
} else {
|
|
286
291
|
const format = publicFormat === _utils.KFormatType.PEM ? _utils.KFormatType.PEM : _utils.KFormatType.DER;
|
|
287
292
|
const keyEncoding = publicType === _utils.KeyEncoding.SPKI ? _utils.KeyEncoding.SPKI : _utils.KeyEncoding.SPKI;
|
|
@@ -294,6 +299,8 @@ function ec_formatKeyPairOutput(ec, encoding) {
|
|
|
294
299
|
}
|
|
295
300
|
if (privateFormat === -1) {
|
|
296
301
|
privateKey = priv;
|
|
302
|
+
} else if (privateFormat === 'raw-private') {
|
|
303
|
+
privateKey = _reactNativeBuffer.Buffer.from(priv.handle.exportECPrivateRaw());
|
|
297
304
|
} else {
|
|
298
305
|
const format = privateFormat === _utils.KFormatType.PEM ? _utils.KFormatType.PEM : _utils.KFormatType.DER;
|
|
299
306
|
const keyEncoding = privateType === _utils.KeyEncoding.PKCS8 ? _utils.KeyEncoding.PKCS8 : privateType === _utils.KeyEncoding.SEC1 ? _utils.KeyEncoding.SEC1 : _utils.KeyEncoding.PKCS8;
|