react-native-security-suite 0.1.2 → 0.3.0

package/ios/DataHashingMethods.swift

@@ -0,0 +1,196 @@
+//
+//  Data+HashingMethods.swift
+//
+//  Created by Amir Sepehrom on 5/31/21.
+//
+
+import Foundation
+import Security
+import CommonCrypto
+
+extension SecKey {
+    
+    fileprivate subscript(attribute attr: CFString) -> Any? {
+        let attributes = SecKeyCopyAttributes(self) as? [CFString: Any]
+        return attributes?[attr]
+    }
+    
+    /// Returns key length.
+    public var keySize: Int {
+        // swiftlint: disable force_cast
+        return self[attribute: kSecAttrKeySizeInBits] as! Int
+    }
+    
+    /// Returns encryption method of key.
+    public var type: KeyType {
+        // swiftlint: disable force_cast
+        let type = self[attribute: kSecAttrType] as! CFString
+        return KeyType(rawValue: type)!
+    }
+    
+    /// Public ASN1 header appropriate for current key.
+    fileprivate func asn1Header() throws -> Data {
+        return try type.asn1Header(keySize: keySize)
+    }
+    
+    /// Exporable key data with ASN1 header.
+    public func bytes() throws -> Data {
+        return try asn1Header() + rawBytes()
+    }
+    
+    /// Raw bytes for key that generated by Security framework.
+    public func rawBytes() throws -> Data {
+        var error: Unmanaged<CFError>?
+        
+        guard let keyData = SecKeyCopyExternalRepresentation(self, &error) as Data? else {
+            throw error?.takeRetainedValue() ?? CryptographyError.invalidKey
+        }
+        return keyData
+    }
+    
+    /// Encryption method
+    public enum KeyType: RawRepresentable {
+        /// Eliptic curve
+        case ec
+        /// RSA
+        case rsa
+        
+        /// Initilize from kSecAttrKeyType string constant.
+        public init?(rawValue: CFString) {
+            switch rawValue {
+            case kSecAttrKeyTypeEC, kSecAttrKeyTypeECSECPrimeRandom:
+                self = .ec
+            case kSecAttrKeyTypeRSA:
+                self = .rsa
+            default:
+                return nil
+            }
+        }
+        
+        /// kSecAttrKeyType counterpart of option.
+        public var rawValue: CFString {
+            switch self {
+            case .ec:
+                return kSecAttrKeyTypeECSECPrimeRandom
+            case .rsa:
+                return kSecAttrKeyTypeRSA
+            }
+        }
+        
+        /// ASN1 headers for encrypting public keys.
+        public struct ASN1 {
+            public static let rsa2048 = Data(base64Encoded: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A")!
+            public static let rsa4096 = Data(base64Encoded: "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A")!
+            public static let ec256   = Data(base64Encoded: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgA=")!
+            public static let ec384   = Data(base64Encoded: "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgA=")!
+            public static let ec521   = Data(base64Encoded: "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAA==")!
+        }
+        
+        func asn1Header(keySize: Int) throws -> Data {
+            switch (self, keySize) {
+            case (.ec, 256):
+                return ASN1.ec256
+            case (.ec, 384):
+                return ASN1.ec384
+            case (.ec, 521):
+                return ASN1.ec521
+            case (.rsa, 2048):
+                return ASN1.rsa2048
+            case (.rsa, 4096):
+                return ASN1.rsa4096
+            default:
+                throw CryptographyError.unsupported
+            }
+        }
+    }
+}
+
+public enum CryptographyError: Error {
+    /// Key data is not valid or not conform to expected type and length.
+    case invalidKey
+    /// Encryption failed.
+    case failedEncryption
+    /// Decryption failed.
+    case failedDecryption
+    /// Data that passed to encrypt/decrypt is empty.
+    case emptyData
+    /// Encrypted data is not valid or encrypted with another key type.
+    case invalidData
+    /// Encryption/Decryption method is not supported.
+    case unsupported
+    
+    // Enclave
+    /// Private key is not exist on the device enclave.
+    case keyNotFound
+    /// Operation with private key which saved in enclave is not posssible.
+    case notAllowed
+}
+
+public enum Digest: String {
+    case md5 = "MD5"
+    case sha1 = "SHA1"
+    case sha256 = "SHA256"
+    case sha384 = "SHA384"
+    case sha512 = "SHA512"
+    
+    public var length: Int {
+        switch self {
+        case .md5:
+            return Int(CC_MD5_DIGEST_LENGTH)
+        case .sha1:
+            return Int(CC_SHA1_DIGEST_LENGTH)
+        case .sha256:
+            return Int(CC_SHA256_DIGEST_LENGTH)
+        case .sha384:
+            return Int(CC_SHA384_DIGEST_LENGTH)
+        case .sha512:
+            return Int(CC_SHA512_DIGEST_LENGTH)
+        }
+    }
+    
+    public var hmacAlgorithm: CCHmacAlgorithm {
+        switch self {
+        case .md5:
+            return CCHmacAlgorithm(kCCHmacAlgMD5)
+        case .sha1:
+            return CCHmacAlgorithm(kCCHmacAlgSHA1)
+        case .sha256:
+            return CCHmacAlgorithm(kCCHmacAlgSHA256)
+        case .sha384:
+            return CCHmacAlgorithm(kCCHmacAlgSHA384)
+        case .sha512:
+            return CCHmacAlgorithm(kCCHmacAlgSHA512)
+        }
+    }
+}
+
+extension Data {
+    /**
+     Calculates hash digest of data.
+     
+     - Parameter digest: digest type. Currently only SHA is supported.
+     - Returns: A data object with length equal to digest length.
+     */
+    public func hash(digest: Digest) -> Data {
+        guard !isEmpty else { return Data() }
+        var result = [UInt8](repeating: 0, count: digest.length)
+        self.withUnsafeBytes { (buf: UnsafeRawBufferPointer) -> Void in
+            let ptr = buf.baseAddress!
+            let dataLen = CC_LONG(buf.count)
+            switch digest {
+            case .md5:
+                CC_MD5(ptr, dataLen, &result)
+            case .sha1:
+                CC_SHA1(ptr, dataLen, &result)
+            case .sha256:
+                CC_SHA256(ptr, dataLen, &result)
+            case .sha384:
+                CC_SHA384(ptr, dataLen, &result)
+            case .sha512:
+                CC_SHA512(ptr, dataLen, &result)
+            }
+        }
+        
+        return Data(result)
+    }
+}

package/ios/SecuritySuite-Bridging-Header.h

@@ -1,2 +1,3 @@
 #import <React/RCTBridgeModule.h>
 #import <React/RCTViewManager.h>
+#import <CommonCrypto/CommonCrypto.h>

package/ios/SecuritySuite.mm

@@ -0,0 +1,26 @@
+#import <React/RCTBridgeModule.h>
+
+@interface RCT_EXTERN_MODULE(SecuritySuite, NSObject)
+
+RCT_EXTERN_METHOD(getPublicKey:(RCTPromiseResolveBlock)resolve withRejecter:(RCTPromiseRejectBlock)reject)
+
+RCT_EXTERN_METHOD(getSharedKey:(NSString)serverPK withResolver:(RCTPromiseResolveBlock)resolve withRejecter:(RCTPromiseRejectBlock)reject)
+
+RCT_EXTERN_METHOD(encrypt:(NSString)input withResolver:(RCTPromiseResolveBlock)resolve withRejecter:(RCTPromiseRejectBlock)reject)
+
+RCT_EXTERN_METHOD(decrypt:(NSString)input withResolver:(RCTPromiseResolveBlock)resolve withRejecter:(RCTPromiseRejectBlock)reject)
+
+RCT_EXTERN_METHOD(getDeviceId:(RCTResponseSenderBlock)callback)
+
+RCT_EXTERN_METHOD(storageEncrypt:(NSString)input withSecretKey:(NSString*)secretKey withHardEncryption:(BOOL)hardEncryption withCallback:(RCTResponseSenderBlock)callback)
+
+RCT_EXTERN_METHOD(storageDecrypt:(NSString)input withSecretKey:(NSString*)secretKey withHardEncryption:(BOOL)hardEncryption withCallback:(RCTResponseSenderBlock)callback)
+
+RCT_EXTERN_METHOD(deviceHasSecurityRisk:(RCTPromiseResolveBlock)resolve withRejecter:(RCTPromiseRejectBlock)reject)
+
++ (BOOL)requiresMainQueueSetup
+{
+  return NO;
+}
+
+@end

package/ios/SecuritySuite.swift

@@ -1,7 +1,128 @@
 import IOSSecuritySuite
+import Foundation
+import CryptoKit
+import SwiftUI
 
+@available(iOS 13.0, *)
 @objc(SecuritySuite)
 class SecuritySuite: NSObject {
+    var privateKey: String!,
+        publicKey: String!,
+        sharedKey: String!,
+        keyData: Data!
+
+    @objc(getPublicKey:withRejecter:)
+    func getPublicKey(resolve: @escaping RCTPromiseResolveBlock, reject: RCTPromiseRejectBlock) -> Void {
+        do {
+            privateKey = P256.KeyAgreement.PrivateKey().rawRepresentation.base64EncodedString()
+            keyData = Data(base64Encoded: privateKey as! String)!
+            publicKey = try? (ASN1.ec256 + [0x04] + P256.KeyAgreement.PrivateKey(rawRepresentation: keyData).publicKey.rawRepresentation).base64EncodedString()
+            
+            resolve(publicKey)
+        } catch {
+            reject("error", "GET_PUBLIC_KEY_ERROR", nil)
+        }
+    }
+    
+    @objc(getSharedKey:withResolver:withRejecter:)
+    func getSharedKey(serverPK: NSString, resolve: @escaping RCTPromiseResolveBlock, reject: RCTPromiseRejectBlock) -> Void {
+        do {
+            print("privateKey", privateKey)
+            guard let serverPublicKeyData = Data(base64Encoded: serverPK as String),
+                  let privateKeyData = Data(base64Encoded: privateKey as String) else { return }
+            
+            sharedKey = try? P256.KeyAgreement.PrivateKey(rawRepresentation: privateKeyData).sharedSecretFromKeyAgreement(with: .init(rawRepresentation: serverPublicKeyData.dropFirst(ASN1.ec256.count + 1)))
+                .withUnsafeBytes({ Data(buffer: $0.bindMemory(to: UInt8.self)) })
+                .base64EncodedString()
+         
+            resolve(sharedKey)
+        } catch {
+            reject("error", "GET_SHARED_KEY_ERROR", nil)
+        }
+    }
+    
+    @objc(encrypt:withResolver:withRejecter:)
+    func encrypt(input: NSString, resolve: @escaping RCTPromiseResolveBlock, reject: RCTPromiseRejectBlock) -> Void {
+        do {
+            guard let keyData = Data(base64Encoded: sharedKey) else {
+                reject("error", "DECRYPT_SHARED_KEY_ERROR", nil)
+                return
+            }
+            let data = Data((input as String).utf8)
+            if keyData == nil {
+                reject("error", "keyData is null", nil)
+                return
+            }
+            let key = SymmetricKey(data: keyData)
+            let output = try? AES.GCM.seal(data, using: key).combined?.base64EncodedString()
+            resolve(output)
+        } catch {
+            reject("error", "ENCRYPT_ERROR", nil)
+        }
+    }
+    
+    @objc(decrypt:withResolver:withRejecter:)
+    func decrypt(input: NSString, resolve: @escaping RCTPromiseResolveBlock, reject: RCTPromiseRejectBlock) -> Void {
+        do {
+            guard let keyData = Data(base64Encoded: sharedKey) else {
+                reject("error", "DECRYPT_SHARED_KEY_ERROR", nil)
+                return
+            }
+            guard let data = Data(base64Encoded: "\(input)") else {
+                reject("error", "INPUT_ERROR", nil)
+                return
+            }
+            let key = SymmetricKey(data: keyData)
+            let output = ( try? AES.GCM.open(.init(combined: data), using: key)).map({String(decoding: $0, as: UTF8.self)})
+            
+            resolve(output)
+        } catch {
+            reject("error", "DECRYPT_ERROR", nil)
+        }
+    }
+    
+    @objc(storageEncrypt:withSecretKey:withHardEncryption:withCallback:)
+    func storageEncrypt(input: NSString, secretKey: NSString, hardEncryption: Bool, callback: RCTResponseSenderBlock) -> Void {
+        do {
+            var encryptionKey = getDeviceId();
+            if secretKey != nil {
+                encryptionKey = secretKey as String;
+            }
+            let storageEncryption: StorageEncryption = StorageEncryption()
+            let encrypted = try? storageEncryption.encrypt(plain: "\(input)", encryptionKey: encryptionKey, hardEncryption: hardEncryption)
+            callback([encrypted, NSNull()])
+        } catch {
+            callback([NSNull(), "SOFT_DECRYPT_ERROR"])
+        }
+    }
+    
+    @objc(storageDecrypt:withSecretKey:withHardEncryption:withCallback:)
+    func storageDecrypt(input: NSString, secretKey: NSString, hardEncryption: Bool, callback: RCTResponseSenderBlock) -> Void {
+        do {
+            var encryptionKey = getDeviceId()
+            if secretKey != nil {
+                encryptionKey = secretKey as String;
+            }
+            let storageEncryption: StorageEncryption = StorageEncryption()
+            let decrypted = try? storageEncryption.decrypt(decoded: "\(input)", encryptionKey: encryptionKey, hardEncryption: hardEncryption)
+            callback([decrypted, NSNull()])
+        } catch {
+            callback([NSNull(), "SOFT_DECRYPT_ERROR"])
+        }
+    }
+    
+    @objc(getDeviceId:)
+    func getDeviceId(callback: RCTResponseSenderBlock) -> Void {
+        do {
+            callback([getDeviceId(), NSNull()]);
+        } catch {
+            callback([NSNull(), "GET_DEVICE_ID_ERROR"]);
+        }
+    }
+    
+    func getDeviceId() -> String {
+        return UIDevice.current.identifierForVendor!.uuidString.replacingOccurrences(of: "-", with: "", options: [], range: nil)
+    }
 
     @objc(deviceHasSecurityRisk:withRejecter:)
     func deviceHasSecurityRisk(resolve:RCTPromiseResolveBlock, reject:RCTPromiseRejectBlock) -> Void {
@@ -13,3 +134,11 @@ class SecuritySuite: NSObject {
         }
     }
 }
+
+struct ASN1 {
+    static let rsa2048 = Data(base64Encoded: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A")!
+    static let rsa4096 = Data(base64Encoded: "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A")!
+    static let ec256   = Data(base64Encoded: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgA=")!
+    static let ec384   = Data(base64Encoded: "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgA=")!
+    static let ec521   = Data(base64Encoded: "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQ=")!
+}

package/ios/SecuritySuite.xcodeproj/project.pbxproj

@@ -7,10 +7,9 @@
 	objects = {
 
 /* Begin PBXBuildFile section */
-
-		5E555C0D2413F4C50049A1A2 /* SecuritySuite.m in Sources */ = {isa = PBXBuildFile; fileRef = B3E7B5891CC2AC0600A0062D /* SecuritySuite.m */; };
-		F4FF95D7245B92E800C19C63 /*  SecuritySuite.swift in Sources */ = {isa = PBXBuildFile; fileRef = F4FF95D6245B92E800C19C63 /*  SecuritySuite.swift */; };
-
+		48C650222A751374001FA3B0 /* StorageEncryption.swift in Sources */ = {isa = PBXBuildFile; fileRef = 48C650202A751374001FA3B0 /* StorageEncryption.swift */; };
+		48C650232A751374001FA3B0 /* DataHashingMethods.swift in Sources */ = {isa = PBXBuildFile; fileRef = 48C650212A751374001FA3B0 /* DataHashingMethods.swift */; };
+		F4FF95D7245B92E800C19C63 /* SecuritySuite.swift in Sources */ = {isa = PBXBuildFile; fileRef = F4FF95D6245B92E800C19C63 /* SecuritySuite.swift */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXCopyFilesBuildPhase section */
@@ -27,11 +26,11 @@
 
 /* Begin PBXFileReference section */
 		134814201AA4EA6300B7C361 /* libSecuritySuite.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libSecuritySuite.a; sourceTree = BUILT_PRODUCTS_DIR; };
-
-		B3E7B5891CC2AC0600A0062D /* SecuritySuite.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SecuritySuite.m; sourceTree = "<group>"; };
+		48C650202A751374001FA3B0 /* StorageEncryption.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = StorageEncryption.swift; sourceTree = "<group>"; };
+		48C650212A751374001FA3B0 /* DataHashingMethods.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DataHashingMethods.swift; sourceTree = "<group>"; };
+		B3E7B5891CC2AC0600A0062D /* SecuritySuite.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SecuritySuite.mm; sourceTree = "<group>"; };
 		F4FF95D5245B92E700C19C63 /* SecuritySuite-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "SecuritySuite-Bridging-Header.h"; sourceTree = "<group>"; };
 		F4FF95D6245B92E800C19C63 /* SecuritySuite.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecuritySuite.swift; sourceTree = "<group>"; };
-
 /* End PBXFileReference section */
 
 /* Begin PBXFrameworksBuildPhase section */
@@ -56,11 +55,11 @@
 		58B511D21A9E6C8500147676 = {
 			isa = PBXGroup;
 			children = (
-
 				F4FF95D6245B92E800C19C63 /* SecuritySuite.swift */,
-				B3E7B5891CC2AC0600A0062D /* SecuritySuite.m */,
+				B3E7B5891CC2AC0600A0062D /* SecuritySuite.mm */,
 				F4FF95D5245B92E700C19C63 /* SecuritySuite-Bridging-Header.h */,
-
+				48C650212A751374001FA3B0 /* DataHashingMethods.swift */,
+				48C650202A751374001FA3B0 /* StorageEncryption.swift */,
 				134814211AA4EA7D00B7C361 /* Products */,
 			);
 			sourceTree = "<group>";
@@ -122,10 +121,9 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-
+				48C650232A751374001FA3B0 /* DataHashingMethods.swift in Sources */,
+				48C650222A751374001FA3B0 /* StorageEncryption.swift in Sources */,
 				F4FF95D7245B92E800C19C63 /* SecuritySuite.swift in Sources */,
-				B3E7B58A1CC2AC0600A0062D /* SecuritySuite.m in Sources */,
-
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -160,6 +158,7 @@
 				COPY_PHASE_STRIP = NO;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				ENABLE_TESTABILITY = YES;
+				"EXCLUDED_ARCHS[sdk=*]" = arm64;
 				GCC_C_LANGUAGE_STANDARD = gnu99;
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_NO_COMMON_BLOCKS = YES;
@@ -210,6 +209,7 @@
 				COPY_PHASE_STRIP = YES;
 				ENABLE_NS_ASSERTIONS = NO;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
+				"EXCLUDED_ARCHS[sdk=*]" = arm64;
 				GCC_C_LANGUAGE_STANDARD = gnu99;
 				GCC_NO_COMMON_BLOCKS = YES;
 				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
@@ -238,11 +238,9 @@
 				OTHER_LDFLAGS = "-ObjC";
 				PRODUCT_NAME = SecuritySuite;
 				SKIP_INSTALL = YES;
-
 				SWIFT_OBJC_BRIDGING_HEADER = "SecuritySuite-Bridging-Header.h";
 				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
 				SWIFT_VERSION = 5.0;
-
 			};
 			name = Debug;
 		};
@@ -259,10 +257,8 @@
 				OTHER_LDFLAGS = "-ObjC";
 				PRODUCT_NAME = SecuritySuite;
 				SKIP_INSTALL = YES;
-
 				SWIFT_OBJC_BRIDGING_HEADER = "SecuritySuite-Bridging-Header.h";
 				SWIFT_VERSION = 5.0;
-
 			};
 			name = Release;
 		};

package/ios/SecuritySuite.xcodeproj/project.xcworkspace/contents.xcworkspacedata

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Workspace
+   version = "1.0">
+</Workspace>

package/ios/SecuritySuite.xcodeproj/project.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IDEDidComputeMac32BitWarning</key>
+	<true/>
+</dict>
+</plist>

package/ios/SecuritySuite.xcodeproj/xcuserdata/mohammadnavabi.xcuserdatad/xcschemes/xcschememanagement.plist

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>SchemeUserState</key>
+	<dict>
+		<key>SecuritySuite.xcscheme_^#shared#^_</key>
+		<dict>
+			<key>orderHint</key>
+			<integer>0</integer>
+		</dict>
+	</dict>
+</dict>
+</plist>

package/ios/StorageEncryption.swift

@@ -0,0 +1,81 @@
+//
+//  SoftEncryption.swift
+//  EncryptionSecurity
+//
+//  Created by Mohammad on 5/9/1401 AP.
+//  Copyright © 1401 AP Facebook. All rights reserved.
+//
+
+import Foundation
+import CryptoKit
+
+@available(iOS 13.0, *)
+class StorageEncryption {
+    let nonce = try! AES.GCM.Nonce(data: Data(base64Encoded: "bj1nixTVoYpSvpdA")!)
+
+    func encrypt(plain: String, encryptionKey: String, hardEncryption: Bool) throws -> String {
+        do {
+            guard let encryptionKeyData = Data(base64Encoded: encryptionKey) else {
+                return "Could not decode encryptionKey text: \(encryptionKey)"
+            }
+            guard let plainData = plain.data(using: .utf8) else {
+                return "Could not decode plain text: \(plain)"
+            }
+            let symmetricKey = SymmetricKey(data: encryptionKeyData)
+            var encrypted = try AES.GCM.seal(plainData, using: symmetricKey, nonce: nonce, authenticating: ASN1.ec256)
+            if (hardEncryption) {
+                encrypted = try AES.GCM.seal(plainData, using: symmetricKey)
+            }
+            return encrypted.combined!.base64EncodedString()
+        } catch let error {
+            return "Error encrypting message: \(error.localizedDescription)"
+        }
+    }
+
+    func decrypt(decoded: String, encryptionKey: String, hardEncryption: Bool) throws -> String {
+        do {
+            guard let encryptionKeyData = Data(base64Encoded: encryptionKey) else {
+                return "Could not decode encryption key: \(encryptionKey)"
+            }
+            guard let decodedData = Data(base64Encoded: decoded) else {
+                return "Could not decode decoded text: \(decoded)"
+            }
+            let symmetricKey = SymmetricKey(data: encryptionKeyData)
+            if (hardEncryption) {
+                let sealedBoxToOpen = try AES.GCM.SealedBox(combined: decodedData)
+                let decrypted = try AES.GCM.open(sealedBoxToOpen, using: symmetricKey)
+                return String(data: decrypted, encoding: .utf8)!
+            } else {
+                let sealedBoxRestored = try AES.GCM.SealedBox(combined: decodedData)
+                let decrypted = try AES.GCM.open(sealedBoxRestored, using: symmetricKey, authenticating: ASN1.ec256)
+                return String(data: decrypted, encoding: .utf8)!
+            }
+        } catch let error {
+            return "Error decrypting message: \(error.localizedDescription)"
+        }
+    }
+}
+
+public extension Data {
+    init?(hexString: String) {
+        let len = hexString.count / 2
+        var data = Data(capacity: len)
+        var i = hexString.startIndex
+        for _ in 0..<len {
+            let j = hexString.index(i, offsetBy: 2)
+            let bytes = hexString[i..<j]
+            if var num = UInt8(bytes, radix: 16) {
+              data.append(&num, count: 1)
+            } else {
+              return nil
+            }
+            i = j
+        }
+        self = data
+    }
+    /// Hexadecimal string representation of `Data` object.
+    var hexadecimal: String {
+        return map { String(format: "%02x", $0) }
+            .joined()
+    }
+}

package/lib/commonjs/helpers.js

@@ -0,0 +1,16 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.isJsonString = void 0;
+const isJsonString = value => {
+  try {
+    JSON.parse(value);
+  } catch (e) {
+    return false;
+  }
+  return true;
+};
+exports.isJsonString = isJsonString;
+//# sourceMappingURL=helpers.js.map

package/lib/commonjs/helpers.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["isJsonString","value","JSON","parse","e","exports"],"sourceRoot":"../../src","sources":["helpers.ts"],"mappings":";;;;;;AAAO,MAAMA,YAAY,GAAIC,KAAa,IAAc;EACtD,IAAI;IACFC,IAAI,CAACC,KAAK,CAACF,KAAK,CAAC;EACnB,CAAC,CAAC,OAAOG,CAAC,EAAE;IACV,OAAO,KAAK;EACd;EACA,OAAO,IAAI;AACb,CAAC;AAACC,OAAA,CAAAL,YAAA,GAAAA,YAAA"}