react-native-security-suite 0.9.21 → 1.0.0-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +233 -65
- package/android/build.gradle +11 -0
- package/android/gradle.properties +1 -1
- package/android/src/main/java/com/securitysuite/CryptoConfig.java +158 -0
- package/android/src/main/java/com/securitysuite/CryptoUtils.java +152 -0
- package/android/src/main/java/com/securitysuite/EcdhKeyStore.java +60 -0
- package/android/src/main/java/com/securitysuite/HeaderSanitizer.java +75 -0
- package/android/src/main/java/com/securitysuite/JWSGenerator.java +237 -32
- package/android/src/main/java/com/securitysuite/JwsFetchPayload.java +81 -0
- package/android/src/main/java/com/securitysuite/Obfuscation.java +57 -0
- package/android/src/main/java/com/securitysuite/SecureStorageNative.java +211 -0
- package/android/src/main/java/com/securitysuite/SecureView.java +2 -10
- package/android/src/main/java/com/securitysuite/SecureWindowHelper.java +30 -0
- package/android/src/main/java/com/securitysuite/SecuritySuiteModule.java +310 -102
- package/android/src/main/java/com/securitysuite/Sslpinning.java +219 -106
- package/android/src/main/java/com/securitysuite/security/AppIntegrityChecker.java +133 -0
- package/android/src/main/java/com/securitysuite/security/EmulatorDetector.java +145 -0
- package/android/src/main/java/com/securitysuite/security/RuntimeDetector.java +234 -0
- package/android/src/test/java/com/securitysuite/JWSGeneratorTest.java +153 -0
- package/android/src/test/java/com/securitysuite/SecureStorageNativeTest.java +37 -0
- package/ios/CryptoConfig.swift +124 -0
- package/ios/JWSGenerator.swift +288 -0
- package/ios/JWSGeneratorTests.swift +168 -0
- package/ios/KeychainHelper.swift +104 -0
- package/ios/Obfuscation.swift +42 -0
- package/ios/SecureStorageNative.swift +84 -0
- package/ios/Security/AppIntegrityChecker.swift +85 -0
- package/ios/Security/EmulatorDetector.swift +45 -0
- package/ios/Security/RuntimeDetector.swift +107 -0
- package/ios/SecuritySuite.mm +28 -4
- package/ios/SecuritySuite.swift +407 -131
- package/ios/SslPinning.swift +242 -263
- package/lib/commonjs/clipboard/index.js +3 -0
- package/lib/commonjs/clipboard/index.js.map +1 -0
- package/lib/commonjs/crypto/index.js +39 -0
- package/lib/commonjs/crypto/index.js.map +1 -0
- package/lib/commonjs/device/index.js +40 -0
- package/lib/commonjs/device/index.js.map +1 -0
- package/lib/commonjs/errors.js +62 -0
- package/lib/commonjs/errors.js.map +1 -0
- package/lib/commonjs/index.js +220 -151
- package/lib/commonjs/index.js.map +1 -1
- package/lib/commonjs/integrity/index.js +40 -0
- package/lib/commonjs/integrity/index.js.map +1 -0
- package/lib/commonjs/jws.js +141 -0
- package/lib/commonjs/jws.js.map +1 -0
- package/lib/commonjs/legacy/cryptoOptions.js +20 -0
- package/lib/commonjs/legacy/cryptoOptions.js.map +1 -0
- package/lib/commonjs/native/bridge.js +23 -0
- package/lib/commonjs/native/bridge.js.map +1 -0
- package/lib/commonjs/network/index.js +3 -0
- package/lib/commonjs/network/index.js.map +1 -0
- package/lib/commonjs/risk/score.js +36 -0
- package/lib/commonjs/risk/score.js.map +1 -0
- package/lib/commonjs/runtime/index.js +31 -0
- package/lib/commonjs/runtime/index.js.map +1 -0
- package/lib/commonjs/screen/index.js +13 -0
- package/lib/commonjs/screen/index.js.map +1 -0
- package/lib/commonjs/securitySuite/index.js +42 -0
- package/lib/commonjs/securitySuite/index.js.map +1 -0
- package/lib/commonjs/storage/index.js +3 -0
- package/lib/commonjs/storage/index.js.map +1 -0
- package/lib/commonjs/types/detection.js +2 -0
- package/lib/commonjs/types/detection.js.map +1 -0
- package/lib/module/clipboard/index.js +3 -0
- package/lib/module/clipboard/index.js.map +1 -0
- package/lib/module/crypto/index.js +35 -0
- package/lib/module/crypto/index.js.map +1 -0
- package/lib/module/device/index.js +36 -0
- package/lib/module/device/index.js.map +1 -0
- package/lib/module/errors.js +55 -0
- package/lib/module/errors.js.map +1 -0
- package/lib/module/index.js +147 -148
- package/lib/module/index.js.map +1 -1
- package/lib/module/integrity/index.js +36 -0
- package/lib/module/integrity/index.js.map +1 -0
- package/lib/module/jws.js +127 -0
- package/lib/module/jws.js.map +1 -0
- package/lib/module/legacy/cryptoOptions.js +16 -0
- package/lib/module/legacy/cryptoOptions.js.map +1 -0
- package/lib/module/native/bridge.js +19 -0
- package/lib/module/native/bridge.js.map +1 -0
- package/lib/module/network/index.js +3 -0
- package/lib/module/network/index.js.map +1 -0
- package/lib/module/risk/score.js +32 -0
- package/lib/module/risk/score.js.map +1 -0
- package/lib/module/runtime/index.js +27 -0
- package/lib/module/runtime/index.js.map +1 -0
- package/lib/module/screen/index.js +5 -0
- package/lib/module/screen/index.js.map +1 -0
- package/lib/module/securitySuite/index.js +38 -0
- package/lib/module/securitySuite/index.js.map +1 -0
- package/lib/module/storage/index.js +3 -0
- package/lib/module/storage/index.js.map +1 -0
- package/lib/module/types/detection.js +2 -0
- package/lib/module/types/detection.js.map +1 -0
- package/lib/typescript/commonjs/docs/api-v1-proposal.d.ts +215 -0
- package/lib/typescript/commonjs/docs/api-v1-proposal.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/SecureView.d.ts +1 -1
- package/lib/typescript/commonjs/src/SecureView.d.ts.map +1 -1
- package/lib/typescript/commonjs/src/clipboard/index.d.ts +2 -0
- package/lib/typescript/commonjs/src/clipboard/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/crypto/index.d.ts +15 -0
- package/lib/typescript/commonjs/src/crypto/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/device/index.d.ts +11 -0
- package/lib/typescript/commonjs/src/device/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/errors.d.ts +17 -0
- package/lib/typescript/commonjs/src/errors.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/helpers.d.ts.map +1 -1
- package/lib/typescript/commonjs/src/index.d.ts +77 -24
- package/lib/typescript/commonjs/src/index.d.ts.map +1 -1
- package/lib/typescript/commonjs/src/integrity/index.d.ts +6 -0
- package/lib/typescript/commonjs/src/integrity/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/jws.d.ts +44 -0
- package/lib/typescript/commonjs/src/jws.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/legacy/cryptoOptions.d.ts +35 -0
- package/lib/typescript/commonjs/src/legacy/cryptoOptions.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/native/bridge.d.ts +12 -0
- package/lib/typescript/commonjs/src/native/bridge.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/network/index.d.ts +2 -0
- package/lib/typescript/commonjs/src/network/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/risk/score.d.ts +12 -0
- package/lib/typescript/commonjs/src/risk/score.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/runtime/index.d.ts +6 -0
- package/lib/typescript/commonjs/src/runtime/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/screen/index.d.ts +3 -0
- package/lib/typescript/commonjs/src/screen/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/securitySuite/index.d.ts +6 -0
- package/lib/typescript/commonjs/src/securitySuite/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/storage/index.d.ts +2 -0
- package/lib/typescript/commonjs/src/storage/index.d.ts.map +1 -0
- package/lib/typescript/commonjs/src/types/detection.d.ts +41 -0
- package/lib/typescript/commonjs/src/types/detection.d.ts.map +1 -0
- package/lib/typescript/module/docs/api-v1-proposal.d.ts +215 -0
- package/lib/typescript/module/docs/api-v1-proposal.d.ts.map +1 -0
- package/lib/typescript/module/src/SecureView.d.ts +1 -1
- package/lib/typescript/module/src/SecureView.d.ts.map +1 -1
- package/lib/typescript/module/src/clipboard/index.d.ts +2 -0
- package/lib/typescript/module/src/clipboard/index.d.ts.map +1 -0
- package/lib/typescript/module/src/crypto/index.d.ts +15 -0
- package/lib/typescript/module/src/crypto/index.d.ts.map +1 -0
- package/lib/typescript/module/src/device/index.d.ts +11 -0
- package/lib/typescript/module/src/device/index.d.ts.map +1 -0
- package/lib/typescript/module/src/errors.d.ts +17 -0
- package/lib/typescript/module/src/errors.d.ts.map +1 -0
- package/lib/typescript/module/src/helpers.d.ts.map +1 -1
- package/lib/typescript/module/src/index.d.ts +77 -24
- package/lib/typescript/module/src/index.d.ts.map +1 -1
- package/lib/typescript/module/src/integrity/index.d.ts +6 -0
- package/lib/typescript/module/src/integrity/index.d.ts.map +1 -0
- package/lib/typescript/module/src/jws.d.ts +44 -0
- package/lib/typescript/module/src/jws.d.ts.map +1 -0
- package/lib/typescript/module/src/legacy/cryptoOptions.d.ts +35 -0
- package/lib/typescript/module/src/legacy/cryptoOptions.d.ts.map +1 -0
- package/lib/typescript/module/src/native/bridge.d.ts +12 -0
- package/lib/typescript/module/src/native/bridge.d.ts.map +1 -0
- package/lib/typescript/module/src/network/index.d.ts +2 -0
- package/lib/typescript/module/src/network/index.d.ts.map +1 -0
- package/lib/typescript/module/src/risk/score.d.ts +12 -0
- package/lib/typescript/module/src/risk/score.d.ts.map +1 -0
- package/lib/typescript/module/src/runtime/index.d.ts +6 -0
- package/lib/typescript/module/src/runtime/index.d.ts.map +1 -0
- package/lib/typescript/module/src/screen/index.d.ts +3 -0
- package/lib/typescript/module/src/screen/index.d.ts.map +1 -0
- package/lib/typescript/module/src/securitySuite/index.d.ts +6 -0
- package/lib/typescript/module/src/securitySuite/index.d.ts.map +1 -0
- package/lib/typescript/module/src/storage/index.d.ts +2 -0
- package/lib/typescript/module/src/storage/index.d.ts.map +1 -0
- package/lib/typescript/module/src/types/detection.d.ts +41 -0
- package/lib/typescript/module/src/types/detection.d.ts.map +1 -0
- package/package.json +2 -4
- package/src/clipboard/index.ts +1 -0
- package/src/crypto/index.ts +49 -0
- package/src/device/index.ts +47 -0
- package/src/errors.ts +84 -0
- package/src/index.tsx +293 -195
- package/src/integrity/index.ts +46 -0
- package/src/jws.ts +213 -0
- package/src/legacy/cryptoOptions.ts +49 -0
- package/src/native/bridge.ts +37 -0
- package/src/network/index.ts +1 -0
- package/src/risk/score.ts +49 -0
- package/src/runtime/index.ts +43 -0
- package/src/screen/index.ts +2 -0
- package/src/securitySuite/index.ts +45 -0
- package/src/storage/index.ts +1 -0
- package/src/types/detection.ts +46 -0
- package/android/src/main/java/com/securitysuite/StorageEncryption.java +0 -52
- package/ios/StorageEncryption.swift +0 -89
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.assertCompactJwsShape = assertCompactJwsShape;
|
|
7
|
+
exports.isEmptyJwsPayload = isEmptyJwsPayload;
|
|
8
|
+
exports.normalizeJwsPayload = normalizeJwsPayload;
|
|
9
|
+
exports.resolveJwsAlgorithm = resolveJwsAlgorithm;
|
|
10
|
+
exports.toNativeGenerateJWSOptions = toNativeGenerateJWSOptions;
|
|
11
|
+
exports.toNativeJwsFetchOptions = toNativeJwsFetchOptions;
|
|
12
|
+
exports.validateJwsAlgorithm = validateJwsAlgorithm;
|
|
13
|
+
exports.validateJwsHeaderKey = validateJwsHeaderKey;
|
|
14
|
+
exports.validateJwsHeaderValue = validateJwsHeaderValue;
|
|
15
|
+
exports.validateJwsHeaders = validateJwsHeaders;
|
|
16
|
+
exports.validateJwsSecret = validateJwsSecret;
|
|
17
|
+
const SUPPORTED_ALGORITHMS = ['HS256', 'HS384', 'HS512'];
|
|
18
|
+
const SAFE_HEADER_KEY = /^[a-zA-Z][a-zA-Z0-9_-]*$/;
|
|
19
|
+
function isEmptyJwsPayload(payload) {
|
|
20
|
+
return payload === undefined || payload === null || typeof payload === 'string' && payload.length === 0;
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* Normalizes a JWS payload to the exact UTF-8 string used for signing.
|
|
25
|
+
* Empty payload cases return an empty string (never "null" or "undefined").
|
|
26
|
+
*/
|
|
27
|
+
function normalizeJwsPayload(payload) {
|
|
28
|
+
if (isEmptyJwsPayload(payload)) {
|
|
29
|
+
return '';
|
|
30
|
+
}
|
|
31
|
+
if (typeof payload === 'string') {
|
|
32
|
+
return payload;
|
|
33
|
+
}
|
|
34
|
+
if (typeof payload === 'number' || typeof payload === 'boolean') {
|
|
35
|
+
return JSON.stringify(payload);
|
|
36
|
+
}
|
|
37
|
+
return JSON.stringify(payload);
|
|
38
|
+
}
|
|
39
|
+
function validateJwsAlgorithm(algorithm) {
|
|
40
|
+
if (!algorithm) {
|
|
41
|
+
return 'HS256';
|
|
42
|
+
}
|
|
43
|
+
if (!SUPPORTED_ALGORITHMS.includes(algorithm)) {
|
|
44
|
+
throw new Error(`Unsupported JWS algorithm: ${algorithm}`);
|
|
45
|
+
}
|
|
46
|
+
return algorithm;
|
|
47
|
+
}
|
|
48
|
+
function validateJwsSecret(secret) {
|
|
49
|
+
if (typeof secret !== 'string' || secret.trim().length === 0) {
|
|
50
|
+
throw new Error('JWS secret is required and must be a non-empty string');
|
|
51
|
+
}
|
|
52
|
+
return secret;
|
|
53
|
+
}
|
|
54
|
+
function validateJwsHeaderKey(key) {
|
|
55
|
+
if (!SAFE_HEADER_KEY.test(key)) {
|
|
56
|
+
throw new Error(`Invalid JWS header key: ${key}`);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function validateJwsHeaderValue(key, value) {
|
|
60
|
+
if (value === null || typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean') {
|
|
61
|
+
if (typeof value === 'string' && value.length > 0) {
|
|
62
|
+
for (let i = 0; i < value.length; i++) {
|
|
63
|
+
const code = value.charCodeAt(i);
|
|
64
|
+
if (code < 0x20 || code > 0x7e) {
|
|
65
|
+
throw new Error(`Invalid JWS header value for key: ${key}`);
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
return value;
|
|
70
|
+
}
|
|
71
|
+
throw new Error(`JWS header values must be JSON-serializable primitives: ${key}`);
|
|
72
|
+
}
|
|
73
|
+
function validateJwsHeaders(headers) {
|
|
74
|
+
if (headers === undefined || headers === null) {
|
|
75
|
+
return {};
|
|
76
|
+
}
|
|
77
|
+
if (typeof headers !== 'object' || Array.isArray(headers)) {
|
|
78
|
+
throw new Error('JWS headers must be an object when provided');
|
|
79
|
+
}
|
|
80
|
+
const result = {};
|
|
81
|
+
for (const [key, value] of Object.entries(headers)) {
|
|
82
|
+
validateJwsHeaderKey(key);
|
|
83
|
+
result[key] = validateJwsHeaderValue(key, value);
|
|
84
|
+
}
|
|
85
|
+
return result;
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
/**
|
|
89
|
+
* Resolves the JWS algorithm from options and/or protected headers.
|
|
90
|
+
*/
|
|
91
|
+
function resolveJwsAlgorithm(algorithm, headers) {
|
|
92
|
+
const headerAlg = headers.alg !== undefined && headers.alg !== null ? String(headers.alg) : undefined;
|
|
93
|
+
if (algorithm && headerAlg && algorithm !== headerAlg) {
|
|
94
|
+
throw new Error('JWS algorithm mismatch: options.algorithm and headers.alg must match');
|
|
95
|
+
}
|
|
96
|
+
if (algorithm) {
|
|
97
|
+
return validateJwsAlgorithm(algorithm);
|
|
98
|
+
}
|
|
99
|
+
if (headerAlg) {
|
|
100
|
+
return validateJwsAlgorithm(headerAlg);
|
|
101
|
+
}
|
|
102
|
+
return 'HS256';
|
|
103
|
+
}
|
|
104
|
+
function toNativeGenerateJWSOptions(options, detached = false) {
|
|
105
|
+
const secret = validateJwsSecret(options.secret);
|
|
106
|
+
const headers = validateJwsHeaders(options.headers);
|
|
107
|
+
const algorithm = resolveJwsAlgorithm(options.algorithm, headers);
|
|
108
|
+
const payload = normalizeJwsPayload(options.payload);
|
|
109
|
+
return {
|
|
110
|
+
payload,
|
|
111
|
+
algorithm,
|
|
112
|
+
secret,
|
|
113
|
+
headers: {
|
|
114
|
+
...headers,
|
|
115
|
+
alg: algorithm
|
|
116
|
+
},
|
|
117
|
+
detached
|
|
118
|
+
};
|
|
119
|
+
}
|
|
120
|
+
function toNativeJwsFetchOptions(jws) {
|
|
121
|
+
const secret = validateJwsSecret(jws.secret);
|
|
122
|
+
const headers = validateJwsHeaders(jws.headers);
|
|
123
|
+
const algorithm = resolveJwsAlgorithm(jws.algorithm, headers);
|
|
124
|
+
return {
|
|
125
|
+
payload: normalizeJwsPayload(jws.payload),
|
|
126
|
+
algorithm,
|
|
127
|
+
secret,
|
|
128
|
+
headers: {
|
|
129
|
+
...headers,
|
|
130
|
+
alg: algorithm
|
|
131
|
+
},
|
|
132
|
+
detached: jws.detached ?? false
|
|
133
|
+
};
|
|
134
|
+
}
|
|
135
|
+
function assertCompactJwsShape(jws) {
|
|
136
|
+
const segments = jws.split('.');
|
|
137
|
+
if (segments.length !== 3) {
|
|
138
|
+
throw new Error(`Invalid compact JWS: expected 3 segments, got ${segments.length}`);
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
//# sourceMappingURL=jws.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["SUPPORTED_ALGORITHMS","SAFE_HEADER_KEY","isEmptyJwsPayload","payload","undefined","length","normalizeJwsPayload","JSON","stringify","validateJwsAlgorithm","algorithm","includes","Error","validateJwsSecret","secret","trim","validateJwsHeaderKey","key","test","validateJwsHeaderValue","value","i","code","charCodeAt","validateJwsHeaders","headers","Array","isArray","result","Object","entries","resolveJwsAlgorithm","headerAlg","alg","String","toNativeGenerateJWSOptions","options","detached","toNativeJwsFetchOptions","jws","assertCompactJwsShape","segments","split"],"sourceRoot":"../../src","sources":["jws.ts"],"mappings":";;;;;;;;;;;;;;;;AAeA,MAAMA,oBAA6C,GAAG,CACpD,OAAO,EACP,OAAO,EACP,OAAO,CACR;AAED,MAAMC,eAAe,GAAG,0BAA0B;AAkB3C,SAASC,iBAAiBA,CAACC,OAA+B,EAAW;EAC1E,OACEA,OAAO,KAAKC,SAAS,IACrBD,OAAO,KAAK,IAAI,IACf,OAAOA,OAAO,KAAK,QAAQ,IAAIA,OAAO,CAACE,MAAM,KAAK,CAAE;AAEzD;;AAEA;AACA;AACA;AACA;AACO,SAASC,mBAAmBA,CAACH,OAA+B,EAAU;EAC3E,IAAID,iBAAiB,CAACC,OAAO,CAAC,EAAE;IAC9B,OAAO,EAAE;EACX;EAEA,IAAI,OAAOA,OAAO,KAAK,QAAQ,EAAE;IAC/B,OAAOA,OAAO;EAChB;EAEA,IAAI,OAAOA,OAAO,KAAK,QAAQ,IAAI,OAAOA,OAAO,KAAK,SAAS,EAAE;IAC/D,OAAOI,IAAI,CAACC,SAAS,CAACL,OAAO,CAAC;EAChC;EAEA,OAAOI,IAAI,CAACC,SAAS,CAACL,OAAO,CAAC;AAChC;AAEO,SAASM,oBAAoBA,CAClCC,SAA6B,EACf;EACd,IAAI,CAACA,SAAS,EAAE;IACd,OAAO,OAAO;EAChB;EACA,IAAI,CAACV,oBAAoB,CAACW,QAAQ,CAACD,SAAyB,CAAC,EAAE;IAC7D,MAAM,IAAIE,KAAK,CAAC,8BAA8BF,SAAS,EAAE,CAAC;EAC5D;EACA,OAAOA,SAAS;AAClB;AAEO,SAASG,iBAAiBA,CAACC,MAAe,EAAU;EACzD,IAAI,OAAOA,MAAM,KAAK,QAAQ,IAAIA,MAAM,CAACC,IAAI,CAAC,CAAC,CAACV,MAAM,KAAK,CAAC,EAAE;IAC5D,MAAM,IAAIO,KAAK,CAAC,uDAAuD,CAAC;EAC1E;EACA,OAAOE,MAAM;AACf;AAEO,SAASE,oBAAoBA,CAACC,GAAW,EAAQ;EACtD,IAAI,CAAChB,eAAe,CAACiB,IAAI,CAACD,GAAG,CAAC,EAAE;IAC9B,MAAM,IAAIL,KAAK,CAAC,2BAA2BK,GAAG,EAAE,CAAC;EACnD;AACF;AAEO,SAASE,sBAAsBA,CACpCF,GAAW,EACXG,KAAc,EACE;EAChB,IACEA,KAAK,KAAK,IAAI,IACd,OAAOA,KAAK,KAAK,QAAQ,IACzB,OAAOA,KAAK,KAAK,QAAQ,IACzB,OAAOA,KAAK,KAAK,SAAS,EAC1B;IACA,IAAI,OAAOA,KAAK,KAAK,QAAQ,IAAIA,KAAK,CAACf,MAAM,GAAG,CAAC,EAAE;MACjD,KAAK,IAAIgB,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGD,KAAK,CAACf,MAAM,EAAEgB,CAAC,EAAE,EAAE;QACrC,MAAMC,IAAI,GAAGF,KAAK,CAACG,UAAU,CAACF,CAAC,CAAC;QAChC,IAAIC,IAAI,GAAG,IAAI,IAAIA,IAAI,GAAG,IAAI,EAAE;UAC9B,MAAM,IAAIV,KAAK,CAAC,qCAAqCK,GAAG,EAAE,CAAC;QAC7D;MACF;IACF;IACA,OAAOG,KAAK;EACd;EAEA,MAAM,IAAIR,KAAK,CACb,2DAA2DK,GAAG,EAChE,CAAC;AACH;AAEO,SAASO,kBAAkBA,CAACC,OAAgB,EAAc;EAC/D,IAAIA,OAAO,KAAKrB,SAAS,IAAIqB,OAAO,KAAK,IAAI,EAAE;IAC7C,OAAO,CAAC,CAAC;EACX;EACA,IAAI,OAAOA,OAAO,KAAK,QAAQ,IAAIC,KAAK,CAACC,OAAO,CAACF,OAAO,CAAC,EAAE;IACzD,MAAM,IAAIb,KAAK,CAAC,6CAA6C,CAAC;EAChE;EAEA,MAAMgB,MAAkB,GAAG,CAAC,CAAC;EAC7B,KAAK,MAAM,CAACX,GAAG,EAAEG,KAAK,CAAC,IAAIS,MAAM,CAACC,OAAO,CAACL,OAAkC,CAAC,EAAE;IAC7ET,oBAAoB,CAACC,GAAG,CAAC;IACzBW,MAAM,CAACX,GAAG,CAAC,GAAGE,sBAAsB,CAACF,GAAG,EAAEG,KAAK,CAAC;EAClD;EACA,OAAOQ,MAAM;AACf;;AAEA;AACA;AACA;AACO,SAASG,mBAAmBA,CACjCrB,SAAmC,EACnCe,OAAmB,EACL;EACd,MAAMO,SAAS,GACbP,OAAO,CAACQ,GAAG,KAAK7B,SAAS,IAAIqB,OAAO,CAACQ,GAAG,KAAK,IAAI,GAC7CC,MAAM,CAACT,OAAO,CAACQ,GAAG,CAAC,GACnB7B,SAAS;EAEf,IAAIM,SAAS,IAAIsB,SAAS,IAAItB,SAAS,KAAKsB,SAAS,EAAE;IACrD,MAAM,IAAIpB,KAAK,CACb,sEACF,CAAC;EACH;EAEA,IAAIF,SAAS,EAAE;IACb,OAAOD,oBAAoB,CAACC,SAAS,CAAC;EACxC;EAEA,IAAIsB,SAAS,EAAE;IACb,OAAOvB,oBAAoB,CAACuB,SAAS,CAAC;EACxC;EAEA,OAAO,OAAO;AAChB;AAUO,SAASG,0BAA0BA,CACxCC,OAA2B,EAC3BC,QAAQ,GAAG,KAAK,EACU;EAC1B,MAAMvB,MAAM,GAAGD,iBAAiB,CAACuB,OAAO,CAACtB,MAAM,CAAC;EAChD,MAAMW,OAAO,GAAGD,kBAAkB,CAACY,OAAO,CAACX,OAAO,CAAC;EACnD,MAAMf,SAAS,GAAGqB,mBAAmB,CAACK,OAAO,CAAC1B,SAAS,EAAEe,OAAO,CAAC;EACjE,MAAMtB,OAAO,GAAGG,mBAAmB,CAAC8B,OAAO,CAACjC,OAAO,CAAC;EAEpD,OAAO;IACLA,OAAO;IACPO,SAAS;IACTI,MAAM;IACNW,OAAO,EAAE;MAAE,GAAGA,OAAO;MAAEQ,GAAG,EAAEvB;IAAU,CAAC;IACvC2B;EACF,CAAC;AACH;AAEO,SAASC,uBAAuBA,CACrCC,GAAoB,EACM;EAC1B,MAAMzB,MAAM,GAAGD,iBAAiB,CAAC0B,GAAG,CAACzB,MAAM,CAAC;EAC5C,MAAMW,OAAO,GAAGD,kBAAkB,CAACe,GAAG,CAACd,OAAO,CAAC;EAC/C,MAAMf,SAAS,GAAGqB,mBAAmB,CAACQ,GAAG,CAAC7B,SAAS,EAAEe,OAAO,CAAC;EAE7D,OAAO;IACLtB,OAAO,EAAEG,mBAAmB,CAACiC,GAAG,CAACpC,OAAO,CAAC;IACzCO,SAAS;IACTI,MAAM;IACNW,OAAO,EAAE;MAAE,GAAGA,OAAO;MAAEQ,GAAG,EAAEvB;IAAU,CAAC;IACvC2B,QAAQ,EAAEE,GAAG,CAACF,QAAQ,IAAI;EAC5B,CAAC;AACH;AAEO,SAASG,qBAAqBA,CAACD,GAAW,EAAQ;EACvD,MAAME,QAAQ,GAAGF,GAAG,CAACG,KAAK,CAAC,GAAG,CAAC;EAC/B,IAAID,QAAQ,CAACpC,MAAM,KAAK,CAAC,EAAE;IACzB,MAAM,IAAIO,KAAK,CACb,iDAAiD6B,QAAQ,CAACpC,MAAM,EAClE,CAAC;EACH;AACF","ignoreList":[]}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.toNativeCryptoOptions = toNativeCryptoOptions;
|
|
7
|
+
/** Shared crypto option types used by legacy exports and the Crypto namespace. */
|
|
8
|
+
|
|
9
|
+
function toNativeCryptoOptions(options) {
|
|
10
|
+
return {
|
|
11
|
+
keyAgreementAlgorithm: options?.keyAgreementAlgorithm ?? 'X25519',
|
|
12
|
+
keyFactoryAlgorithm: options?.keyType ?? options?.keyFactoryAlgorithm ?? 'OKP',
|
|
13
|
+
encryptionKeyAlgorithm: options?.encryptionKeyAlgorithm ?? 'AES-256',
|
|
14
|
+
hmacKeyAlgorithm: options?.hmacAlgorithm ?? options?.hmacKeyAlgorithm ?? 'HMAC-SHA-512',
|
|
15
|
+
cipherTransformation: options?.cipher ?? options?.cipherTransformation ?? 'AES-GCM',
|
|
16
|
+
gcmTagLength: options?.tagLength ?? options?.gcmTagLength ?? 128,
|
|
17
|
+
gcmIvLength: options?.ivLength ?? options?.gcmIvLength ?? 12
|
|
18
|
+
};
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=cryptoOptions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["toNativeCryptoOptions","options","keyAgreementAlgorithm","keyFactoryAlgorithm","keyType","encryptionKeyAlgorithm","hmacKeyAlgorithm","hmacAlgorithm","cipherTransformation","cipher","gcmTagLength","tagLength","gcmIvLength","ivLength"],"sourceRoot":"../../../src","sources":["legacy/cryptoOptions.ts"],"mappings":";;;;;;AAAA;;AAsCO,SAASA,qBAAqBA,CAACC,OAA8B,EAAE;EACpE,OAAO;IACLC,qBAAqB,EAAED,OAAO,EAAEC,qBAAqB,IAAI,QAAQ;IACjEC,mBAAmB,EAAEF,OAAO,EAAEG,OAAO,IAAIH,OAAO,EAAEE,mBAAmB,IAAI,KAAK;IAC9EE,sBAAsB,EAAEJ,OAAO,EAAEI,sBAAsB,IAAI,SAAS;IACpEC,gBAAgB,EAAEL,OAAO,EAAEM,aAAa,IAAIN,OAAO,EAAEK,gBAAgB,IAAI,cAAc;IACvFE,oBAAoB,EAAEP,OAAO,EAAEQ,MAAM,IAAIR,OAAO,EAAEO,oBAAoB,IAAI,SAAS;IACnFE,YAAY,EAAET,OAAO,EAAEU,SAAS,IAAIV,OAAO,EAAES,YAAY,IAAI,GAAG;IAChEE,WAAW,EAAEX,OAAO,EAAEY,QAAQ,IAAIZ,OAAO,EAAEW,WAAW,IAAI;EAC5D,CAAC;AACH","ignoreList":[]}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.getNativeModule = getNativeModule;
|
|
7
|
+
var _reactNative = require("react-native");
|
|
8
|
+
const LINKING_ERROR = `The package 'react-native-security-suite' doesn't seem to be linked. Make sure: \n\n` + _reactNative.Platform.select({
|
|
9
|
+
ios: "- You have run 'pod install'\n",
|
|
10
|
+
default: ''
|
|
11
|
+
}) + '- You rebuilt the app after installing the package\n' + '- You are not using Expo managed workflow\n';
|
|
12
|
+
function getNativeModule() {
|
|
13
|
+
const module = _reactNative.NativeModules.SecuritySuite;
|
|
14
|
+
if (module) {
|
|
15
|
+
return module;
|
|
16
|
+
}
|
|
17
|
+
return new Proxy({}, {
|
|
18
|
+
get() {
|
|
19
|
+
throw new Error(LINKING_ERROR);
|
|
20
|
+
}
|
|
21
|
+
});
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=bridge.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_reactNative","require","LINKING_ERROR","Platform","select","ios","default","getNativeModule","module","NativeModules","SecuritySuite","Proxy","get","Error"],"sourceRoot":"../../../src","sources":["native/bridge.ts"],"mappings":";;;;;;AAAA,IAAAA,YAAA,GAAAC,OAAA;AAEA,MAAMC,aAAa,GACjB,sFAAsF,GACtFC,qBAAQ,CAACC,MAAM,CAAC;EAAEC,GAAG,EAAE,gCAAgC;EAAEC,OAAO,EAAE;AAAG,CAAC,CAAC,GACvE,sDAAsD,GACtD,6CAA6C;AAgBxC,SAASC,eAAeA,CAAA,EAA8B;EAC3D,MAAMC,MAAM,GAAGC,0BAAa,CAACC,aAEhB;EAEb,IAAIF,MAAM,EAAE;IACV,OAAOA,MAAM;EACf;EAEA,OAAO,IAAIG,KAAK,CAAC,CAAC,CAAC,EAA+B;IAChDC,GAAGA,CAAA,EAAG;MACJ,MAAM,IAAIC,KAAK,CAACX,aAAa,CAAC;IAChC;EACF,CAAC,CAAC;AACJ","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../../src","sources":["network/index.ts"],"mappings":"AAAA;AAAA","ignoreList":[]}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.computeRiskScore = computeRiskScore;
|
|
7
|
+
function computeRiskScore(input) {
|
|
8
|
+
let riskScore = 0;
|
|
9
|
+
if (input.isRooted || input.isJailbroken) {
|
|
10
|
+
riskScore += 40;
|
|
11
|
+
}
|
|
12
|
+
if (input.runtime.fridaDetected) {
|
|
13
|
+
riskScore += 40;
|
|
14
|
+
}
|
|
15
|
+
if (input.runtime.xposedDetected) {
|
|
16
|
+
riskScore += 40;
|
|
17
|
+
}
|
|
18
|
+
if (input.runtime.substrateDetected) {
|
|
19
|
+
riskScore += 40;
|
|
20
|
+
}
|
|
21
|
+
if (input.runtime.debuggerAttached) {
|
|
22
|
+
riskScore += 20;
|
|
23
|
+
}
|
|
24
|
+
if (input.environment.isEmulator || input.environment.isSimulator) {
|
|
25
|
+
riskScore += 20;
|
|
26
|
+
}
|
|
27
|
+
if (input.app.tampered) {
|
|
28
|
+
riskScore += 50;
|
|
29
|
+
}
|
|
30
|
+
const riskLevel = riskScore >= 70 ? 'high' : riskScore >= 30 ? 'medium' : 'low';
|
|
31
|
+
return {
|
|
32
|
+
riskScore: Math.min(100, riskScore),
|
|
33
|
+
riskLevel
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=score.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["computeRiskScore","input","riskScore","isRooted","isJailbroken","runtime","fridaDetected","xposedDetected","substrateDetected","debuggerAttached","environment","isEmulator","isSimulator","app","tampered","riskLevel","Math","min"],"sourceRoot":"../../../src","sources":["risk/score.ts"],"mappings":";;;;;;AAOO,SAASA,gBAAgBA,CAACC,KAMhC,EAA+C;EAC9C,IAAIC,SAAS,GAAG,CAAC;EAEjB,IAAID,KAAK,CAACE,QAAQ,IAAIF,KAAK,CAACG,YAAY,EAAE;IACxCF,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACI,OAAO,CAACC,aAAa,EAAE;IAC/BJ,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACI,OAAO,CAACE,cAAc,EAAE;IAChCL,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACI,OAAO,CAACG,iBAAiB,EAAE;IACnCN,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACI,OAAO,CAACI,gBAAgB,EAAE;IAClCP,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACS,WAAW,CAACC,UAAU,IAAIV,KAAK,CAACS,WAAW,CAACE,WAAW,EAAE;IACjEV,SAAS,IAAI,EAAE;EACjB;EAEA,IAAID,KAAK,CAACY,GAAG,CAACC,QAAQ,EAAE;IACtBZ,SAAS,IAAI,EAAE;EACjB;EAEA,MAAMa,SAAoB,GACxBb,SAAS,IAAI,EAAE,GAAG,MAAM,GAAGA,SAAS,IAAI,EAAE,GAAG,QAAQ,GAAG,KAAK;EAE/D,OAAO;IAAEA,SAAS,EAAEc,IAAI,CAACC,GAAG,CAAC,GAAG,EAAEf,SAAS,CAAC;IAAEa;EAAU,CAAC;AAC3D","ignoreList":[]}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.RuntimeSecurity = void 0;
|
|
7
|
+
var _bridge = require("../native/bridge.js");
|
|
8
|
+
function parseRuntimeReport(raw) {
|
|
9
|
+
const report = {
|
|
10
|
+
debuggerAttached: Boolean(raw.debuggerAttached),
|
|
11
|
+
fridaDetected: Boolean(raw.fridaDetected),
|
|
12
|
+
suspiciousLibraries: Array.isArray(raw.suspiciousLibraries) ? raw.suspiciousLibraries.filter(item => typeof item === 'string') : [],
|
|
13
|
+
suspiciousPorts: Array.isArray(raw.suspiciousPorts) ? raw.suspiciousPorts.filter(item => typeof item === 'number') : []
|
|
14
|
+
};
|
|
15
|
+
if (raw.xposedDetected !== undefined) {
|
|
16
|
+
report.xposedDetected = Boolean(raw.xposedDetected);
|
|
17
|
+
}
|
|
18
|
+
if (raw.substrateDetected !== undefined) {
|
|
19
|
+
report.substrateDetected = Boolean(raw.substrateDetected);
|
|
20
|
+
}
|
|
21
|
+
if (raw.magiskDetected !== undefined) {
|
|
22
|
+
report.magiskDetected = Boolean(raw.magiskDetected);
|
|
23
|
+
}
|
|
24
|
+
return report;
|
|
25
|
+
}
|
|
26
|
+
const RuntimeSecurity = exports.RuntimeSecurity = {
|
|
27
|
+
detect() {
|
|
28
|
+
return (0, _bridge.getNativeModule)().runtimeDetect().then(result => parseRuntimeReport(result));
|
|
29
|
+
}
|
|
30
|
+
};
|
|
31
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_bridge","require","parseRuntimeReport","raw","report","debuggerAttached","Boolean","fridaDetected","suspiciousLibraries","Array","isArray","filter","item","suspiciousPorts","xposedDetected","undefined","substrateDetected","magiskDetected","RuntimeSecurity","exports","detect","getNativeModule","runtimeDetect","then","result"],"sourceRoot":"../../../src","sources":["runtime/index.ts"],"mappings":";;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AAGA,SAASC,kBAAkBA,CAACC,GAA4B,EAAuB;EAC7E,MAAMC,MAA2B,GAAG;IAClCC,gBAAgB,EAAEC,OAAO,CAACH,GAAG,CAACE,gBAAgB,CAAC;IAC/CE,aAAa,EAAED,OAAO,CAACH,GAAG,CAACI,aAAa,CAAC;IACzCC,mBAAmB,EAAEC,KAAK,CAACC,OAAO,CAACP,GAAG,CAACK,mBAAmB,CAAC,GACvDL,GAAG,CAACK,mBAAmB,CAACG,MAAM,CAC3BC,IAAI,IAAqB,OAAOA,IAAI,KAAK,QAC5C,CAAC,GACD,EAAE;IACNC,eAAe,EAAEJ,KAAK,CAACC,OAAO,CAACP,GAAG,CAACU,eAAe,CAAC,GAC/CV,GAAG,CAACU,eAAe,CAACF,MAAM,CACvBC,IAAI,IAAqB,OAAOA,IAAI,KAAK,QAC5C,CAAC,GACD;EACN,CAAC;EAED,IAAIT,GAAG,CAACW,cAAc,KAAKC,SAAS,EAAE;IACpCX,MAAM,CAACU,cAAc,GAAGR,OAAO,CAACH,GAAG,CAACW,cAAc,CAAC;EACrD;EAEA,IAAIX,GAAG,CAACa,iBAAiB,KAAKD,SAAS,EAAE;IACvCX,MAAM,CAACY,iBAAiB,GAAGV,OAAO,CAACH,GAAG,CAACa,iBAAiB,CAAC;EAC3D;EAEA,IAAIb,GAAG,CAACc,cAAc,KAAKF,SAAS,EAAE;IACpCX,MAAM,CAACa,cAAc,GAAGX,OAAO,CAACH,GAAG,CAACc,cAAc,CAAC;EACrD;EAEA,OAAOb,MAAM;AACf;AAEO,MAAMc,eAAe,GAAAC,OAAA,CAAAD,eAAA,GAAG;EAC7BE,MAAMA,CAAA,EAAiC;IACrC,OAAO,IAAAC,uBAAe,EAAC,CAAC,CACrBC,aAAa,CAAC,CAAC,CACfC,IAAI,CAAEC,MAAM,IAAKtB,kBAAkB,CAACsB,MAAM,CAAC,CAAC;EACjD;AACF,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
Object.defineProperty(exports, "SecureView", {
|
|
7
|
+
enumerable: true,
|
|
8
|
+
get: function () {
|
|
9
|
+
return _SecureView.SecureView;
|
|
10
|
+
}
|
|
11
|
+
});
|
|
12
|
+
var _SecureView = require("../SecureView.js");
|
|
13
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_SecureView","require"],"sourceRoot":"../../../src","sources":["screen/index.ts"],"mappings":";;;;;;;;;;;AACA,IAAAA,WAAA,GAAAC,OAAA","ignoreList":[]}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
Object.defineProperty(exports, "__esModule", {
|
|
4
|
+
value: true
|
|
5
|
+
});
|
|
6
|
+
exports.SecuritySuite = void 0;
|
|
7
|
+
var _reactNative = require("react-native");
|
|
8
|
+
var _index = require("../integrity/index.js");
|
|
9
|
+
var _index2 = require("../device/index.js");
|
|
10
|
+
var _index3 = require("../runtime/index.js");
|
|
11
|
+
var _score = require("../risk/score.js");
|
|
12
|
+
const SecuritySuite = exports.SecuritySuite = {
|
|
13
|
+
async getSecurityReport() {
|
|
14
|
+
const [runtime, app, environment, isCompromised] = await Promise.all([_index3.RuntimeSecurity.detect(), _index.AppIntegrity.verify(), _index2.DeviceSecurity.getEnvironment(), _index2.DeviceSecurity.isCompromised()]);
|
|
15
|
+
const isRooted = _reactNative.Platform.OS === 'android' && isCompromised;
|
|
16
|
+
const isJailbroken = _reactNative.Platform.OS === 'ios' && isCompromised;
|
|
17
|
+
const {
|
|
18
|
+
riskScore,
|
|
19
|
+
riskLevel
|
|
20
|
+
} = (0, _score.computeRiskScore)({
|
|
21
|
+
isRooted,
|
|
22
|
+
isJailbroken,
|
|
23
|
+
runtime,
|
|
24
|
+
app,
|
|
25
|
+
environment
|
|
26
|
+
});
|
|
27
|
+
return {
|
|
28
|
+
device: {
|
|
29
|
+
isRooted,
|
|
30
|
+
isJailbroken,
|
|
31
|
+
isEmulator: environment.isEmulator,
|
|
32
|
+
isSimulator: environment.isSimulator,
|
|
33
|
+
environmentIndicators: environment.indicators
|
|
34
|
+
},
|
|
35
|
+
runtime,
|
|
36
|
+
app,
|
|
37
|
+
riskScore,
|
|
38
|
+
riskLevel
|
|
39
|
+
};
|
|
40
|
+
}
|
|
41
|
+
};
|
|
42
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["_reactNative","require","_index","_index2","_index3","_score","SecuritySuite","exports","getSecurityReport","runtime","app","environment","isCompromised","Promise","all","RuntimeSecurity","detect","AppIntegrity","verify","DeviceSecurity","getEnvironment","isRooted","Platform","OS","isJailbroken","riskScore","riskLevel","computeRiskScore","device","isEmulator","isSimulator","environmentIndicators","indicators"],"sourceRoot":"../../../src","sources":["securitySuite/index.ts"],"mappings":";;;;;;AAAA,IAAAA,YAAA,GAAAC,OAAA;AAEA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AAGO,MAAMK,aAAa,GAAAC,OAAA,CAAAD,aAAA,GAAG;EAC3B,MAAME,iBAAiBA,CAAA,EAA4B;IACjD,MAAM,CAACC,OAAO,EAAEC,GAAG,EAAEC,WAAW,EAAEC,aAAa,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CACnEC,uBAAe,CAACC,MAAM,CAAC,CAAC,EACxBC,mBAAY,CAACC,MAAM,CAAC,CAAC,EACrBC,sBAAc,CAACC,cAAc,CAAC,CAAC,EAC/BD,sBAAc,CAACP,aAAa,CAAC,CAAC,CAC/B,CAAC;IAEF,MAAMS,QAAQ,GAAGC,qBAAQ,CAACC,EAAE,KAAK,SAAS,IAAIX,aAAa;IAC3D,MAAMY,YAAY,GAAGF,qBAAQ,CAACC,EAAE,KAAK,KAAK,IAAIX,aAAa;IAE3D,MAAM;MAAEa,SAAS;MAAEC;IAAU,CAAC,GAAG,IAAAC,uBAAgB,EAAC;MAChDN,QAAQ;MACRG,YAAY;MACZf,OAAO;MACPC,GAAG;MACHC;IACF,CAAC,CAAC;IAEF,OAAO;MACLiB,MAAM,EAAE;QACNP,QAAQ;QACRG,YAAY;QACZK,UAAU,EAAElB,WAAW,CAACkB,UAAU;QAClCC,WAAW,EAAEnB,WAAW,CAACmB,WAAW;QACpCC,qBAAqB,EAAEpB,WAAW,CAACqB;MACrC,CAAC;MACDvB,OAAO;MACPC,GAAG;MACHe,SAAS;MACTC;IACF,CAAC;EACH;AACF,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../../src","sources":["storage/index.ts"],"mappings":"AAAA;AAAA","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../../src","sources":["types/detection.ts"],"mappings":"","ignoreList":[]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":[],"sourceRoot":"../../../src","sources":["clipboard/index.ts"],"mappings":"AAAA;AAAA","ignoreList":[]}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
import { getNativeModule } from "../native/bridge.js";
|
|
4
|
+
function toNativeCryptoOptions(options) {
|
|
5
|
+
return {
|
|
6
|
+
keyAgreementAlgorithm: options?.keyAgreementAlgorithm ?? 'X25519',
|
|
7
|
+
keyFactoryAlgorithm: options?.keyType ?? options?.keyFactoryAlgorithm ?? 'OKP',
|
|
8
|
+
encryptionKeyAlgorithm: options?.encryptionKeyAlgorithm ?? 'AES-256',
|
|
9
|
+
hmacKeyAlgorithm: options?.hmacAlgorithm ?? options?.hmacKeyAlgorithm ?? 'HMAC-SHA-512',
|
|
10
|
+
cipherTransformation: options?.cipher ?? options?.cipherTransformation ?? 'AES-GCM',
|
|
11
|
+
gcmTagLength: options?.tagLength ?? options?.gcmTagLength ?? 128,
|
|
12
|
+
gcmIvLength: options?.ivLength ?? options?.gcmIvLength ?? 12
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
export const Crypto = {
|
|
16
|
+
getPublicKey() {
|
|
17
|
+
return getNativeModule().getPublicKey();
|
|
18
|
+
},
|
|
19
|
+
/**
|
|
20
|
+
* Derives a shared encryption key natively without returning it to JavaScript.
|
|
21
|
+
* Call `encryptBySharedKey` / `decryptBySharedKey` afterward (legacy bridge methods).
|
|
22
|
+
*/
|
|
23
|
+
establishSharedKey(serverPublicKey, options) {
|
|
24
|
+
const native = getNativeModule();
|
|
25
|
+
const nativeOptions = toNativeCryptoOptions(options);
|
|
26
|
+
if (options?.returnSharedKey) {
|
|
27
|
+
return native.getSharedKey(serverPublicKey, nativeOptions);
|
|
28
|
+
}
|
|
29
|
+
if (typeof native.establishSharedKey === 'function') {
|
|
30
|
+
return native.establishSharedKey(serverPublicKey, nativeOptions);
|
|
31
|
+
}
|
|
32
|
+
return native.getSharedKey(serverPublicKey, nativeOptions).then(() => undefined);
|
|
33
|
+
}
|
|
34
|
+
};
|
|
35
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["getNativeModule","toNativeCryptoOptions","options","keyAgreementAlgorithm","keyFactoryAlgorithm","keyType","encryptionKeyAlgorithm","hmacKeyAlgorithm","hmacAlgorithm","cipherTransformation","cipher","gcmTagLength","tagLength","gcmIvLength","ivLength","Crypto","getPublicKey","establishSharedKey","serverPublicKey","native","nativeOptions","returnSharedKey","getSharedKey","then","undefined"],"sourceRoot":"../../../src","sources":["crypto/index.ts"],"mappings":";;AAAA,SAASA,eAAe,QAAQ,qBAAkB;AAGlD,SAASC,qBAAqBA,CAACC,OAA8B,EAAE;EAC7D,OAAO;IACLC,qBAAqB,EAAED,OAAO,EAAEC,qBAAqB,IAAI,QAAQ;IACjEC,mBAAmB,EAAEF,OAAO,EAAEG,OAAO,IAAIH,OAAO,EAAEE,mBAAmB,IAAI,KAAK;IAC9EE,sBAAsB,EAAEJ,OAAO,EAAEI,sBAAsB,IAAI,SAAS;IACpEC,gBAAgB,EAAEL,OAAO,EAAEM,aAAa,IAAIN,OAAO,EAAEK,gBAAgB,IAAI,cAAc;IACvFE,oBAAoB,EAAEP,OAAO,EAAEQ,MAAM,IAAIR,OAAO,EAAEO,oBAAoB,IAAI,SAAS;IACnFE,YAAY,EAAET,OAAO,EAAEU,SAAS,IAAIV,OAAO,EAAES,YAAY,IAAI,GAAG;IAChEE,WAAW,EAAEX,OAAO,EAAEY,QAAQ,IAAIZ,OAAO,EAAEW,WAAW,IAAI;EAC5D,CAAC;AACH;AAOA,OAAO,MAAME,MAAM,GAAG;EACpBC,YAAYA,CAAA,EAAoB;IAC9B,OAAOhB,eAAe,CAAC,CAAC,CAACgB,YAAY,CAAC,CAAC;EACzC,CAAC;EAED;AACF;AACA;AACA;EACEC,kBAAkBA,CAChBC,eAAuB,EACvBhB,OAAmC,EACX;IACxB,MAAMiB,MAAM,GAAGnB,eAAe,CAAC,CAAC;IAChC,MAAMoB,aAAa,GAAGnB,qBAAqB,CAACC,OAAO,CAAC;IAEpD,IAAIA,OAAO,EAAEmB,eAAe,EAAE;MAC5B,OAAOF,MAAM,CAACG,YAAY,CAACJ,eAAe,EAAEE,aAAa,CAAC;IAC5D;IAEA,IAAI,OAAOD,MAAM,CAACF,kBAAkB,KAAK,UAAU,EAAE;MACnD,OAAOE,MAAM,CAACF,kBAAkB,CAACC,eAAe,EAAEE,aAAa,CAAC;IAClE;IAEA,OAAOD,MAAM,CAACG,YAAY,CAACJ,eAAe,EAAEE,aAAa,CAAC,CAACG,IAAI,CAAC,MAAMC,SAAS,CAAC;EAClF;AACF,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
import { Platform } from 'react-native';
|
|
4
|
+
import { getNativeModule } from "../native/bridge.js";
|
|
5
|
+
function parseEnvironment(raw) {
|
|
6
|
+
return {
|
|
7
|
+
isEmulator: Boolean(raw.isEmulator),
|
|
8
|
+
isSimulator: Boolean(raw.isSimulator),
|
|
9
|
+
indicators: Array.isArray(raw.indicators) ? raw.indicators.filter(item => typeof item === 'string') : []
|
|
10
|
+
};
|
|
11
|
+
}
|
|
12
|
+
export const DeviceSecurity = {
|
|
13
|
+
/** @deprecated Use `isCompromised()` or `SecuritySuite.getSecurityReport()`. */
|
|
14
|
+
hasSecurityRisk() {
|
|
15
|
+
return getNativeModule().deviceHasSecurityRisk();
|
|
16
|
+
},
|
|
17
|
+
isCompromised() {
|
|
18
|
+
return getNativeModule().deviceHasSecurityRisk();
|
|
19
|
+
},
|
|
20
|
+
isRooted() {
|
|
21
|
+
if (Platform.OS !== 'android') {
|
|
22
|
+
return Promise.resolve(false);
|
|
23
|
+
}
|
|
24
|
+
return getNativeModule().deviceHasSecurityRisk();
|
|
25
|
+
},
|
|
26
|
+
isJailbroken() {
|
|
27
|
+
if (Platform.OS !== 'ios') {
|
|
28
|
+
return Promise.resolve(false);
|
|
29
|
+
}
|
|
30
|
+
return getNativeModule().deviceHasSecurityRisk();
|
|
31
|
+
},
|
|
32
|
+
getEnvironment() {
|
|
33
|
+
return getNativeModule().deviceGetEnvironment().then(result => parseEnvironment(result));
|
|
34
|
+
}
|
|
35
|
+
};
|
|
36
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["Platform","getNativeModule","parseEnvironment","raw","isEmulator","Boolean","isSimulator","indicators","Array","isArray","filter","item","DeviceSecurity","hasSecurityRisk","deviceHasSecurityRisk","isCompromised","isRooted","OS","Promise","resolve","isJailbroken","getEnvironment","deviceGetEnvironment","then","result"],"sourceRoot":"../../../src","sources":["device/index.ts"],"mappings":";;AAAA,SAASA,QAAQ,QAAQ,cAAc;AAEvC,SAASC,eAAe,QAAQ,qBAAkB;AAGlD,SAASC,gBAAgBA,CAACC,GAA4B,EAAqB;EACzE,OAAO;IACLC,UAAU,EAAEC,OAAO,CAACF,GAAG,CAACC,UAAU,CAAC;IACnCE,WAAW,EAAED,OAAO,CAACF,GAAG,CAACG,WAAW,CAAC;IACrCC,UAAU,EAAEC,KAAK,CAACC,OAAO,CAACN,GAAG,CAACI,UAAU,CAAC,GACrCJ,GAAG,CAACI,UAAU,CAACG,MAAM,CAAEC,IAAI,IAAqB,OAAOA,IAAI,KAAK,QAAQ,CAAC,GACzE;EACN,CAAC;AACH;AAEA,OAAO,MAAMC,cAAc,GAAG;EAC5B;EACAC,eAAeA,CAAA,EAAqB;IAClC,OAAOZ,eAAe,CAAC,CAAC,CAACa,qBAAqB,CAAC,CAAC;EAClD,CAAC;EAEDC,aAAaA,CAAA,EAAqB;IAChC,OAAOd,eAAe,CAAC,CAAC,CAACa,qBAAqB,CAAC,CAAC;EAClD,CAAC;EAEDE,QAAQA,CAAA,EAAqB;IAC3B,IAAIhB,QAAQ,CAACiB,EAAE,KAAK,SAAS,EAAE;MAC7B,OAAOC,OAAO,CAACC,OAAO,CAAC,KAAK,CAAC;IAC/B;IACA,OAAOlB,eAAe,CAAC,CAAC,CAACa,qBAAqB,CAAC,CAAC;EAClD,CAAC;EAEDM,YAAYA,CAAA,EAAqB;IAC/B,IAAIpB,QAAQ,CAACiB,EAAE,KAAK,KAAK,EAAE;MACzB,OAAOC,OAAO,CAACC,OAAO,CAAC,KAAK,CAAC;IAC/B;IACA,OAAOlB,eAAe,CAAC,CAAC,CAACa,qBAAqB,CAAC,CAAC;EAClD,CAAC;EAEDO,cAAcA,CAAA,EAA+B;IAC3C,OAAOpB,eAAe,CAAC,CAAC,CACrBqB,oBAAoB,CAAC,CAAC,CACtBC,IAAI,CAAEC,MAAM,IAAKtB,gBAAgB,CAACsB,MAAM,CAAC,CAAC;EAC/C;AACF,CAAC","ignoreList":[]}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
export let SecurityErrorCode = /*#__PURE__*/function (SecurityErrorCode) {
|
|
4
|
+
SecurityErrorCode["ROOT_DETECTED"] = "ROOT_DETECTED";
|
|
5
|
+
SecurityErrorCode["JAILBREAK_DETECTED"] = "JAILBREAK_DETECTED";
|
|
6
|
+
SecurityErrorCode["FRIDA_DETECTED"] = "FRIDA_DETECTED";
|
|
7
|
+
SecurityErrorCode["DEBUGGER_DETECTED"] = "DEBUGGER_DETECTED";
|
|
8
|
+
SecurityErrorCode["SSL_PINNING_FAILED"] = "SSL_PINNING_FAILED";
|
|
9
|
+
SecurityErrorCode["SECURE_STORAGE_UNAVAILABLE"] = "SECURE_STORAGE_UNAVAILABLE";
|
|
10
|
+
SecurityErrorCode["CRYPTO_KEY_NOT_FOUND"] = "CRYPTO_KEY_NOT_FOUND";
|
|
11
|
+
return SecurityErrorCode;
|
|
12
|
+
}({});
|
|
13
|
+
const NATIVE_CODE_MAP = {
|
|
14
|
+
ROOT_DETECTED: SecurityErrorCode.ROOT_DETECTED,
|
|
15
|
+
JAILBREAK_DETECTED: SecurityErrorCode.JAILBREAK_DETECTED,
|
|
16
|
+
FRIDA_DETECTED: SecurityErrorCode.FRIDA_DETECTED,
|
|
17
|
+
DEBUGGER_DETECTED: SecurityErrorCode.DEBUGGER_DETECTED,
|
|
18
|
+
SSL_PINNING_FAILED: SecurityErrorCode.SSL_PINNING_FAILED,
|
|
19
|
+
SECURE_STORAGE_ERROR: SecurityErrorCode.SECURE_STORAGE_UNAVAILABLE,
|
|
20
|
+
SECURE_STORAGE_UNAVAILABLE: SecurityErrorCode.SECURE_STORAGE_UNAVAILABLE,
|
|
21
|
+
GET_SHARED_KEY_ERROR: SecurityErrorCode.CRYPTO_KEY_NOT_FOUND,
|
|
22
|
+
ENCRYPT_ERROR: SecurityErrorCode.CRYPTO_KEY_NOT_FOUND,
|
|
23
|
+
DECRYPT_ERROR: SecurityErrorCode.CRYPTO_KEY_NOT_FOUND,
|
|
24
|
+
CRYPTO_KEY_NOT_FOUND: SecurityErrorCode.CRYPTO_KEY_NOT_FOUND
|
|
25
|
+
};
|
|
26
|
+
export class SecurityError extends Error {
|
|
27
|
+
constructor(code, message, details) {
|
|
28
|
+
super(message);
|
|
29
|
+
this.name = 'SecurityError';
|
|
30
|
+
this.code = code;
|
|
31
|
+
this.details = details;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
export function isSecurityError(error) {
|
|
35
|
+
return error instanceof SecurityError;
|
|
36
|
+
}
|
|
37
|
+
export function mapNativeError(error) {
|
|
38
|
+
if (error instanceof SecurityError) {
|
|
39
|
+
return error;
|
|
40
|
+
}
|
|
41
|
+
const nativeError = error;
|
|
42
|
+
const code = typeof nativeError?.code === 'string' ? nativeError.code : error instanceof Error && 'code' in error ? String(error.code) : undefined;
|
|
43
|
+
const message = typeof nativeError?.message === 'string' ? nativeError.message : error instanceof Error ? error.message : typeof error === 'string' ? error : 'Unknown security error';
|
|
44
|
+
if (code && NATIVE_CODE_MAP[code]) {
|
|
45
|
+
return new SecurityError(NATIVE_CODE_MAP[code], message, {
|
|
46
|
+
nativeCode: code,
|
|
47
|
+
...(nativeError?.userInfo ?? {})
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
if (error instanceof Error) {
|
|
51
|
+
return error;
|
|
52
|
+
}
|
|
53
|
+
return new Error(message);
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"names":["SecurityErrorCode","NATIVE_CODE_MAP","ROOT_DETECTED","JAILBREAK_DETECTED","FRIDA_DETECTED","DEBUGGER_DETECTED","SSL_PINNING_FAILED","SECURE_STORAGE_ERROR","SECURE_STORAGE_UNAVAILABLE","GET_SHARED_KEY_ERROR","CRYPTO_KEY_NOT_FOUND","ENCRYPT_ERROR","DECRYPT_ERROR","SecurityError","Error","constructor","code","message","details","name","isSecurityError","error","mapNativeError","nativeError","String","undefined","nativeCode","userInfo"],"sourceRoot":"../../src","sources":["errors.ts"],"mappings":";;AAAA,WAAYA,iBAAiB,0BAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAjBA,iBAAiB;EAAA,OAAjBA,iBAAiB;AAAA;AAU7B,MAAMC,eAAkD,GAAG;EACzDC,aAAa,EAAEF,iBAAiB,CAACE,aAAa;EAC9CC,kBAAkB,EAAEH,iBAAiB,CAACG,kBAAkB;EACxDC,cAAc,EAAEJ,iBAAiB,CAACI,cAAc;EAChDC,iBAAiB,EAAEL,iBAAiB,CAACK,iBAAiB;EACtDC,kBAAkB,EAAEN,iBAAiB,CAACM,kBAAkB;EACxDC,oBAAoB,EAAEP,iBAAiB,CAACQ,0BAA0B;EAClEA,0BAA0B,EAAER,iBAAiB,CAACQ,0BAA0B;EACxEC,oBAAoB,EAAET,iBAAiB,CAACU,oBAAoB;EAC5DC,aAAa,EAAEX,iBAAiB,CAACU,oBAAoB;EACrDE,aAAa,EAAEZ,iBAAiB,CAACU,oBAAoB;EACrDA,oBAAoB,EAAEV,iBAAiB,CAACU;AAC1C,CAAC;AAED,OAAO,MAAMG,aAAa,SAASC,KAAK,CAAC;EAIvCC,WAAWA,CACTC,IAAuB,EACvBC,OAAe,EACfC,OAAiC,EACjC;IACA,KAAK,CAACD,OAAO,CAAC;IACd,IAAI,CAACE,IAAI,GAAG,eAAe;IAC3B,IAAI,CAACH,IAAI,GAAGA,IAAI;IAChB,IAAI,CAACE,OAAO,GAAGA,OAAO;EACxB;AACF;AAEA,OAAO,SAASE,eAAeA,CAACC,KAAc,EAA0B;EACtE,OAAOA,KAAK,YAAYR,aAAa;AACvC;AAEA,OAAO,SAASS,cAAcA,CAACD,KAAc,EAAyB;EACpE,IAAIA,KAAK,YAAYR,aAAa,EAAE;IAClC,OAAOQ,KAAK;EACd;EAEA,MAAME,WAAW,GAAGF,KAInB;EAED,MAAML,IAAI,GACR,OAAOO,WAAW,EAAEP,IAAI,KAAK,QAAQ,GACjCO,WAAW,CAACP,IAAI,GAChBK,KAAK,YAAYP,KAAK,IAAI,MAAM,IAAIO,KAAK,GACvCG,MAAM,CAAEH,KAAK,CAA+BL,IAAI,CAAC,GACjDS,SAAS;EAEjB,MAAMR,OAAO,GACX,OAAOM,WAAW,EAAEN,OAAO,KAAK,QAAQ,GACpCM,WAAW,CAACN,OAAO,GACnBI,KAAK,YAAYP,KAAK,GACpBO,KAAK,CAACJ,OAAO,GACb,OAAOI,KAAK,KAAK,QAAQ,GACvBA,KAAK,GACL,wBAAwB;EAElC,IAAIL,IAAI,IAAIf,eAAe,CAACe,IAAI,CAAC,EAAE;IACjC,OAAO,IAAIH,aAAa,CAACZ,eAAe,CAACe,IAAI,CAAC,EAAEC,OAAO,EAAE;MACvDS,UAAU,EAAEV,IAAI;MAChB,IAAIO,WAAW,EAAEI,QAAQ,IAAI,CAAC,CAAC;IACjC,CAAC,CAAC;EACJ;EAEA,IAAIN,KAAK,YAAYP,KAAK,EAAE;IAC1B,OAAOO,KAAK;EACd;EAEA,OAAO,IAAIP,KAAK,CAACG,OAAO,CAAC;AAC3B","ignoreList":[]}
|