tabris 3.9.0-dev.20231206 → 3.9.0-dev.20231208

package/boot.js

@@ -1,5 +1,5 @@
 /*!
- * Tabris.js 3.9.0-dev.20231206+0311
+ * Tabris.js 3.9.0-dev.20231208+0311
  * 
  * Copyright (c) 2014, 2020 EclipseSource Inc.
  * All rights reserved.

package/globals.d.ts

@@ -605,7 +605,7 @@ declare class CryptoKey {
   /**
    * @constant
    */
-  readonly algorithm: {name: 'ECDH', namedCurve: 'P-256'};
+  readonly algorithm: {name: 'ECDH' | 'ECDSA', namedCurve: 'P-256'};
 
 
   extractable: boolean;
@@ -1056,7 +1056,7 @@ declare class SubtleCrypto {
    * @param format
    * @param key
    */
-  exportKey(format: 'raw' | 'spki', key: CryptoKey): Promise<ArrayBuffer>;
+  exportKey(format: 'raw' | 'spki' | 'teeKeyHandle', key: CryptoKey): Promise<ArrayBuffer>;
 
   /**
    * Generates new keys. Currently only supports the Elliptic Curve Diffie-Hellman (ECDH) algorithm to
@@ -1064,8 +1064,9 @@ declare class SubtleCrypto {
    * @param algorithm
    * @param extractable
    * @param keyUsages
+   * @param options
    */
-  generateKey(algorithm: {name: 'ECDH', namedCurve: 'P-256'}, extractable: boolean, keyUsages: string[]): Promise<{privateKey: CryptoKey, publicKey: CryptoKey}>;
+  generateKey(algorithm: {name: 'ECDH' | 'ECDSA', namedCurve: 'P-256'}, extractable: boolean, keyUsages: string[], options?: {inTee?: boolean, usageRequiresAuth?: boolean}): Promise<{privateKey: CryptoKey, publicKey: CryptoKey}>;
 
   /**
    * Takes an external key in a portable format and returns a CryptoKey object that can be used with the
@@ -1076,7 +1077,25 @@ declare class SubtleCrypto {
    * @param extractable
    * @param keyUsages
    */
-  importKey(format: 'spki' | 'pkcs8' | 'raw', keyData: ArrayBuffer | TypedArray, algorithm: {name: 'ECDH', namedCurve: 'P-256'} | {name: 'AES-GCM'} | 'HKDF' | 'AES-GCM', extractable: boolean, keyUsages: string[]): Promise<CryptoKey>;
+  importKey(format: 'spki' | 'pkcs8' | 'raw' | 'teeKeyHandle', keyData: ArrayBuffer | TypedArray, algorithm: {name: 'ECDH' | 'ECDSA', namedCurve: 'P-256'} | {name: 'AES-GCM'} | 'HKDF' | 'AES-GCM', extractable: boolean, keyUsages: string[]): Promise<CryptoKey>;
+
+  /**
+   * Signs the given data. Currently only supports creating ECDSA signatures in DER format.
+   * @param algorithm
+   * @param key
+   * @param data
+   */
+  sign(algorithm: {name: 'ECDSAinDERFormat', hash: 'SHA-256'}, key: CryptoKey, data: ArrayBuffer | TypedArray): Promise<ArrayBuffer>;
+
+  /**
+   * Verifies the given signature against the data. Currently only supports verifying ECDSA signatures in
+   * DER format.
+   * @param algorithm
+   * @param key
+   * @param signature
+   * @param data
+   */
+  verify(algorithm: {name: 'ECDSAinDERFormat', hash: 'SHA-256'}, key: CryptoKey, signature: ArrayBuffer | TypedArray, data: ArrayBuffer | TypedArray): Promise<boolean>;
 }
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tabris",
-  "version": "3.9.0-dev.20231206+0311",
+  "version": "3.9.0-dev.20231208+0311",
   "description": "Mobile apps with native UIs in JavaScript",
   "keywords": [
     "native",

package/tabris.d.ts

@@ -1,4 +1,4 @@
-// Type definitions for Tabris.js 3.9.0-dev.20231206+0311
+// Type definitions for Tabris.js 3.9.0-dev.20231208+0311
 /// <reference path="globals.d.ts" />
 
 // General helper types

package/tabris.js

@@ -1,5 +1,5 @@
 /*!
- * Tabris.js 3.9.0-dev.20231206+0311
+ * Tabris.js 3.9.0-dev.20231208+0311
  * 
  * Copyright (c) 2014, 2020 EclipseSource Inc.
  * All rights reserved.
@@ -5034,7 +5034,7 @@ class Tabris extends NativeObject {
         this.$publishProxies();
     }
     get version() {
-        return '3.9.0-dev.20231206+0311';
+        return '3.9.0-dev.20231208+0311';
     }
     get started() {
         return !!this._started;
@@ -10481,12 +10481,14 @@ class _CryptoKey extends NativeObject {
             });
         });
     }
-    generate(algorithm, extractable, keyUsages) {
+    generate(algorithm, extractable, keyUsages, inTee, usageRequiresAuth) {
         return __awaiter(this, void 0, void 0, function* () {
             return new Promise$1((onSuccess, onError) => this._nativeCall('generate', {
                 algorithm,
                 extractable,
                 keyUsages,
+                inTee,
+                usageRequiresAuth,
                 onSuccess,
                 onError: wrapErrorCb(onError)
             }));
@@ -10546,15 +10548,15 @@ class SubtleCrypto {
             if (arguments.length !== 5) {
                 throw new TypeError(`Expected 5 arguments, got ${arguments.length}`);
             }
-            allowOnlyValues(format, ['spki', 'pkcs8', 'raw'], 'format');
+            allowOnlyValues(format, ['spki', 'pkcs8', 'raw', 'teeKeyHandle'], 'format');
             checkType(getBuffer(keyData), ArrayBuffer, { name: 'keyData' });
             if (typeof algorithm === 'string') {
-                allowOnlyValues(algorithm, ['ECDH', 'AES-GCM', 'HKDF'], 'algorithm');
+                allowOnlyValues(algorithm, ['AES-GCM', 'HKDF'], 'algorithm');
             }
             else {
                 checkType(algorithm, Object, { name: 'algorithm' });
-                allowOnlyValues(algorithm.name, ['ECDH', 'AES-GCM'], 'algorithm.name');
-                if (algorithm.name === 'ECDH') {
+                allowOnlyValues(algorithm.name, ['ECDH', 'ECDSA', 'AES-GCM'], 'algorithm.name');
+                if (algorithm.name === 'ECDH' || algorithm.name === 'ECDSA') {
                     allowOnlyKeys(algorithm, ['name', 'namedCurve']);
                     allowOnlyValues(algorithm.namedCurve, ['P-256'], 'algorithm.namedCurve');
                 }
@@ -10649,23 +10651,43 @@ class SubtleCrypto {
             if (arguments.length !== 2) {
                 throw new TypeError(`Expected 2 arguments, got ${arguments.length}`);
             }
-            allowOnlyValues(format, ['raw', 'spki'], 'format');
+            allowOnlyValues(format, ['raw', 'spki', 'teeKeyHandle'], 'format');
             checkType(key, CryptoKey, { name: 'key' });
             return new Promise$1((onSuccess, onReject) => this._nativeObject.subtleExportKey(format, key, onSuccess, onReject));
         });
     }
-    generateKey(algorithm, extractable, keyUsages) {
+    generateKey(algorithm, extractable, keyUsages, options) {
         return __awaiter(this, arguments, void 0, function* () {
-            if (arguments.length !== 3) {
-                throw new TypeError(`Expected 3 arguments, got ${arguments.length}`);
+            if (arguments.length < 3) {
+                throw new TypeError(`Expected at least 3 arguments, got ${arguments.length}`);
             }
             allowOnlyKeys(algorithm, ['name', 'namedCurve']);
-            allowOnlyValues(algorithm.name, ['ECDH'], 'algorithm.name');
+            allowOnlyValues(algorithm.name, ['ECDH', 'ECDSA'], 'algorithm.name');
             allowOnlyValues(algorithm.namedCurve, ['P-256'], 'algorithm.namedCurve');
             checkType(extractable, Boolean, { name: 'extractable' });
             checkType(keyUsages, Array, { name: 'keyUsages' });
+            if (options != null) {
+                allowOnlyKeys(options, ['inTee', 'usageRequiresAuth']);
+                if ('inTee' in options) {
+                    checkType(options.inTee, Boolean, { name: 'options.inTee' });
+                }
+                if ('usageRequiresAuth' in options) {
+                    checkType(options.usageRequiresAuth, Boolean, { name: 'options.usageRequiresAuth' });
+                }
+                if (options.inTee && algorithm.name !== 'ECDSA') {
+                    throw new TypeError('options.inTee is only supported for ECDSA keys');
+                }
+                if (options.usageRequiresAuth && algorithm.name !== 'ECDSA') {
+                    throw new TypeError('options.usageRequiresAuth is only supported for ECDSA keys');
+                }
+                if (options.usageRequiresAuth && !options.inTee) {
+                    throw new TypeError('options.usageRequiresAuth is only supported for keys in TEE');
+                }
+            }
+            const inTee = options === null || options === void 0 ? void 0 : options.inTee;
+            const usageRequiresAuth = options === null || options === void 0 ? void 0 : options.usageRequiresAuth;
             const nativeObject = new _CryptoKey();
-            yield nativeObject.generate(algorithm, extractable, keyUsages);
+            yield nativeObject.generate(algorithm, extractable, keyUsages, inTee, usageRequiresAuth);
             const nativePrivate = new _CryptoKey(nativeObject, 'private');
             const nativePublic = new _CryptoKey(nativeObject, 'public');
             return {
@@ -10674,6 +10696,35 @@ class SubtleCrypto {
             };
         });
     }
+    sign(algorithm, key, data) {
+        return __awaiter(this, arguments, void 0, function* () {
+            if (arguments.length !== 3) {
+                throw new TypeError(`Expected 3 arguments, got ${arguments.length}`);
+            }
+            allowOnlyKeys(algorithm, ['name', 'hash']);
+            allowOnlyValues(algorithm.name, ['ECDSAinDERFormat'], 'algorithm.name');
+            allowOnlyValues(algorithm.hash, ['SHA-256'], 'algorithm.hash');
+            checkType(key, CryptoKey, { name: 'key' });
+            checkType(algorithm.name, String, { name: 'algorithm.name' });
+            checkType(algorithm.hash, String, { name: 'algorithm.hash' });
+            checkType(getBuffer(data), ArrayBuffer, { name: 'data' });
+            return new Promise$1((onSuccess, onError) => this._nativeObject.subtleSign(algorithm, key, data, onSuccess, onError));
+        });
+    }
+    verify(algorithm, key, signature, data) {
+        return __awaiter(this, arguments, void 0, function* () {
+            if (arguments.length !== 4) {
+                throw new TypeError(`Expected 4 arguments, got ${arguments.length}`);
+            }
+            allowOnlyKeys(algorithm, ['name', 'hash']);
+            allowOnlyValues(algorithm.name, ['ECDSAinDERFormat'], 'algorithm.name');
+            allowOnlyValues(algorithm.hash, ['SHA-256'], 'algorithm.hash');
+            checkType(key, CryptoKey, { name: 'key' });
+            checkType(getBuffer(signature), ArrayBuffer, { name: 'signature' });
+            checkType(getBuffer(data), ArrayBuffer, { name: 'data' });
+            return new Promise$1((onSuccess, onReject) => this._nativeObject.subtleVerify(algorithm, key, signature, data, onSuccess, onReject));
+        });
+    }
 }
 class NativeCrypto extends NativeObject {
     static getInstance() {
@@ -10743,6 +10794,25 @@ class NativeCrypto extends NativeObject {
             onError: (reason) => onError(new Error(String(reason)))
         });
     }
+    subtleSign(algorithm, key, data, onSuccess, onError) {
+        this._nativeCall('subtleSign', {
+            algorithm,
+            key: getCid(key),
+            data: getBuffer(data),
+            onSuccess,
+            onError: (reason) => onError(new Error(String(reason)))
+        });
+    }
+    subtleVerify(algorithm, key, signature, data, onSuccess, onError) {
+        this._nativeCall('subtleVerify', {
+            algorithm,
+            key: getCid(key),
+            signature: getBuffer(signature),
+            data: getBuffer(data),
+            onSuccess,
+            onError: (reason) => onError(new Error(String(reason)))
+        });
+    }
 }
 function checkDeriveAlgorithm(algorithm) {
     if (algorithm === 'HKDF') {