Merge branch 'cjthompson-master'

ghbutton · ghbutton · commit 636d71b59ff0 · 2020-05-17T08:45:29.000-07:00
diff --git a/README.md b/README.md
@@ -119,7 +119,6 @@ Testing [repository](https://github.com/ghbutton/react-native-simple-crypto-test
 import RNSimpleCrypto from "react-native-simple-crypto";
 
 // -- AES ------------------------------------------------------------- //
-
 const message = "data to encrypt";
 const messageArrayBuffer = RNSimpleCrypto.utils.convertUtf8ToArrayBuffer(
   message
@@ -150,30 +149,32 @@ console.log("AES decrypt", decrypted);
 
 // -- HMAC ------------------------------------------------------------ //
 
-const signatureArrayBuffer = await RNSimpleCrypto.HMAC.hmac256(message, key);
+const keyHmac = await RNSimpleCrypto.utils.randomBytes(32);
+const signatureArrayBuffer = await RNSimpleCrypto.HMAC.hmac256(message, keyHmac);
 
-const signatureHex = RNSimpleCrypto.utils.convertArrayBuffertoHex(
+const signatureHex = RNSimpleCrypto.utils.convertArrayBufferToHex(
   signatureArrayBuffer
 );
 console.log("HMAC signature", signatureHex);
 
 // -- SHA ------------------------------------------------------------- //
 
 const sha1Hash = await RNSimpleCrypto.SHA.sha1("test");
-console.log("SHA1 hash", hash);
+console.log("SHA1 hash", sha1Hash);
 
-const sha256Hash = await RNSimpleCrypto.SHA.sha1("test");
+const sha256Hash = await RNSimpleCrypto.SHA.sha256("test");
 console.log("SHA256 hash", sha256Hash);
 
-const sha512Hash = await RNSimpleCrypto.SHA.sha1("test");
+const sha512Hash = await RNSimpleCrypto.SHA.sha512("test");
 console.log("SHA512 hash", sha512Hash);
 
 const dataToHash = await RNSimpleCrypto.utils.randomBytes(64);
 const sha1ArrayBuffer = await RNSimpleCrypto.SHA.sha1(dataToHash);
-console.log('SHA256 hash bytes', [...sha1ArrayBuffer]);
+console.log('SHA256 hash bytes', sha1ArrayBuffer);
 
 const sha256ArrayBuffer = await RNSimpleCrypto.SHA.sha256(dataToHash);
-console.log('SHA256 hash bytes', [...sha256ArrayBuffer]);
+console.log('SHA256 hash bytes', sha256ArrayBuffer);
+
 
 // -- PBKDF2 ---------------------------------------------------------- //
 
@@ -182,14 +183,28 @@ const salt = RNSimpleCrypto.utils.randomBytes(8);
 const iterations = 4096;
 const keyInBytes = 32;
 const hash = "SHA1";
-const passwordKey = await Pbkdf2.hash(
+const passwordKey = await RNSimpleCrypto.PBKDF2.hash(
   password,
   salt,
   iterations,
   keyInBytes,
   hash
 );
 console.log("PBKDF2 passwordKey", passwordKey);
+const password2 = messageArrayBuffer;
+const salt2 = RNSimpleCrypto.utils.randomBytes(8);
+const iterations2 = 10000;
+const keyInBytes2 = 32;
+const hash2 = "SHA256";
+
+const passwordKey2 = await RNSimpleCrypto.PBKDF2.hash(
+  password2,
+  salt2,
+  iterations2,
+  keyInBytes2,
+  hash2
+);
+console.log("PBKDF2 passwordKey", passwordKey2);
 
 // -- RSA ------------------------------------------------------------ //
 
diff --git a/android/src/main/java/com/pedrouid/crypto/RCTAes.java b/android/src/main/java/com/pedrouid/crypto/RCTAes.java
@@ -96,24 +96,13 @@ public void randomKey(Integer length, Promise promise) {
             byte[] key = new byte[length];
             SecureRandom rand = new SecureRandom();
             rand.nextBytes(key);
-            String keyHex = bytesToHex(key);
+            String keyHex = Util.bytesToHex(key);
             promise.resolve(keyHex);
         } catch (Exception e) {
             promise.reject("-1", e.getMessage());
         }
     }
 
-    public static String bytesToHex(byte[] bytes) {
-        final char[] hexArray = "0123456789abcdef".toCharArray();
-        char[] hexChars = new char[bytes.length * 2];
-        for ( int j = 0; j < bytes.length; j++ ) {
-            int v = bytes[j] & 0xFF;
-            hexChars[j * 2] = hexArray[v >>> 4];
-            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
-        }
-        return new String(hexChars);
-    }
-
     final static IvParameterSpec emptyIvSpec = new IvParameterSpec(new byte[] {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00});
 
     private static String encrypt(String textBase64, String hexKey, String hexIv) throws Exception {
@@ -126,8 +115,7 @@ private static String encrypt(String textBase64, String hexKey, String hexIv) th
 
         Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
         cipher.init(Cipher.ENCRYPT_MODE, secretKey, hexIv == null ? emptyIvSpec : new IvParameterSpec(Hex.decode(hexIv)));
-        byte [] textBytes = java.util.Base64.getDecoder().decode(textBase64);
-        byte[] encrypted = cipher.doFinal(textBytes);
+        byte[] encrypted = cipher.doFinal(Base64.decode(textBase64, Base64.DEFAULT));
         return Base64.encodeToString(encrypted, Base64.NO_WRAP);
     }
 
@@ -141,7 +129,7 @@ private static String decrypt(String ciphertext, String hexKey, String hexIv) th
 
         Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
         cipher.init(Cipher.DECRYPT_MODE, secretKey, hexIv == null ? emptyIvSpec : new IvParameterSpec(Hex.decode(hexIv)));
-        byte[] decrypted = cipher.doFinal(Base64.decode(ciphertext, Base64.NO_WRAP));
+        byte[] decrypted = cipher.doFinal(Base64.decode(ciphertext, Base64.DEFAULT));
         return Base64.encodeToString(decrypted, Base64.NO_WRAP);
     }
 
diff --git a/android/src/main/java/com/pedrouid/crypto/RCTHmac.java b/android/src/main/java/com/pedrouid/crypto/RCTHmac.java
@@ -69,23 +69,12 @@ public void hmac256(String data, String pwd, Promise promise) {
         }
     }
 
-    public static String bytesToHex(byte[] bytes) {
-        final char[] hexArray = "0123456789abcdef".toCharArray();
-        char[] hexChars = new char[bytes.length * 2];
-        for ( int j = 0; j < bytes.length; j++ ) {
-            int v = bytes[j] & 0xFF;
-            hexChars[j * 2] = hexArray[v >>> 4];
-            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
-        }
-        return new String(hexChars);
-    }
-
     private static String hmac256(String text, String key) throws NoSuchAlgorithmException, InvalidKeyException  {
         byte[] contentData = Hex.decode(text);
         byte[] akHexData = Hex.decode(key);
         Mac sha256_HMAC = Mac.getInstance(HMAC_SHA_256);
         SecretKey secret_key = new SecretKeySpec(akHexData, HMAC_SHA_256);
         sha256_HMAC.init(secret_key);
-        return bytesToHex(sha256_HMAC.doFinal(contentData));
+        return Util.bytesToHex(sha256_HMAC.doFinal(contentData));
     }
 }
diff --git a/android/src/main/java/com/pedrouid/crypto/RCTPbkdf2.java b/android/src/main/java/com/pedrouid/crypto/RCTPbkdf2.java
@@ -1,50 +1,25 @@
 package com.pedrouid.crypto;
 
-import android.widget.Toast;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.HashMap;
-import java.util.Map;
-
-import java.util.UUID;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.spec.InvalidKeySpecException;
-import java.security.InvalidKeyException;
-
-import java.nio.charset.StandardCharsets;
+import android.util.Base64;
 
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.Mac;
+import com.facebook.react.bridge.Promise;
+import com.facebook.react.bridge.ReactApplicationContext;
+import com.facebook.react.bridge.ReactContextBaseJavaModule;
+import com.facebook.react.bridge.ReactMethod;
 
 import org.spongycastle.crypto.ExtendedDigest;
+import org.spongycastle.crypto.PBEParametersGenerator;
 import org.spongycastle.crypto.digests.SHA1Digest;
 import org.spongycastle.crypto.digests.SHA224Digest;
 import org.spongycastle.crypto.digests.SHA256Digest;
 import org.spongycastle.crypto.digests.SHA384Digest;
-import org.spongycastle.crypto.digests.SHA384Digest;
 import org.spongycastle.crypto.digests.SHA512Digest;
 import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.spongycastle.crypto.PBEParametersGenerator;
 import org.spongycastle.crypto.params.KeyParameter;
-import org.spongycastle.util.encoders.Hex;
 
-import android.util.Base64;
-
-import com.facebook.react.bridge.NativeModule;
-import com.facebook.react.bridge.ReactApplicationContext;
-import com.facebook.react.bridge.Promise;
-import com.facebook.react.bridge.ReactContext;
-import com.facebook.react.bridge.ReactContextBaseJavaModule;
-import com.facebook.react.bridge.ReactMethod;
-import com.facebook.react.bridge.Callback;
+import java.security.NoSuchAlgorithmException;
+import java.util.HashMap;
+import java.util.Map;
 
 public class RCTPbkdf2 extends ReactContextBaseJavaModule {
 
@@ -58,27 +33,18 @@ public String getName() {
     }
 
     @ReactMethod
-    public void hash(String pwd, String saltBase64, Integer iterations, Integer keyLen, String hash, Promise promise) {
+    public void hash(String pwdBase64, String saltBase64, Integer iterations, Integer keyLen, String hash, Promise promise) {
         try {
-            String strs = pbkdf2(pwd, saltBase64, iterations, keyLen, hash);
-            promise.resolve(strs);
+            byte[] pwdBytes = Base64.decode(pwdBase64, Base64.DEFAULT);
+            byte[] saltBytes = Base64.decode(saltBase64, Base64.DEFAULT);
+            byte[] digest = pbkdf2(pwdBytes, saltBytes, iterations, keyLen, hash);
+            promise.resolve(Base64.encodeToString(digest, Base64.NO_WRAP));
         } catch (Exception e) {
             promise.reject("-1", e.getMessage());
         }
     }
 
-    public static String bytesToHex(byte[] bytes) {
-        final char[] hexArray = "0123456789abcdef".toCharArray();
-        char[] hexChars = new char[bytes.length * 2];
-        for ( int j = 0; j < bytes.length; j++ ) {
-            int v = bytes[j] & 0xFF;
-            hexChars[j * 2] = hexArray[v >>> 4];
-            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
-        }
-        return new String(hexChars);
-    }
-
-    private static String pbkdf2(String pwd, String salt, Integer iterations, Integer keyLen, String hash) throws NoSuchAlgorithmException, InvalidKeySpecException {
+    private static byte[] pbkdf2(byte[] pwd, byte[] salt, Integer iterations, Integer keyLen, String hash) throws NullPointerException, NoSuchAlgorithmException {
         Map<String, ExtendedDigest> algMap = new HashMap<String, ExtendedDigest>();
         algMap.put("SHA1", new SHA1Digest());
         algMap.put("SHA224", new SHA224Digest());
@@ -87,10 +53,12 @@ private static String pbkdf2(String pwd, String salt, Integer iterations, Intege
         algMap.put("SHA512", new SHA512Digest());
         ExtendedDigest alg = algMap.get(hash);
 
+        if (alg == null) {
+            throw new NoSuchAlgorithmException("Specified hash algorithm is not supported");
+        }
+
         PBEParametersGenerator gen = new PKCS5S2ParametersGenerator(alg);
-        byte[] saltBytes = Base64.decode(salt, Base64.DEFAULT);
-        gen.init(pwd.getBytes(StandardCharsets.UTF_8), saltBytes, iterations);
-        byte[] key = ((KeyParameter) gen.generateDerivedParameters(keyLen * 8)).getKey();
-        return bytesToHex(key);
+        gen.init(pwd, salt, iterations);
+        return ((KeyParameter) gen.generateDerivedParameters(keyLen * 8)).getKey();
     }
 }
diff --git a/android/src/main/java/com/pedrouid/crypto/Util.java b/android/src/main/java/com/pedrouid/crypto/Util.java
@@ -0,0 +1,14 @@
+package com.pedrouid.crypto;
+
+class Util {
+    static String bytesToHex(byte[] bytes) {
+        final char[] hexArray = "0123456789abcdef".toCharArray();
+        char[] hexChars = new char[bytes.length * 2];
+        for ( int j = 0; j < bytes.length; j++ ) {
+            int v = bytes[j] & 0xFF;
+            hexChars[j * 2] = hexArray[v >>> 4];
+            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
+        }
+        return new String(hexChars);
+    }
+}
diff --git a/index.d.ts b/index.d.ts
@@ -38,11 +38,11 @@ declare module "react-native-simple-crypto" {
 
   export namespace PBKDF2 {
     export function hash(
-      password: string,
-      salt: ArrayBuffer,
+      password: string | ArrayBuffer,
+      salt: string | ArrayBuffer,
       iterations: number,
       keyLen: number,
-      hash: "SHA1" | "SHA224" | "SHA256" | "SHA384" | "SHA512"
+      algorithm: "SHA1" | "SHA224" | "SHA256" | "SHA384" | "SHA512"
     ): Promise<ArrayBuffer>;
   }
 
diff --git a/index.js b/index.js
@@ -111,16 +111,27 @@ const HMAC = {
 };
 
 const PBKDF2 = {
-  hash: async function (password, saltArrayBuffer, iterations, keyLength, hash) {
-    const saltBase64 = convertArrayBufferToBase64(saltArrayBuffer);
-    const hashHex = await NativeModules.Pbkdf2.hash(
-      password,
-      saltBase64,
+  hash: async function (password, salt, iterations, keyLength, algorithm) {
+    let passwordToHash = password;
+    let saltToHash = salt;
+
+    if (typeof password === 'string') {
+      passwordToHash = convertUtf8ToArrayBuffer(password);
+    }
+
+    if (typeof salt === 'string') {
+      saltToHash = convertUtf8ToArrayBuffer(salt);
+    }
+
+    const digest = await NativeModules.Pbkdf2.hash(
+      convertArrayBufferToBase64(passwordToHash),
+      convertArrayBufferToBase64(saltToHash),
       iterations,
       keyLength,
-      hash
+      algorithm
     );
-    return (convertHexToArrayBuffer(hashHex));
+
+    return convertBase64ToArrayBuffer(digest);
   }
 };
 
diff --git a/ios/RCTCrypto.xcodeproj/project.pbxproj b/ios/RCTCrypto.xcodeproj/project.pbxproj
@@ -254,7 +254,7 @@
 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
-				IPHONEOS_DEPLOYMENT_TARGET = 9.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 10.0;
 				MTL_ENABLE_DEBUG_INFO = YES;
 				ONLY_ACTIVE_ARCH = YES;
 				SDKROOT = iphoneos;
@@ -300,7 +300,7 @@
 				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
-				IPHONEOS_DEPLOYMENT_TARGET = 9.0;
+				IPHONEOS_DEPLOYMENT_TARGET = 10.0;
 				MTL_ENABLE_DEBUG_INFO = NO;
 				SDKROOT = iphoneos;
 				VALIDATE_PRODUCT = YES;
diff --git a/ios/RCTCrypto/RCTPbkdf2.m b/ios/RCTCrypto/RCTPbkdf2.m
@@ -5,11 +5,15 @@ @implementation RCTPbkdf2
 
 RCT_EXPORT_MODULE()
 
-RCT_EXPORT_METHOD(hash:(NSString *)password saltBase64:(NSString *)saltBase64 iterations:(int)iterations keyLen:(int)keyLen hash:(NSString *)hash
+RCT_EXPORT_METHOD(hash:(NSString *)password
+                  salt:(NSString *)salt
+                  iterations:(int)iterations
+                  keyLen:(int)keyLen
+                  algorithm:(NSString *)algorithm
                   resolver:(RCTPromiseResolveBlock)resolve
                   rejecter:(RCTPromiseRejectBlock)reject) {
     NSError *error = nil;
-    NSString *data = [Pbkdf2 hash:password saltBase64:saltBase64 iterations:iterations keyLen:keyLen hash:hash];
+    NSString *data = [Pbkdf2 hash:password salt:salt iterations:iterations keyLen:keyLen algorithm:algorithm];
     if (data == nil) {
         reject(@"keygen_fail", @"Key generation failed", error);
     } else {
diff --git a/ios/RCTCrypto/lib/Pbkdf2.h b/ios/RCTCrypto/lib/Pbkdf2.h
@@ -1,5 +1,5 @@
 #import <Foundation/Foundation.h>
 
 @interface Pbkdf2 : NSObject
-+ (NSString *) hash:(NSString *)password saltBase64: (NSString *)saltBase64 iterations: (int)iterations keyLen: (int)keyLen hash: (NSString *)hash;
++ (NSString *) hash:(NSString *)password salt: (NSString *)salt iterations: (int)iterations keyLen: (int)keyLen algorithm: (NSString *)algorithm;
 @end
diff --git a/ios/RCTCrypto/lib/Pbkdf2.m b/ios/RCTCrypto/lib/Pbkdf2.m
@@ -7,10 +7,10 @@
 
 @implementation Pbkdf2
 
-+ (NSString *) hash:(NSString *)password saltBase64: (NSString *)saltBase64 iterations: (int)iterations keyLen: (int)keyLen hash: (NSString *)hash  {
++ (NSString *) hash:(NSString *)password salt: (NSString *)salt iterations: (int)iterations keyLen: (int)keyLen algorithm: (NSString *)algorithm  {
     // Data of String to generate Hash key(hexa decimal string).
-    NSData *passwordData = [password dataUsingEncoding:NSUTF8StringEncoding];
-    NSData *saltData = [[NSData alloc]initWithBase64EncodedString:saltBase64 options:0];
+    NSData *passwordData = [[NSData alloc]initWithBase64EncodedString:password options:0];
+    NSData *saltData = [[NSData alloc]initWithBase64EncodedString:salt options:0];
 
     // Hash key (hexa decimal) string data length.
     NSMutableData *hashKeyData = [NSMutableData dataWithLength:keyLen];
@@ -23,7 +23,7 @@ + (NSString *) hash:(NSString *)password saltBase64: (NSString *)saltBase64 iter
      @"SHA512" : [NSNumber numberWithInt:kCCPRFHmacAlgSHA512],
     };
     
-    int alg = [[algMap valueForKey:hash] intValue];
+    int alg = [[algMap valueForKey:algorithm] intValue];
 
     // Key Derivation using PBKDF2 algorithm.
     int status = CCKeyDerivationPBKDF(
@@ -42,7 +42,7 @@ + (NSString *) hash:(NSString *)password saltBase64: (NSString *)saltBase64 iter
         return @"";
     }
 
-    return [Shared toHex:hashKeyData];
+    return [hashKeyData base64EncodedStringWithOptions:0];
 }
 
 @end

Original file line number	Diff line number	Diff line change
`@@ -69,23 +69,12 @@ public void hmac256(String data, String pwd, Promise promise) {`
`69`	`69`	`}`
`70`	`70`	`}`
`71`	`71`
`72`		`- public static String bytesToHex(byte[] bytes) {`
`73`		`- final char[] hexArray = "0123456789abcdef".toCharArray();`
`74`		`- char[] hexChars = new char[bytes.length * 2];`
`75`		`- for ( int j = 0; j < bytes.length; j++ ) {`
`76`		`- int v = bytes[j] & 0xFF;`
`77`		`- hexChars[j * 2] = hexArray[v >>> 4];`
`78`		`- hexChars[j * 2 + 1] = hexArray[v & 0x0F];`
`79`		`- }`
`80`		`- return new String(hexChars);`
`81`		`- }`
`82`		`-`
`83`	`72`	`private static String hmac256(String text, String key) throws NoSuchAlgorithmException, InvalidKeyException {`
`84`	`73`	`byte[] contentData = Hex.decode(text);`
`85`	`74`	`byte[] akHexData = Hex.decode(key);`
`86`	`75`	`Mac sha256_HMAC = Mac.getInstance(HMAC_SHA_256);`
`87`	`76`	`SecretKey secret_key = new SecretKeySpec(akHexData, HMAC_SHA_256);`
`88`	`77`	`sha256_HMAC.init(secret_key);`
`89`		`- return bytesToHex(sha256_HMAC.doFinal(contentData));`
	`78`	`+ return Util.bytesToHex(sha256_HMAC.doFinal(contentData));`
`90`	`79`	`}`
`91`	`80`	`}`