UNPKG

expo-crypto

Version:

Provides cryptography primitives for Android, iOS and web.

docs.expo.dev/versions/latest/sdk/crypto/

expo/expo

127 lines (116 loc) 3.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
/** * Represents binary input data that can be processed by AES APIs. * When providing a string, it must be base64-encoded. */ export type BinaryInput = string | Uint8Array | ArrayBuffer; /** * AES key sizes in bits. */ export enum AESKeySize { /** 128-bit AES key */ AES128 = 128, /** 192-bit AES key. It is unsupported on Web. * @platform apple * @platform android */ AES192 = 192, /** 256-bit AES key */ AES256 = 256, } /** * Byte length of the GCM authentication tag, is a security parameter. * The AES-GCM specification recommends that it should be 16, 15, 14, 13, or 12 bytes, * although 8 or 4 bytes may be acceptable in some applications. * For additional guidance, see [Appendix C](https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf) of the NIST Publication * on "Recommendation for Block Cipher Modes of Operation". * * Default and recommended value is 16. On Apple, the only supported value for encryption is 16. */ export type GCMTagByteLength = 16 | 15 | 14 | 13 | 12 | 8 | 4; /** * Configuration for parsing sealed data from combined format. */ export interface AESSealedDataConfig { /** * The length of the initialization vector in bytes. * @default 12 */ ivLength: number; /** * The length of the authentication tag in bytes. * @default 16 */ tagLength: GCMTagByteLength; } /** * Options for the decryption process. */ export interface AESDecryptOptions { /** * Output format for the decrypted data. * @default 'bytes' */ output?: 'bytes' | 'base64'; /** * Additional authenticated data (AAD) for GCM mode. * When provided as a string, it must be base64-encoded. */ additionalData?: BinaryInput; } /** * @hidden * Decrypt options that return the result as a `base64` string. */ export interface Base64DecryptOptions extends AESDecryptOptions { output: 'base64'; } /** * @hidden * Decrypt options that return the result as a `Uint8Array`. */ export interface ArrayBufferDecryptOptions extends AESDecryptOptions { output?: 'bytes'; } /** * Configuration for the nonce (initialization vector) during encryption. * Can specify either the byte length of the IV to generate or provide an IV directly. */ export type GCMNonceParam = | { /** * Byte length of nonce to be generated. * @default 12 */ length: number; } | { /** * Provided nonce bytes. */ bytes: BinaryInput; }; /** * Options for the encryption process. */ export interface AESEncryptOptions { /** * Parameters for nonce generation. * @default { length: 12 } */ nonce?: GCMNonceParam; /** * The length of the authentication tag in bytes. * * > **Note:** On Apple, this option is ignored. The tag will always have 16 bytes. * * @platform android * @platform web * @default 16 */ tagLength?: GCMTagByteLength; /** * Additional authenticated data (AAD) for GCM mode. * When provided as a string, it must be base64-encoded. */ additionalData?: BinaryInput; }