Add new features (#72)

* support AES CTR
* support pbkdf2 algorithm and sync
* update package version
* fix import

Author: heroims

android/src/main/java/com/tectiv3/aes/RCTAes.java

@@ -23,6 +23,9 @@
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.Mac;
 
+import org.spongycastle.crypto.Digest;
+import org.spongycastle.crypto.digests.SHA1Digest;
+import org.spongycastle.crypto.digests.SHA256Digest;
 import org.spongycastle.crypto.digests.SHA512Digest;
 import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
 import org.spongycastle.crypto.params.KeyParameter;
@@ -40,7 +43,8 @@
 
 public class RCTAes extends ReactContextBaseJavaModule {
 
-    private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS7Padding";
+    private static final String CIPHER_CBC_ALGORITHM = "AES/CBC/PKCS7Padding";
+    private static final String CIPHER_CTR_ALGORITHM = "AES/CTR/PKCS5Padding";
     public static final String HMAC_SHA_256 = "HmacSHA256";
     public static final String HMAC_SHA_512 = "HmacSHA512";
     private static final String KEY_ALGORITHM = "AES";
@@ -57,7 +61,7 @@ public String getName() {
     @ReactMethod
     public void encrypt(String data, String key, String iv, String algorithm, Promise promise) {
         try {
-            String result = encrypt(data, key, iv);
+            String result = encrypt(data, key, iv, algorithm.toLowerCase().contains("cbc")?CIPHER_CBC_ALGORITHM:CIPHER_CTR_ALGORITHM);
             promise.resolve(result);
         } catch (Exception e) {
             promise.reject("-1", e.getMessage());
@@ -67,17 +71,22 @@ public void encrypt(String data, String key, String iv, String algorithm, Promis
     @ReactMethod
     public void decrypt(String data, String pwd, String iv, String algorithm, Promise promise) {
         try {
-            String strs = decrypt(data, pwd, iv);
+            String strs = decrypt(data, pwd, iv, algorithm.toLowerCase().contains("cbc")?CIPHER_CBC_ALGORITHM:CIPHER_CTR_ALGORITHM);
             promise.resolve(strs);
         } catch (Exception e) {
             promise.reject("-1", e.getMessage());
         }
     }
 
+    @ReactMethod(isBlockingSynchronousMethod = true)
+    public String pbkdf2Sync(String pwd, String salt, Integer cost, Integer length, String algorithm) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
+        return pbkdf2(pwd, salt, cost, length, algorithm);
+    }
+
     @ReactMethod
-    public void pbkdf2(String pwd, String salt, Integer cost, Integer length, Promise promise) {
+    public void pbkdf2(String pwd, String salt, Integer cost, Integer length, String algorithm, Promise promise) {
         try {
-            String strs = pbkdf2(pwd, salt, cost, length);
+            String strs = pbkdf2(pwd, salt, cost, length, algorithm);
             promise.resolve(strs);
         } catch (Exception e) {
             promise.reject("-1", e.getMessage());
@@ -174,11 +183,20 @@ public static String bytesToHex(byte[] bytes) {
         }
         return new String(hexChars);
     }
-
-    private static String pbkdf2(String pwd, String salt, Integer cost, Integer length)
+    private static String pbkdf2(String pwd, String salt, Integer cost, Integer length, String algorithm)
     throws NoSuchAlgorithmException, InvalidKeySpecException, UnsupportedEncodingException
     {
-        PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA512Digest());
+        Digest algorithmDigest = new SHA512Digest();
+        if (algorithm.equalsIgnoreCase("sha1")){
+            algorithmDigest = new SHA1Digest();
+        }
+        if (algorithm.equalsIgnoreCase("sha256")){
+            algorithmDigest = new SHA256Digest();
+        }
+        if (algorithm.equalsIgnoreCase("sha512")){
+            algorithmDigest = new SHA512Digest();
+        }
+        PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(algorithmDigest);
         gen.init(pwd.getBytes("UTF_8"), salt.getBytes("UTF_8"), cost);
         byte[] key = ((KeyParameter) gen.generateDerivedParameters(length)).getKey();
         return bytesToHex(key);

index.d.ts

@@ -1,7 +1,9 @@
 declare module 'react-native-aes-crypto' {
-    type Algorithms = 'aes-128-cbc' | 'aes-192-cbc' | 'aes-256-cbc'
-
-    function pbkdf2(password: string, salt: string, cost: number, length: number): Promise<string>
+    type Algorithms = 'aes-128-cbc' | 'aes-192-cbc' | 'aes-256-cbc' | 'aes-128-ctr' | 'aes-192-ctr' | 'aes-256-ctr'
+    type Algorithms_pbkdf2 = 'sha1' | 'sha256' | 'sha512'
+    
+    function pbkdf2(password: string, salt: string, cost: number, length: number, algorithm:Algorithms_pbkdf2): Promise<string>
+    function pbkdf2Sync(password: string, salt: string, cost: number, length: number, algorithm:Algorithms_pbkdf2): string
     function encrypt(text: string, key: string, iv: string, algorithm: Algorithms): Promise<string>
     function decrypt(ciphertext: string, key: string, iv: string, algorithm: Algorithms): Promise<string>
     function hmac256(ciphertext: string, key: string): Promise<string>

ios/RCTAes/RCTAes.m

@@ -38,12 +38,17 @@ @implementation RCTAes
     }
 }
 
+RCT_EXPORT_BLOCKING_SYNCHRONOUS_METHOD(pbkdf2Sync:(NSString *)password salt:(NSString *)salt
+                                       cost:(NSInteger)cost length:(NSInteger)length algorithm:(NSString *)algorithm) {
+    return [AesCrypt pbkdf2:password salt:salt cost:cost length:length algorithm:algorithm];;
+}
+
 RCT_EXPORT_METHOD(pbkdf2:(NSString *)password salt:(NSString *)salt
-                  cost:(NSInteger)cost length:(NSInteger)length
+                  cost:(NSInteger)cost length:(NSInteger)length algorithm:(NSString *)algorithm
                   resolver:(RCTPromiseResolveBlock)resolve
                   rejecter:(RCTPromiseRejectBlock)reject) {
     NSError *error = nil;
-    NSString *data = [AesCrypt pbkdf2:password salt:salt cost:cost length:length];
+    NSString *data = [AesCrypt pbkdf2:password salt:salt cost:cost length:length algorithm:algorithm];
     if (data == nil) {
         reject(@"keygen_fail", @"Key generation failed", error);
     } else {

ios/RCTAes/lib/AesCrypt.h

@@ -10,7 +10,7 @@
 @interface AesCrypt : NSObject
 + (NSString *) encrypt: (NSString *)clearText  key: (NSString *)key iv: (NSString *)iv algorithm: (NSString *)algorithm;
 + (NSString *) decrypt: (NSString *)cipherText key: (NSString *)key iv: (NSString *)iv algorithm: (NSString *)algorithm;
-+ (NSString *) pbkdf2:(NSString *)password salt: (NSString *)salt cost: (NSInteger)cost length: (NSInteger)length;
++ (NSString *) pbkdf2:(NSString *)password salt: (NSString *)salt cost: (NSInteger)cost length: (NSInteger)length algorithm:(NSString *)algorithm;
 + (NSString *) hmac256: (NSString *)input key: (NSString *)key;
 + (NSString *) hmac512: (NSString *)input key: (NSString *)key;
 + (NSString *) sha1: (NSString *)input;

ios/RCTAes/lib/AesCrypt.m

@@ -35,23 +35,33 @@ + (NSData *) fromHex: (NSString *)string {
     return data;
 }
 
-+ (NSString *) pbkdf2:(NSString *)password salt: (NSString *)salt cost: (NSInteger)cost length: (NSInteger)length {
++ (NSString *) pbkdf2:(NSString *)password salt: (NSString *)salt cost: (NSInteger)cost length: (NSInteger)length algorithm:(NSString *)algorithm{
     // Data of String to generate Hash key(hexa decimal string).
     NSData *passwordData = [password dataUsingEncoding:NSUTF8StringEncoding];
     NSData *saltData = [salt dataUsingEncoding:NSUTF8StringEncoding];
 
     // Hash key (hexa decimal) string data length.
     NSMutableData *hashKeyData = [NSMutableData dataWithLength:length/8];
 
+    CCPseudoRandomAlgorithm algorithmL = kCCPRFHmacAlgSHA512;
+    if([algorithm.lowercaseString isEqualToString:@"sha1"]){
+        algorithmL = kCCPRFHmacAlgSHA1;
+    }
+    if([algorithm.lowercaseString isEqualToString:@"sha256"]){
+        algorithmL = kCCPRFHmacAlgSHA256;
+    }
+    if([algorithm.lowercaseString isEqualToString:@"sha512"]){
+        algorithmL = kCCPRFHmacAlgSHA512;
+    }
     // Key Derivation using PBKDF2 algorithm.
     int status = CCKeyDerivationPBKDF(
                     kCCPBKDF2,
                     passwordData.bytes,
                     passwordData.length,
                     saltData.bytes,
                     saltData.length,
-                    kCCPRFHmacAlgSHA512,
-                    cost,
+                    algorithmL,
+                    (unsigned int)cost,
                     hashKeyData.mutableBytes,
                     hashKeyData.length);
 
@@ -105,14 +115,98 @@ + (NSData *) AESCBC: (NSString *)operation data: (NSData *)data key: (NSString *
     return nil;
 }
 
++ (NSData *) AESCTR: (NSString *)operation data: (NSData *)data key: (NSString *)key iv: (NSString *)iv algorithm: (NSString *)algorithm {
+    //convert hex string to hex data
+    NSData *keyData = [self fromHex:key];
+    NSData *ivData = [self fromHex:iv];
+    //    NSData *keyData = [key dataUsingEncoding:NSUTF8StringEncoding];
+    size_t numBytes = 0;
+    
+    NSArray *aesAlgorithms = @[@"aes-128-ctr", @"aes-192-ctr", @"aes-256-ctr"];
+    size_t item = [aesAlgorithms indexOfObject:algorithm];
+    size_t keyLength;
+    switch (item) {
+        case 0:
+            keyLength = kCCKeySizeAES128;
+            break;
+        case 1:
+            keyLength = kCCKeySizeAES192;
+            break;
+        default:
+            keyLength = kCCKeySizeAES256;
+            break;
+    }
+
+    NSMutableData * buffer = [[NSMutableData alloc] initWithLength:[data length] + kCCBlockSizeAES128];
+    
+    CCCryptorRef cryptor = NULL;
+    
+    CCCryptorStatus cryptStatus = CCCryptorCreateWithMode(
+                    [operation isEqualToString:@"encrypt"] ? kCCEncrypt : kCCDecrypt,
+                    kCCModeCTR,
+                    kCCAlgorithmAES,
+                    ccPKCS7Padding,
+                    ivData.length ? ivData.bytes : nil,
+                    keyData.bytes,
+                    keyLength,
+                    NULL,
+                    0,
+                    0,
+                    kCCModeOptionCTR_BE,
+                    &cryptor);
+
+    if (cryptStatus == kCCSuccess) {
+            //Update Cryptor
+            CCCryptorStatus update = CCCryptorUpdate(cryptor,
+                    data.bytes,
+                    data.length,
+                    buffer.mutableBytes,
+                    buffer.length,
+                    &numBytes);
+            if (update == kCCSuccess)
+            {
+             //Cut Data Out with nedded length
+                buffer.length = numBytes;
+
+             //Final Cryptor
+             CCCryptorStatus final = CCCryptorFinal(cryptor, //CCCryptorRef cryptorRef,
+                                                    buffer.mutableBytes, //void *dataOut,
+                                                    buffer.length, // size_t dataOutAvailable,
+                                                    &numBytes); // size_t *dataOutMoved)
+
+             if (final == kCCSuccess)
+             {
+              //Release Cryptor
+              //CCCryptorStatus release =
+              CCCryptorRelease(cryptor); //CCCryptorRef cryptorRef
+             }
+             return buffer;
+        }
+    }
+    NSLog(@"AES error, %d", cryptStatus);
+    return nil;
+}
+
 + (NSString *) encrypt: (NSString *)clearText key: (NSString *)key iv: (NSString *)iv algorithm: (NSString *)algorithm {
-    NSData *result = [self AESCBC:@"encrypt" data:[clearText dataUsingEncoding:NSUTF8StringEncoding] key:key iv:iv algorithm:algorithm];
-    return [result base64EncodedStringWithOptions:0];
+    if ([algorithm containsString:@"ctr"]) {
+        NSData *result = [self AESCTR:@"encrypt" data:[clearText dataUsingEncoding:NSUTF8StringEncoding] key:key iv:iv algorithm:algorithm];
+        return [self toHex:result];
+    }
+    else{
+        NSData *result = [self AESCBC:@"encrypt" data:[clearText dataUsingEncoding:NSUTF8StringEncoding] key:key iv:iv algorithm:algorithm];
+        return [result base64EncodedStringWithOptions:0];
+    }
 }
 
 + (NSString *) decrypt: (NSString *)cipherText key: (NSString *)key iv: (NSString *)iv algorithm: (NSString *)algorithm {
-    NSData *result = [self AESCBC:@"decrypt" data:[[NSData alloc] initWithBase64EncodedString:cipherText options:0] key:key iv:iv algorithm:algorithm];
-    return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
+    if ([algorithm containsString:@"ctr"]) {
+        NSData *result = [self AESCTR:@"decrypt" data:[self fromHex:cipherText] key:key iv:iv algorithm:algorithm];
+        return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
+    }
+    else{
+        NSData *result = [self AESCBC:@"decrypt" data:[[NSData alloc] initWithBase64EncodedString:cipherText options:0] key:key iv:iv algorithm:algorithm];
+        return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
+    }
 }
 
 + (NSString *) hmac256: (NSString *)input key: (NSString *)key {

package.json

@@ -1,6 +1,6 @@
 {
     "name": "react-native-aes-crypto",
-    "version": "2.1.1",
+    "version": "2.1.2",
     "description": "AES crypto native module for react-native",
     "main": "index.js",
     "types": "index.d.ts",

react-native-aes.podspec

@@ -1,7 +1,7 @@
 
 Pod::Spec.new do |s|
   s.name          = 'react-native-aes'
-  s.version       = '2.0.0'
+  s.version       = '2.1.2'
   s.summary       = 'Native module for AES encryption'
   s.author        = "tectiv3"
   s.license       = 'MIT'