All: Add new encryption methods based on native crypto libraries

.eslintignore

@@ -688,6 +688,7 @@ packages/app-mobile/root.js
 packages/app-mobile/services/AlarmServiceDriver.android.js
 packages/app-mobile/services/AlarmServiceDriver.ios.js
 packages/app-mobile/services/e2ee/RSA.react-native.js
+packages/app-mobile/services/e2ee/crypto.js
 packages/app-mobile/services/plugins/PlatformImplementation.js
 packages/app-mobile/services/profiles/index.js
 packages/app-mobile/services/voiceTyping/vosk.android.js
@@ -1028,6 +1029,7 @@ packages/lib/services/debug/populateDatabase.js
 packages/lib/services/e2ee/EncryptionService.test.js
 packages/lib/services/e2ee/EncryptionService.js
 packages/lib/services/e2ee/RSA.node.js
+packages/lib/services/e2ee/crypto.js
 packages/lib/services/e2ee/ppk.test.js
 packages/lib/services/e2ee/ppk.js
 packages/lib/services/e2ee/ppkTestUtils.js

.eslintrc.js

@@ -44,6 +44,8 @@ module.exports = {
 		'tinymce': 'readonly',
 
 		'JSX': 'readonly',
+
+		'BufferEncoding': 'readonly',
 	},
 	'parserOptions': {
 		'ecmaVersion': 2018,

.gitignore

@@ -667,6 +667,7 @@ packages/app-mobile/root.js
 packages/app-mobile/services/AlarmServiceDriver.android.js
 packages/app-mobile/services/AlarmServiceDriver.ios.js
 packages/app-mobile/services/e2ee/RSA.react-native.js
+packages/app-mobile/services/e2ee/crypto.js
 packages/app-mobile/services/plugins/PlatformImplementation.js
 packages/app-mobile/services/profiles/index.js
 packages/app-mobile/services/voiceTyping/vosk.android.js
@@ -1007,6 +1008,7 @@ packages/lib/services/debug/populateDatabase.js
 packages/lib/services/e2ee/EncryptionService.test.js
 packages/lib/services/e2ee/EncryptionService.js
 packages/lib/services/e2ee/RSA.node.js
+packages/lib/services/e2ee/crypto.js
 packages/lib/services/e2ee/ppk.test.js
 packages/lib/services/e2ee/ppk.js
 packages/lib/services/e2ee/ppkTestUtils.js

packages/app-mobile/package.json

@@ -60,6 +60,7 @@
     "react-native-paper": "5.12.3",
     "react-native-popup-menu": "0.16.1",
     "react-native-quick-actions": "0.3.13",
+    "react-native-quick-crypto": "0.7.1",
     "react-native-rsa-native": "2.0.5",
     "react-native-safe-area-context": "4.10.1",
     "react-native-securerandom": "1.0.1",

packages/app-mobile/services/e2ee/crypto.ts

@@ -0,0 +1,49 @@
+import { Crypto, CryptoBuffer } from '@joplin/lib/services/e2ee/types';
+import crypto from 'react-native-quick-crypto';
+import { HashAlgorithm } from 'react-native-quick-crypto/lib/typescript/keys';
+
+const cryptoLib: Crypto = {
+
+	getCiphers: (): string[] => {
+		return crypto.getCiphers();
+	},
+
+	getHashes: (): string[] => {
+		return crypto.getHashes();
+	},
+
+	randomBytes: async (size: number): Promise<CryptoBuffer> => {
+		return new Promise((resolve, reject) => {
+			crypto.randomBytes(size, (error, result) => {
+				if (error) {
+					reject(error);
+				} else {
+					resolve(result);
+				}
+			});
+		});
+	},
+
+	pbkdf2Raw: async (password: string, salt: CryptoBuffer, iterations: number, keylen: number, digest: string): Promise<CryptoBuffer> => {
+		const digestMap: { [key: string]: HashAlgorithm } = {
+			'sha1': 'SHA-1',
+			'sha224': 'SHA-224',
+			'sha256': 'SHA-256',
+			'sha384': 'SHA-384',
+			'sha512': 'SHA-512',
+			'ripemd160': 'RIPEMD-160',
+		};
+		const digestAlgorithm: string = digestMap[digest.toLowerCase()] || digest;
+		return new Promise((resolve, reject) => {
+			crypto.pbkdf2(password, salt, iterations, keylen, digestAlgorithm as HashAlgorithm, (error, result) => {
+				if (error) {
+					reject(error);
+				} else {
+					resolve(result);
+				}
+			});
+		});
+	},
+};
+
+export default cryptoLib;

packages/app-mobile/utils/shim-init-react.ts

@@ -15,10 +15,12 @@ import { getLocales } from 'react-native-localize';
 import { setLocale, defaultLocale, closestSupportedLocale } from '@joplin/lib/locale';
 import type SettingType from '@joplin/lib/models/Setting';
 import injectedJs from './injectedJs';
+import cryptoLib from '../services/e2ee/crypto';
 
 export default function shimInit() {
 	shim.Geolocation = GeolocationReact;
 	shim.sjclModule = require('@joplin/lib/vendor/sjcl-rn.js');
+	shim.cryptoLib = cryptoLib;
 
 	shim.fsDriver = () => {
 		if (!shim.fsDriver_) {

packages/lib/services/e2ee/crypto.ts

@@ -0,0 +1,36 @@
+import { Crypto } from './types';
+import { promisify } from 'util';
+import crypto = require('crypto');
+
+const cryptoLib: Crypto = {
+
+	getCiphers: (): string[] => {
+		return crypto.getCiphers();
+	},
+
+	getHashes: (): string[] => {
+		return crypto.getHashes();
+	},
+
+	randomBytes: async (size: number): Promise<Buffer> => {
+		const randomBytesAsync = promisify(crypto.randomBytes);
+		return randomBytesAsync(size);
+	},
+
+	pbkdf2Raw: async (password: string, salt: Buffer, iterations: number, keylen: number, digest: string): Promise<Buffer> => {
+		const digestMap: { [key: string]: string } = {
+			'sha-1': 'sha1',
+			'sha-224': 'sha224',
+			'sha-256': 'sha256',
+			'sha-384': 'sha384',
+			'sha-512': 'sha512',
+			'ripemd-160': 'ripemd160',
+		};
+		const digestAlgorithm: string = digestMap[digest.toLowerCase()] || digest;
+
+		const pbkdf2Async = promisify(crypto.pbkdf2);
+		return pbkdf2Async(password, salt, iterations, keylen, digestAlgorithm);
+	},
+};
+
+export default cryptoLib;

packages/lib/services/e2ee/types.ts

@@ -25,3 +25,14 @@ export interface RSA {
 	publicKey(rsaKeyPair: RSAKeyPair): string;
 	privateKey(rsaKeyPair: RSAKeyPair): string;
 }
+
+export interface Crypto {
+	getCiphers(): string[];
+	getHashes(): string[];
+	randomBytes(size: number): Promise<CryptoBuffer>;
+	pbkdf2Raw(password: string, salt: CryptoBuffer, iterations: number, keylen: number, digest: string): Promise<CryptoBuffer>;
+}
+
+export interface CryptoBuffer extends Uint8Array {
+	toString(encoding?: BufferEncoding, start?: number, end?: number): string;
+}

packages/lib/shim-init-node.ts

@@ -12,6 +12,7 @@ import { ResourceEntity } from './services/database/types';
 import { TextItem } from 'pdfjs-dist/types/src/display/api';
 import replaceUnsupportedCharacters from './utils/replaceUnsupportedCharacters';
 import { FetchBlobOptions } from './types';
+import cryptoLib from './services/e2ee/crypto';
 
 import FileApiDriverLocal from './file-api-driver-local';
 import * as mimeUtils from './mime-utils';
@@ -135,6 +136,7 @@ function shimInit(options: ShimInitOptions = null) {
 	shim.Geolocation = GeolocationNode;
 	shim.FormData = require('form-data');
 	shim.sjclModule = require('./vendor/sjcl.js');
+	shim.cryptoLib = cryptoLib;
 	shim.electronBridge_ = options.electronBridge;
 
 	shim.fsDriver = () => {

packages/lib/shim.ts

@@ -2,6 +2,7 @@ import * as React from 'react';
 import { NoteEntity, ResourceEntity } from './services/database/types';
 import type FsDriverBase from './fs-driver-base';
 import type FileApiDriverLocal from './file-api-driver-local';
+import { Crypto } from './services/e2ee/types';
 
 export interface CreateResourceFromPathOptions {
 	resizeLargeImages?: 'always' | 'never' | 'ask';
@@ -286,6 +287,8 @@ const shim = {
 	// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Old code before rule was applied
 	sjclModule: null as any,
 
+	cryptoLib: null as Crypto,
+
 	// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Old code before rule was applied
 	randomBytes: async (_count: number): Promise<any> => {
 		throw new Error('Not implemented: randomBytes');

packages/tools/cspell/dictionary4.txt

@@ -110,4 +110,5 @@ ENOTFOUND
 Scaleway
 Inkscape
 Ionicon
-Stormlikes
+Stormlikes
+ripemd

yarn.lock

@@ -4367,6 +4367,16 @@ __metadata:
   languageName: node
   linkType: hard
 
+"@craftzdog/react-native-buffer@npm:^6.0.5":
+  version: 6.0.5
+  resolution: "@craftzdog/react-native-buffer@npm:6.0.5"
+  dependencies:
+    ieee754: ^1.2.1
+    react-native-quick-base64: ^2.0.5
+  checksum: 921b8bc7f84778e355e81e475792399276d611a346a7e51b6266a45cf4aa82194beb3a8106af796ed143d958c8476070c59e3720c0eec0a3c31e368fbb08b350
+  languageName: node
+  linkType: hard
+
 "@cronvel/get-pixels@npm:^3.4.0":
   version: 3.4.0
   resolution: "@cronvel/get-pixels@npm:3.4.0"
@@ -6902,6 +6912,7 @@ __metadata:
     react-native-paper: 5.12.3
     react-native-popup-menu: 0.16.1
     react-native-quick-actions: 0.3.13
+    react-native-quick-crypto: 0.7.1
     react-native-rsa-native: 2.0.5
     react-native-safe-area-context: 4.10.1
     react-native-securerandom: 1.0.1
@@ -36117,6 +36128,31 @@ __metadata:
   languageName: node
   linkType: hard
 
+"react-native-quick-base64@npm:^2.0.5":
+  version: 2.1.2
+  resolution: "react-native-quick-base64@npm:2.1.2"
+  dependencies:
+    base64-js: ^1.5.1
+  peerDependencies:
+    react: "*"
+    react-native: "*"
+  checksum: 46f3b26f48b26978686b0c043336220d681e6a02af5abcf3eb4ab7b9216251d1eb2fac5c559e984d963e93f54bd9f323651daac09762196815558abbd551729b
+  languageName: node
+  linkType: hard
+
+"react-native-quick-crypto@npm:0.7.1":
+  version: 0.7.1
+  resolution: "react-native-quick-crypto@npm:0.7.1"
+  dependencies:
+    "@craftzdog/react-native-buffer": ^6.0.5
+    events: ^3.3.0
+    readable-stream: ^4.5.2
+    string_decoder: ^1.3.0
+    util: ^0.12.5
+  checksum: 9a7a1fb1456410db30f062078f570bc566cac36fbc165e7d8ee8677bec09fcc96923de3cf7a0464804142af242a822bf66ea22460951399b9247e4a03fcfe059
+  languageName: node
+  linkType: hard
+
 "react-native-rsa-native@npm:2.0.5":
   version: 2.0.5
   resolution: "react-native-rsa-native@npm:2.0.5"
@@ -36833,6 +36869,19 @@ __metadata:
   languageName: node
   linkType: hard
 
+"readable-stream@npm:^4.5.2":
+  version: 4.5.2
+  resolution: "readable-stream@npm:4.5.2"
+  dependencies:
+    abort-controller: ^3.0.0
+    buffer: ^6.0.3
+    events: ^3.3.0
+    process: ^0.11.10
+    string_decoder: ^1.3.0
+  checksum: c4030ccff010b83e4f33289c535f7830190773e274b3fcb6e2541475070bdfd69c98001c3b0cb78763fc00c8b62f514d96c2b10a8bd35d5ce45203a25fa1d33a
+  languageName: node
+  linkType: hard
+
 "readable-stream@npm:~2.0.0":
   version: 2.0.6
   resolution: "readable-stream@npm:2.0.6"
@@ -43293,7 +43342,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"util@npm:^0.12.4":
+"util@npm:^0.12.4, util@npm:^0.12.5":
   version: 0.12.5
   resolution: "util@npm:0.12.5"
   dependencies: