eclipsesource · cpetrov · Jan 25, 2024 · Jan 19, 2024
diff --git a/doc/api/SubtleCrypto.json b/doc/api/SubtleCrypto.json
@@ -84,6 +84,16 @@
           {
             "name": "keyUsages",
             "type": "string[]"
+          },
+          {
+            "name": "options",
+            "optional": true,
+            "type": {
+              "map": {
+                "authPromptTitle": { "type": "string", "optional": true },
+                "authPromptMessage": { "type": "string", "optional": true }
+              }
+            }
           }
         ],
         "returns": {
@@ -193,6 +203,16 @@
           {
             "name": "length",
             "type": "number"
+          },
+          {
+            "name": "options",
+            "optional": true,
+            "type": {
+              "map": {
+                "authPromptTitle": { "type": "string", "optional": true },
+                "authPromptMessage": { "type": "string", "optional": true }
+              }
+            }
           }
         ],
         "returns": {
@@ -523,6 +543,16 @@
               "TypedArray"
             ]
           }
+        },
+        {
+          "name": "options",
+          "optional": true,
+          "type": {
+            "map": {
+              "authPromptTitle": { "type": "string", "optional": true },
+              "authPromptMessage": { "type": "string", "optional": true }
+            }
+          }
         }
       ],
       "returns": {

diff --git a/src/tabris/Crypto.ts b/src/tabris/Crypto.ts
@@ -16,6 +16,7 @@ export type TypedArray = Int8Array | Uint8Array | Uint8ClampedArray
   | Int16Array | Uint16Array | Int32Array | Uint32Array;
 
 type SignatureAlgorithm = { name: 'ECDSAinDERFormat', hash: 'SHA-256' };
+export type AuthPromptOptions = { authPromptTitle?: string, authPromptMessage?: string };
 
 export default class Crypto {
 
@@ -113,17 +114,20 @@ class SubtleCrypto {
   async deriveBits(
     algorithm: Algorithm,
     baseKey: CryptoKey,
-    length: number
+    length: number,
+    options: AuthPromptOptions = {}
   ): Promise<ArrayBuffer> {
-    if (arguments.length !== 3) {
-      throw new TypeError(`Expected 3 arguments, got ${arguments.length}`);
+    if (arguments.length < 3) {
+      throw new TypeError(`Expected at least 3 arguments, got ${arguments.length}`);
     }
     checkDeriveAlgorithm(algorithm);
     checkType(baseKey, CryptoKey, {name: 'baseKey'});
     checkType(length, Number, {name: 'length'});
+    checkAuthPromptOptions(options);
     const nativeObject = new _CryptoKey();
     try {
-      await nativeObject.derive(algorithm, baseKey, {length, name: 'AES-GCM'}, true, []);
+      await nativeObject.derive(
+        algorithm, baseKey, {length, name: 'AES-GCM'}, true, [], options.authPromptTitle, options.authPromptMessage);
       return new Promise((onSuccess, onReject) =>
         this._nativeObject.subtleExportKey('raw', nativeObject, onSuccess, onReject)
       );
@@ -137,10 +141,11 @@ class SubtleCrypto {
     baseKey: CryptoKey,
     derivedKeyAlgorithm: {name: string, length: number},
     extractable: boolean,
-    keyUsages: string[]
+    keyUsages: string[],
+    options: AuthPromptOptions = {}
   ): Promise<CryptoKey> {
-    if (arguments.length !== 5) {
-      throw new TypeError(`Expected 5 arguments, got ${arguments.length}`);
+    if (arguments.length < 5) {
+      throw new TypeError(`Expected at least 5 arguments, got ${arguments.length}`);
     }
     checkDeriveAlgorithm(algorithm);
     allowOnlyKeys(derivedKeyAlgorithm, ['name', 'length']);
@@ -149,8 +154,17 @@ class SubtleCrypto {
     checkType(baseKey, CryptoKey, {name: 'baseKey'});
     checkType(extractable, Boolean, {name: 'extractable'});
     checkType(keyUsages, Array, {name: 'keyUsages'});
+    checkAuthPromptOptions(options);
     const nativeObject = new _CryptoKey();
-    await nativeObject.derive(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages);
+    await nativeObject.derive(
+      algorithm,
+      baseKey,
+      derivedKeyAlgorithm,
+      extractable,
+      keyUsages,
+      options.authPromptTitle,
+      options.authPromptMessage
+    );
     return new CryptoKey(nativeObject, {
       algorithm,
       extractable,
@@ -260,10 +274,11 @@ class SubtleCrypto {
   async sign(
     algorithm: SignatureAlgorithm,
     key: CryptoKey,
-    data: ArrayBuffer | TypedArray
+    data: ArrayBuffer | TypedArray,
+    options: AuthPromptOptions = {}
   ): Promise<ArrayBuffer> {
-    if (arguments.length !== 3) {
-      throw new TypeError(`Expected 3 arguments, got ${arguments.length}`);
+    if (arguments.length < 3) {
+      throw new TypeError(`Expected at least 3 arguments, got ${arguments.length}`);
     }
     allowOnlyKeys(algorithm, ['name', 'hash']);
     allowOnlyValues(algorithm.name, ['ECDSAinDERFormat'], 'algorithm.name');
@@ -272,8 +287,10 @@ class SubtleCrypto {
     checkType(algorithm.name, String, {name: 'algorithm.name'});
     checkType(algorithm.hash, String, {name: 'algorithm.hash'});
     checkType(getBuffer(data), ArrayBuffer, {name: 'data'});
+    checkAuthPromptOptions(options);
     return new Promise((onSuccess, onError) =>
-      this._nativeObject.subtleSign(algorithm, key, data, onSuccess, onError)
+      this._nativeObject.subtleSign(
+        algorithm, key, data, options.authPromptTitle, options.authPromptMessage, onSuccess, onError)
     );
   }
 
@@ -413,13 +430,17 @@ class NativeCrypto extends NativeObject {
     algorithm: SignatureAlgorithm,
     key: CryptoKey,
     data: ArrayBuffer | TypedArray,
+    authPromptTitle: string | undefined,
+    authPromptMessage: string | undefined,
     onSuccess: (buffer: ArrayBuffer) => any,
     onError: (ex: Error) => any
   ): void {
     this._nativeCall('subtleSign', {
       algorithm,
       key: getCid(key),
       data: getBuffer(data),
+      authPromptTitle,
+      authPromptMessage,
       onSuccess,
       onError: (reason: unknown) => onError(new Error(String(reason)))
     });
@@ -445,6 +466,15 @@ class NativeCrypto extends NativeObject {
 
 }
 
+function checkAuthPromptOptions(options: AuthPromptOptions) {
+  if ('authPromptTitle' in options) {
+    checkType(options.authPromptTitle, String, {name: 'options.authPromptTitle'});
+  }
+  if ('authPromptMessage' in options) {
+    checkType(options.authPromptMessage, String, {name: 'options.authPromptMessage'});
+  }
+}
+
 function checkDeriveAlgorithm(algorithm: Algorithm):
   asserts algorithm is (AlgorithmHKDF | AlgorithmECDH | 'HKDF')
 {

diff --git a/src/tabris/CryptoKey.ts b/src/tabris/CryptoKey.ts
@@ -81,7 +81,9 @@ export class _CryptoKey extends NativeObject {
     baseKey: CryptoKey,
     derivedKeyAlgorithm: {name: string, length: number},
     extractable: boolean,
-    keyUsages: string[]
+    keyUsages: string[],
+    authPromptTitle?: string,
+    authPromptMessage?: string
   ): Promise<void> {
     return new Promise((onSuccess, onError) => {
       if (typeof algorithm === 'string') {
@@ -94,6 +96,8 @@ export class _CryptoKey extends NativeObject {
           derivedKeyAlgorithm,
           extractable,
           keyUsages,
+          authPromptTitle,
+          authPromptMessage,
           onSuccess,
           onError: wrapErrorCb(onError)
         });
@@ -104,6 +108,8 @@ export class _CryptoKey extends NativeObject {
           derivedKeyAlgorithm,
           extractable,
           keyUsages,
+          authPromptTitle,
+          authPromptMessage,
           onSuccess,
           onError: wrapErrorCb(onError)
         });

diff --git a/test/tabris/Crypto.test.ts b/test/tabris/Crypto.test.ts
@@ -319,7 +319,7 @@ describe('Crypto', function() {
     it('checks parameter length', async function() {
       params.pop();
       await expect(deriveKey())
-        .rejectedWith(TypeError, 'Expected 5 arguments, got 4');
+        .rejectedWith(TypeError, 'Expected at least 5 arguments, got 4');
       expect(client.calls({op: 'create', type: 'tabris.CryptoKey'}).length).to.equal(0);
     });
 
@@ -393,6 +393,20 @@ describe('Crypto', function() {
       expect(client.calls({op: 'create', type: 'tabris.CryptoKey'}).length).to.equal(0);
     });
 
+    it('checks options.authPromptTitle', async function() {
+      params[5] = {authPromptTitle: null};
+      await expect(deriveKey())
+        .rejectedWith(TypeError, 'Expected options.authPromptTitle to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
+    it('checks options.authPromptMessage', async function() {
+      params[5] = {authPromptMessage: null};
+      await expect(deriveKey())
+        .rejectedWith(TypeError, 'Expected options.authPromptMessage to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
   });
 
   describe('subtle.deriveBits()', function() {
@@ -502,7 +516,7 @@ describe('Crypto', function() {
 
     it('checks parameter length', async function() {
       params.pop();
-      await expect(deriveBits()).rejectedWith(TypeError, 'Expected 3 arguments, got 2');
+      await expect(deriveBits()).rejectedWith(TypeError, 'Expected at least 3 arguments, got 2');
       expect(client.calls({op: 'create', type: 'tabris.CryptoKey'}).length).to.equal(0);
     });
 
@@ -526,6 +540,20 @@ describe('Crypto', function() {
       expect(client.calls({op: 'create', type: 'tabris.CryptoKey'}).length).to.equal(0);
     });
 
+    it('checks options.authPromptTitle', async function() {
+      params[3] = {authPromptTitle: null};
+      await expect(deriveBits())
+        .rejectedWith(TypeError, 'Expected options.authPromptTitle to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
+    it('checks options.authPromptMessage', async function() {
+      params[3] = {authPromptMessage: null};
+      await expect(deriveBits())
+        .rejectedWith(TypeError, 'Expected options.authPromptMessage to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
   });
 
   describe('subtle.importKey()', function() {
@@ -1189,7 +1217,7 @@ describe('Crypto', function() {
     it('checks parameter length', async function() {
       params.pop();
       await expect(sign())
-        .rejectedWith(TypeError, 'Expected 3 arguments, got 2');
+        .rejectedWith(TypeError, 'Expected at least 3 arguments, got 2');
       expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
     });
 
@@ -1220,6 +1248,21 @@ describe('Crypto', function() {
         .rejectedWith(TypeError, 'Expected data to be of type ArrayBuffer, got null');
       expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
     });
+
+    it('checks options.authPromptTitle', async function() {
+      params[3] = {authPromptTitle: null};
+      await expect(sign())
+        .rejectedWith(TypeError, 'Expected options.authPromptTitle to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
+    it('checks options.authPromptMessage', async function() {
+      params[3] = {authPromptMessage: null};
+      await expect(sign())
+        .rejectedWith(TypeError, 'Expected options.authPromptMessage to be a string, got null.');
+      expect(client.calls({op: 'call', method: 'subtleSign'}).length).to.equal(0);
+    });
+
   });
 
   describe('subtle.verify()', function() {