react-native-quick-crypto 0.7.0-rc.9 → 0.7.0

package/cpp/Sig/MGLSignHostObjects.h

@@ -69,6 +69,46 @@ class SignBase : public MGLSmartHostObject {
   EVPMDPointer mdctx_;
 };
 
+struct SignConfiguration final {  //  : public MemoryRetainer
+  enum Mode {
+    kSign,
+    kVerify
+  };
+  enum Flags {
+    kHasNone = 0,
+    kHasSaltLength = 1,
+    kHasPadding = 2
+  };
+
+  // CryptoJobMode job_mode;  // all async for now
+  Mode mode;
+  ManagedEVPPKey key;
+  ByteSource data;
+  ByteSource signature;
+  const EVP_MD* digest = nullptr;
+  int flags = SignConfiguration::kHasNone;
+  int padding = 0;
+  int salt_length = 0;
+  DSASigEnc dsa_encoding = kSigEncDER;
+
+  SignConfiguration() = default;
+
+  // explicit SignConfiguration(SignConfiguration&& other) noexcept;
+
+  // SignConfiguration& operator=(SignConfiguration&& other) noexcept;
+
+  // void MemoryInfo(MemoryTracker* tracker) const override;
+  // SET_MEMORY_INFO_NAME(SignConfiguration)
+  // SET_SELF_SIZE(SignConfiguration)
+};
+
+class SubtleSignVerify {
+  public:
+    SignConfiguration GetParamsFromJS(jsi::Runtime &rt, const jsi::Value *args);
+    void DoSignVerify(jsi::Runtime &rt, const SignConfiguration &params, ByteSource &out);
+    jsi::Value EncodeOutput(jsi::Runtime &rt,const SignConfiguration &params, ByteSource &out);
+};
+
 class MGLSignHostObject : public SignBase {
  public:
   explicit MGLSignHostObject(

package/cpp/Utils/MGLUtils.cpp

@@ -18,47 +18,6 @@ namespace margelo {
 
 namespace jsi = facebook::jsi;
 
-jsi::Value toJSI(jsi::Runtime& rt, OptionJSVariant& value) {
-  if (!value.has_value()) {
-    return jsi::Value::null();
-  }
-  try {
-    return toJSI(rt, value.value());
-  } catch (const std::bad_optional_access& e) {
-    std::cout << e.what() << '\n';
-  }
-  return jsi::Value::null();
-}
-
-jsi::Value toJSI(jsi::Runtime& rt, JSVariant& value) {
-  if (std::holds_alternative<bool>(value)) {
-    return jsi::Value(std::get<bool>(value));
-  } else if (std::holds_alternative<int>(value)) {
-    return jsi::Value(std::get<int>(value));
-  } else if (std::holds_alternative<long long>(value)) {
-    return jsi::Value(static_cast<double>(std::get<long long>(value)));
-  } else if (std::holds_alternative<double>(value)) {
-    return jsi::Value(std::get<double>(value));
-  } else if (std::holds_alternative<std::string>(value)) {
-    return jsi::String::createFromUtf8(rt, std::get<std::string>(value));
-  } else if (std::holds_alternative<ByteSource>(value)) {
-    ByteSource& source = std::get<ByteSource>(value);
-    jsi::Function array_buffer_ctor =
-        rt.global().getPropertyAsFunction(rt, "ArrayBuffer");
-    jsi::Object o = array_buffer_ctor.callAsConstructor(rt, (int)source.size())
-                        .getObject(rt);
-    jsi::ArrayBuffer buf = o.getArrayBuffer(rt);
-    // You cannot share raw memory between native and JS
-    // always copy the data
-    // see https://github.com/facebook/hermes/pull/419 and
-    // https://github.com/facebook/hermes/issues/564.
-    memcpy(buf.data(rt), source.data(), source.size());
-    return o;
-  }
-
-  return jsi::Value::null();
-}
-
 ByteSource ArrayBufferToByteSource(jsi::Runtime& runtime,
                                    const jsi::ArrayBuffer& buffer) {
   if (buffer.size(runtime) == 0) return ByteSource();

package/cpp/Utils/MGLUtils.h

@@ -263,13 +263,23 @@ std::string StringBytesWrite(jsi::Runtime &rt,
                         enum encoding encoding);
 
 
-using JSVariant = std::variant<nullptr_t, bool, int, double, long, long long,
-                               std::string, ByteSource>;
-
-using OptionJSVariant = std::optional<JSVariant>;
+inline jsi::Value toJSI(jsi::Runtime& rt, std::string value) {
+  return jsi::String::createFromUtf8(rt, value);
+}
 
-jsi::Value toJSI(jsi::Runtime& rt, OptionJSVariant& value);
-jsi::Value toJSI(jsi::Runtime& rt, JSVariant& value);
+inline jsi::Value toJSI(jsi::Runtime& rt, ByteSource value) {
+    jsi::Function array_buffer_ctor =
+        rt.global().getPropertyAsFunction(rt, "ArrayBuffer");
+    jsi::Object o = array_buffer_ctor.callAsConstructor(rt, (int)value.size())
+                        .getObject(rt);
+    jsi::ArrayBuffer buf = o.getArrayBuffer(rt);
+    // You cannot share raw memory between native and JS
+    // always copy the data
+    // see https://github.com/facebook/hermes/pull/419 and
+    // https://github.com/facebook/hermes/issues/564.
+    memcpy(buf.data(rt), value.data(), value.size());
+    return o;
+}
 
 std::string EncodeBignum(const BIGNUM* bn,
                          int size,
@@ -278,6 +288,17 @@ std::string EncodeBignum(const BIGNUM* bn,
 std::string EncodeBase64(const std::string data, bool url = false);
 std::string DecodeBase64(const std::string &in, bool remove_linebreaks = false);
 
+// TODO: until shared, keep in sync with JS side (src/NativeQuickCrypto/Cipher.ts)
+enum KeyVariant {
+  kvRSA_SSA_PKCS1_v1_5,
+  kvRSA_PSS,
+  kvRSA_OAEP,
+  kvDSA,
+  kvEC,
+  kvNID,
+  kvDH,
+};
+
 }  // namespace margelo
 
 #endif /* MGLUtils_h */

package/cpp/webcrypto/MGLWebCrypto.cpp

@@ -13,11 +13,13 @@
 
 #ifdef ANDROID
 #include "JSIUtils/MGLJSIMacros.h"
-#include "webcrypto/crypto_ec.h"
+#include "Sig/MGLSignHostObjects.h"
 #include "Utils/MGLUtils.h"
+#include "webcrypto/crypto_ec.h"
 #else
-#include "MGLUtils.h"
 #include "MGLJSIMacros.h"
+#include "MGLSignHostObjects.h"
+#include "MGLUtils.h"
 #include "crypto_ec.h"
 #endif
 
@@ -48,14 +50,22 @@ jsi::Value createWebCryptoObject(jsi::Runtime &rt) {
         if (status != WebCryptoKeyExportStatus::OK) {
             throw jsi::JSError(rt, "error exporting key, status: " + std::to_string(static_cast<int>(status)));
         }
-        JSVariant jsv = JSVariant(std::move(out));
-        return toJSI(rt, jsv);
+        return toJSI(rt, std::move(out));
+    });
+
+    auto signVerify = HOSTFN("signVerify", 4) {
+      auto ssv = SubtleSignVerify();
+      auto params = ssv.GetParamsFromJS(rt, args);
+      ByteSource out;
+      ssv.DoSignVerify(rt, params, out);
+      return ssv.EncodeOutput(rt, params, out);
     });
 
     obj.setProperty(rt,
                     "createKeyObjectHandle",
                     std::move(createKeyObjectHandle));
     obj.setProperty(rt, "ecExportKey", std::move(ecExportKey));
+    obj.setProperty(rt, "signVerify", std::move(signVerify));
     return obj;
 };
 

package/cpp/webcrypto/crypto_ec.cpp

@@ -331,4 +331,110 @@ jsi::Value GetEcKeyDetail(jsi::Runtime &rt,
   return target;
 }
 
+EcKeyPairGenConfig prepareEcKeyGenConfig(jsi::Runtime &rt,
+                                       const jsi::Value *args)
+{
+  EcKeyPairGenConfig config = EcKeyPairGenConfig();
+
+  // curve name
+  std::string curveName = args[1].asString(rt).utf8(rt);
+  config.curve_nid = GetCurveFromName(curveName.c_str());
+
+  // encoding
+  if (CheckIsInt32(args[2].asNumber())) {
+    int encoding = static_cast<int>(args[2].asNumber());
+    if (encoding != OPENSSL_EC_NAMED_CURVE &&
+        encoding != OPENSSL_EC_EXPLICIT_CURVE) {
+      throw jsi::JSError(rt, "Invalid param_encoding specified");
+    } else {
+      config.param_encoding = encoding;
+    }
+  } else {
+    throw jsi::JSError(rt, "Invalid param_encoding specified (not int)");
+  }
+
+  // rest of args for encoding
+  unsigned int offset = 3;
+
+  config.public_key_encoding = ManagedEVPPKey::GetPublicKeyEncodingFromJs(
+      rt, args, &offset, kKeyContextGenerate);
+
+  auto private_key_encoding = ManagedEVPPKey::GetPrivateKeyEncodingFromJs(
+      rt, args, &offset, kKeyContextGenerate);
+
+  if (!private_key_encoding.IsEmpty()) {
+    config.private_key_encoding = private_key_encoding.Release();
+  }
+
+  return config;
+}
+
+EVPKeyCtxPointer setup(std::shared_ptr<EcKeyPairGenConfig> config) {
+  EVPKeyCtxPointer key_ctx;
+  switch (config->curve_nid) {
+    case EVP_PKEY_ED25519:
+      // Fall through
+    case EVP_PKEY_ED448:
+      // Fall through
+    case EVP_PKEY_X25519:
+      // Fall through
+    case EVP_PKEY_X448:
+      key_ctx.reset(EVP_PKEY_CTX_new_id(config->curve_nid, nullptr));
+      break;
+    default: {
+      EVPKeyCtxPointer param_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr));
+      EVP_PKEY* raw_params = nullptr;
+      if (!param_ctx ||
+          EVP_PKEY_paramgen_init(param_ctx.get()) <= 0 ||
+          EVP_PKEY_CTX_set_ec_paramgen_curve_nid(
+              param_ctx.get(), config->curve_nid) <= 0 ||
+          EVP_PKEY_CTX_set_ec_param_enc(
+              param_ctx.get(), config->param_encoding) <= 0 ||
+          EVP_PKEY_paramgen(param_ctx.get(), &raw_params) <= 0) {
+        return EVPKeyCtxPointer();
+      }
+      EVPKeyPointer key_params(raw_params);
+      key_ctx.reset(EVP_PKEY_CTX_new(key_params.get(), nullptr));
+    }
+  }
+
+  if (key_ctx && EVP_PKEY_keygen_init(key_ctx.get()) <= 0)
+    key_ctx.reset();
+
+  return key_ctx;
+}
+
+std::pair<jsi::Value, jsi::Value> generateEcKeyPair(jsi::Runtime& runtime,
+                                                    std::shared_ptr<EcKeyPairGenConfig> config)
+{
+  // TODO: this is all copied from MGLRsa.cpp - template it up like Node?
+
+  EVPKeyCtxPointer ctx = setup(config);
+
+  if (!ctx) {
+    throw jsi::JSError(runtime, "Error on key generation job");
+  }
+
+  // Generate the key
+  EVP_PKEY* pkey = nullptr;
+  if (!EVP_PKEY_keygen(ctx.get(), &pkey)) {
+    throw jsi::JSError(runtime, "Error generating key");
+  }
+
+  config->key = ManagedEVPPKey(EVPKeyPointer(pkey));
+
+  jsi::Value publicBuffer =
+      ManagedEVPPKey::ToEncodedPublicKey(runtime, std::move(config->key),
+                                         config->public_key_encoding);
+  jsi::Value privateBuffer =
+      ManagedEVPPKey::ToEncodedPrivateKey(runtime, std::move(config->key),
+                                          config->private_key_encoding);
+
+  if (publicBuffer.isUndefined() || privateBuffer.isUndefined()) {
+    throw jsi::JSError(runtime, "Failed to encode public and/or private key (EC)");
+  }
+
+  return {std::move(publicBuffer), std::move(privateBuffer)};
+}
+
 } // namespace margelo

package/cpp/webcrypto/crypto_ec.h

@@ -15,9 +15,11 @@
 #ifdef ANDROID
 #include "Utils/MGLUtils.h"
 #include "webcrypto/MGLWebCrypto.h"
+#include "JSIUtils/MGLJSIUtils.h"
 #else
 #include "MGLUtils.h"
 #include "MGLWebCrypto.h"
+#include "MGLJSIUtils.h"
 #endif
 
 
@@ -60,6 +62,22 @@ std::shared_ptr<KeyObjectData> ImportJWKEcKey(jsi::Runtime &rt,
 jsi::Value GetEcKeyDetail(jsi::Runtime &rt,
                           std::shared_ptr<KeyObjectData> key);
 
+struct EcKeyPairGenConfig {
+  PublicKeyEncodingConfig public_key_encoding;
+  PrivateKeyEncodingConfig private_key_encoding;
+  ManagedEVPPKey key;
+
+  int curve_nid;
+  int param_encoding;
+};
+
+EcKeyPairGenConfig prepareEcKeyGenConfig(jsi::Runtime& runtime,
+                                       const jsi::Value* arguments);
+
+std::pair<jsi::Value, jsi::Value> generateEcKeyPair(jsi::Runtime& runtime,
+                                                    std::shared_ptr<EcKeyPairGenConfig> config);
+
+
 } // namespace margelo
 
 #endif /* crypto_ec_hpp */

package/lib/commonjs/Cipher.js

@@ -3,11 +3,12 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
+exports.ECCurve = void 0;
 exports.createCipher = createCipher;
 exports.createCipheriv = createCipheriv;
 exports.createDecipher = createDecipher;
 exports.createDecipheriv = createDecipheriv;
-exports.generateKeyPair = generateKeyPair;
+exports.generateKeyPairPromise = exports.generateKeyPair = void 0;
 exports.generateKeyPairSync = generateKeyPairSync;
 exports.publicEncrypt = exports.publicDecrypt = exports.privateDecrypt = void 0;
 var _NativeQuickCrypto = require("./NativeQuickCrypto/NativeQuickCrypto");
@@ -21,8 +22,11 @@ var _constants = require("./constants");
 var _keys = require("./keys");
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 // @types/node
-
-// make sure that nextTick is there
+let ECCurve = exports.ECCurve = /*#__PURE__*/function (ECCurve) {
+  ECCurve[ECCurve["OPENSSL_EC_EXPLICIT_CURVE"] = 0] = "OPENSSL_EC_EXPLICIT_CURVE";
+  ECCurve[ECCurve["OPENSSL_EC_NAMED_CURVE"] = 1] = "OPENSSL_EC_NAMED_CURVE";
+  return ECCurve;
+}({}); // make sure that nextTick is there
 global.process.nextTick = setImmediate;
 const createInternalCipher = _NativeQuickCrypto.NativeQuickCrypto.createCipher;
 const createInternalDecipher = _NativeQuickCrypto.NativeQuickCrypto.createDecipher;
@@ -252,9 +256,11 @@ function parseKeyEncoding(keyType, options = _Utils.kEmptyObject) {
   }
   return [publicFormat, publicType, privateFormat, privateType, cipher, passphrase];
 }
+
+/** On node a very complex "job" chain is created, we are going for a far simpler approach and calling
+ *  an internal function that basically executes the same byte shuffling on the native side
+ */
 function internalGenerateKeyPair(isAsync, type, options, callback) {
-  // On node a very complex "job" chain is created, we are going for a far simpler approach and calling
-  // an internal function that basically executes the same byte shuffling on the native side
   const encoding = parseKeyEncoding(type, options);
 
   // if (options !== undefined)
@@ -262,84 +268,83 @@ function internalGenerateKeyPair(isAsync, type, options, callback) {
 
   switch (type) {
     case 'rsa-pss':
+    // fallthrough
     case 'rsa':
-      {
-        (0, _Utils.validateObject)(options, 'options');
-        const {
-          modulusLength
-        } = options;
-        (0, _Utils.validateUint32)(modulusLength, 'options.modulusLength');
-        let {
-          publicExponent
-        } = options;
-        if (publicExponent == null) {
-          publicExponent = 0x10001;
-        } else {
-          (0, _Utils.validateUint32)(publicExponent, 'options.publicExponent');
-        }
-        if (type === 'rsa') {
-          if (isAsync) {
-            _NativeQuickCrypto.NativeQuickCrypto.generateKeyPair(_Cipher.RSAKeyVariant.kKeyVariantRSA_SSA_PKCS1_v1_5, modulusLength, publicExponent, ...encoding).then(([err, publicKey, privateKey]) => {
-              if (typeof publicKey === 'object') {
-                publicKey = _reactNativeBuffer.Buffer.from(publicKey);
-              }
-              if (typeof privateKey === 'object') {
-                privateKey = _reactNativeBuffer.Buffer.from(privateKey);
-              }
-              callback?.(err, publicKey, privateKey);
-            }).catch(err => {
-              callback?.(err, undefined, undefined);
-            });
-            return;
-          } else {
-            let [err, publicKey, privateKey] = _NativeQuickCrypto.NativeQuickCrypto.generateKeyPairSync(_Cipher.RSAKeyVariant.kKeyVariantRSA_SSA_PKCS1_v1_5, modulusLength, publicExponent, ...encoding);
-            if (typeof publicKey === 'object') {
+      (0, _Utils.validateObject)(options, 'options');
+      const {
+        modulusLength
+      } = options;
+      (0, _Utils.validateUint32)(modulusLength, 'options.modulusLength');
+      let {
+        publicExponent
+      } = options;
+      if (publicExponent == null) {
+        publicExponent = 0x10001;
+      } else {
+        (0, _Utils.validateUint32)(publicExponent, 'options.publicExponent');
+      }
+      if (type === 'rsa') {
+        if (isAsync) {
+          _NativeQuickCrypto.NativeQuickCrypto.generateKeyPair(_Cipher.KeyVariant.RSA_SSA_PKCS1_v1_5, modulusLength, publicExponent, ...encoding).then(([err, publicKey, privateKey]) => {
+            if (publicKey instanceof _reactNativeBuffer.Buffer) {
               publicKey = _reactNativeBuffer.Buffer.from(publicKey);
             }
-            if (typeof privateKey === 'object') {
+            if (privateKey instanceof _reactNativeBuffer.Buffer) {
               privateKey = _reactNativeBuffer.Buffer.from(privateKey);
             }
-            return [err, publicKey, privateKey];
+            callback(err, publicKey, privateKey);
+          }).catch(err => {
+            callback(err, undefined, undefined);
+          });
+        } else {
+          let [err, publicKey, privateKey] = _NativeQuickCrypto.NativeQuickCrypto.generateKeyPairSync(_Cipher.KeyVariant.RSA_SSA_PKCS1_v1_5, modulusLength, publicExponent, ...encoding);
+          if (publicKey instanceof _reactNativeBuffer.Buffer) {
+            publicKey = _reactNativeBuffer.Buffer.from(publicKey);
+          }
+          if (privateKey instanceof _reactNativeBuffer.Buffer) {
+            privateKey = _reactNativeBuffer.Buffer.from(privateKey);
           }
+          return [err, publicKey, privateKey];
         }
-        const {
-          hash,
-          mgf1Hash,
-          hashAlgorithm,
-          mgf1HashAlgorithm,
-          saltLength
-        } = options;
+      }
+      const {
+        hash,
+        mgf1Hash,
+        hashAlgorithm,
+        mgf1HashAlgorithm,
+        saltLength
+      } = options;
 
-        // // We don't have a process object on RN
-        // // const pendingDeprecation = getOptionValue('--pending-deprecation');
+      // // We don't have a process object on RN
+      // // const pendingDeprecation = getOptionValue('--pending-deprecation');
 
-        if (saltLength !== undefined) (0, _Utils.validateInt32)(saltLength, 'options.saltLength', 0);
-        if (hashAlgorithm !== undefined) (0, _Utils.validateString)(hashAlgorithm, 'options.hashAlgorithm');
-        if (mgf1HashAlgorithm !== undefined) (0, _Utils.validateString)(mgf1HashAlgorithm, 'options.mgf1HashAlgorithm');
-        if (hash !== undefined) {
-          // pendingDeprecation && process.emitWarning(
-          //   '"options.hash" is deprecated, ' +
-          //   'use "options.hashAlgorithm" instead.',
-          //   'DeprecationWarning',
-          //   'DEP0154');
-          (0, _Utils.validateString)(hash, 'options.hash');
-          if (hashAlgorithm && hash !== hashAlgorithm) {
-            throw new Error(`Invalid Argument options.hash ${hash}`);
-          }
+      if (saltLength !== undefined) (0, _Utils.validateInt32)(saltLength, 'options.saltLength', 0);
+      if (hashAlgorithm !== undefined) (0, _Utils.validateString)(hashAlgorithm, 'options.hashAlgorithm');
+      if (mgf1HashAlgorithm !== undefined) (0, _Utils.validateString)(mgf1HashAlgorithm, 'options.mgf1HashAlgorithm');
+      if (hash !== undefined) {
+        // pendingDeprecation && process.emitWarning(
+        //   '"options.hash" is deprecated, ' +
+        //   'use "options.hashAlgorithm" instead.',
+        //   'DeprecationWarning',
+        //   'DEP0154');
+        (0, _Utils.validateString)(hash, 'options.hash');
+        if (hashAlgorithm && hash !== hashAlgorithm) {
+          throw new Error(`Invalid Argument options.hash ${hash}`);
         }
-        if (mgf1Hash !== undefined) {
-          // pendingDeprecation && process.emitWarning(
-          //   '"options.mgf1Hash" is deprecated, ' +
-          //   'use "options.mgf1HashAlgorithm" instead.',
-          //   'DeprecationWarning',
-          //   'DEP0154');
-          (0, _Utils.validateString)(mgf1Hash, 'options.mgf1Hash');
-          if (mgf1HashAlgorithm && mgf1Hash !== mgf1HashAlgorithm) {
-            throw new Error(`Invalid Argument options.mgf1Hash ${mgf1Hash}`);
-          }
+      }
+      if (mgf1Hash !== undefined) {
+        // pendingDeprecation && process.emitWarning(
+        //   '"options.mgf1Hash" is deprecated, ' +
+        //   'use "options.mgf1HashAlgorithm" instead.',
+        //   'DeprecationWarning',
+        //   'DEP0154');
+        (0, _Utils.validateString)(mgf1Hash, 'options.mgf1Hash');
+        if (mgf1HashAlgorithm && mgf1Hash !== mgf1HashAlgorithm) {
+          throw new Error(`Invalid Argument options.mgf1Hash ${mgf1Hash}`);
         }
-        return _NativeQuickCrypto.NativeQuickCrypto.generateKeyPairSync(_Cipher.RSAKeyVariant.kKeyVariantRSA_PSS, modulusLength, publicExponent, hashAlgorithm || hash, mgf1HashAlgorithm || mgf1Hash, saltLength, ...encoding);
       }
+      return _NativeQuickCrypto.NativeQuickCrypto.generateKeyPairSync(_Cipher.KeyVariant.RSA_PSS, modulusLength, publicExponent, hashAlgorithm || hash, mgf1HashAlgorithm || mgf1Hash, saltLength, ...encoding);
+
     // case 'dsa': {
     //   validateObject(options, 'options');
     //   const { modulusLength } = options!;
@@ -356,21 +361,40 @@ function internalGenerateKeyPair(isAsync, type, options, callback) {
     //   //   divisorLength,
     //   //   ...encoding);
     // }
-    // case 'ec': {
-    //   validateObject(options, 'options');
-    //   const { namedCurve } = options!;
-    //   validateString(namedCurve, 'options.namedCurve');
-    //   let { paramEncoding } = options!;
-    //   if (paramEncoding == null || paramEncoding === 'named')
-    //     paramEncoding = OPENSSL_EC_NAMED_CURVE;
-    //   else if (paramEncoding === 'explicit')
-    //     paramEncoding = OPENSSL_EC_EXPLICIT_CURVE;
-    //   else
-    //   throw new Error(`Invalid Argument options.paramEncoding ${paramEncoding}`);
-    //     // throw new ERR_INVALID_ARG_VALUE('options.paramEncoding', paramEncoding);
 
-    //   // return new EcKeyPairGenJob(mode, namedCurve, paramEncoding, ...encoding);
-    // }
+    case 'ec':
+      (0, _Utils.validateObject)(options, 'options');
+      const {
+        namedCurve
+      } = options;
+      (0, _Utils.validateString)(namedCurve, 'options.namedCurve');
+      let paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
+      const {
+        paramEncoding
+      } = options;
+      if (paramEncoding == null || paramEncoding === 'named') paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;else if (paramEncoding === 'explicit') paramEncodingFlag = ECCurve.OPENSSL_EC_EXPLICIT_CURVE;else throw new Error(`Invalid Argument options.paramEncoding ${paramEncoding}`);
+      if (isAsync) {
+        _NativeQuickCrypto.NativeQuickCrypto.generateKeyPair(_Cipher.KeyVariant.EC, namedCurve, paramEncodingFlag, ...encoding).then(([err, publicKey, privateKey]) => {
+          if (publicKey instanceof _reactNativeBuffer.Buffer) {
+            publicKey = _reactNativeBuffer.Buffer.from(publicKey);
+          }
+          if (privateKey instanceof _reactNativeBuffer.Buffer) {
+            privateKey = _reactNativeBuffer.Buffer.from(privateKey);
+          }
+          callback?.(err, publicKey, privateKey);
+        }).catch(err => {
+          callback?.(err, undefined, undefined);
+        });
+      }
+      let [err, publicKey, privateKey] = _NativeQuickCrypto.NativeQuickCrypto.generateKeyPairSync(_Cipher.KeyVariant.EC, namedCurve, paramEncodingFlag, ...encoding);
+      if (publicKey instanceof _reactNativeBuffer.Buffer) {
+        publicKey = _reactNativeBuffer.Buffer.from(publicKey);
+      }
+      if (privateKey instanceof _reactNativeBuffer.Buffer) {
+        privateKey = _reactNativeBuffer.Buffer.from(privateKey);
+      }
+      return [err, publicKey, privateKey];
+
     // case 'ed25519':
     // case 'ed448':
     // case 'x25519':
@@ -434,19 +458,38 @@ function internalGenerateKeyPair(isAsync, type, options, callback) {
     default:
     // Fall through
   }
-  throw new Error(`Invalid Argument options: ${type} scheme not supported. Currently not all encryption methods are supported in quick-crypto!`);
+  const err = new Error(`
+      Invalid Argument options: '${type}' scheme not supported for generateKey().
+      Currently not all encryption methods are supported in quick-crypto.  Check
+      implementation_coverage.md for status.
+    `);
+  return [err, undefined, undefined];
 }
-
-// TODO(osp) put correct types (e.g. type -> 'rsa', etc..)
-
-function generateKeyPair(type, options, callback) {
-  if (typeof options === 'function') {
-    callback = options;
-    options = undefined;
-  }
+const generateKeyPair = (type, options, callback) => {
   (0, _Utils.validateFunction)(callback);
   internalGenerateKeyPair(true, type, options, callback);
-}
+};
+
+// Promisify generateKeyPair
+// (attempted to use util.promisify, to no avail)
+exports.generateKeyPair = generateKeyPair;
+const generateKeyPairPromise = (type, options) => {
+  return new Promise((resolve, reject) => {
+    generateKeyPair(type, options, (err, publicKey, privateKey) => {
+      if (err) {
+        reject([err, undefined]);
+      } else {
+        resolve([undefined, {
+          publicKey,
+          privateKey
+        }]);
+      }
+    });
+  });
+};
+
+// generateKeyPairSync
+exports.generateKeyPairPromise = generateKeyPairPromise;
 function generateKeyPairSync(type, options) {
   const [_, publicKey, privateKey] = internalGenerateKeyPair(false, type, options, undefined);
   return {