react-native-quick-crypto 0.7.2 → 0.7.4

package/src/Cipher.ts

@@ -1,5 +1,5 @@
 import { NativeQuickCrypto } from './NativeQuickCrypto/NativeQuickCrypto';
-import Stream from 'readable-stream';
+import Stream, { type TransformOptions } from 'readable-stream';
 import {
   type BinaryLike,
   binaryLikeToArrayBuffer,
@@ -13,6 +13,7 @@ import {
   validateUint32,
   validateInt32,
   type BinaryLikeNode,
+  type CipherType,
 } from './Utils';
 import { type InternalCipher, KeyVariant } from './NativeQuickCrypto/Cipher';
 import type {
@@ -35,11 +36,14 @@ import { Buffer as SBuffer } from 'safe-buffer';
 import { constants } from './constants';
 import {
   CryptoKey,
+  KeyEncoding,
+  KFormatType,
   parsePrivateKeyEncoding,
   parsePublicKeyEncoding,
   preparePrivateKey,
   preparePublicOrPrivateKey,
   type CryptoKeyPair,
+  type EncodingOptions,
   type KeyPairType,
   type NamedCurve,
 } from './keys';
@@ -59,11 +63,11 @@ const _publicEncrypt = NativeQuickCrypto.publicEncrypt;
 const _publicDecrypt = NativeQuickCrypto.publicDecrypt;
 const _privateDecrypt = NativeQuickCrypto.privateDecrypt;
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 function getUIntOption(options: Record<string, any>, key: string) {
   let value;
   if (options && (value = options[key]) != null) {
     // >>> Turns any type into a positive integer (also sets the sign bit to 0)
-    // eslint-disable-next-line no-bitwise
     if (value >>> 0 !== value) throw new Error(`options.${key}: ${value}`);
     return value;
   }
@@ -72,7 +76,7 @@ function getUIntOption(options: Record<string, any>, key: string) {
 
 function normalizeEncoding(enc: string) {
   if (!enc) return 'utf8';
-  var retried;
+  let retried;
   while (true) {
     switch (enc) {
       case 'utf8':
@@ -119,8 +123,8 @@ class CipherCommon extends Stream.Transform {
     cipherType: string,
     cipherKey: BinaryLikeNode,
     isCipher: boolean,
-    options: Record<string, any> = {},
-    iv?: BinaryLike | null
+    options: Record<string, TransformOptions> = {},
+    iv?: BinaryLike | null,
   ) {
     super(options);
     const cipherKeyBuffer = binaryLikeToArrayBuffer(cipherKey);
@@ -144,7 +148,7 @@ class CipherCommon extends Stream.Transform {
   update(
     data: BinaryLike,
     inputEncoding?: CipherEncoding,
-    outputEncoding?: CipherEncoding
+    outputEncoding?: CipherEncoding,
   ): ArrayBuffer | string {
     const defaultEncoding = getDefaultEncoding();
     inputEncoding = inputEncoding ?? defaultEncoding;
@@ -162,14 +166,14 @@ class CipherCommon extends Stream.Transform {
       inputEncoding = inputEncoding === 'buffer' ? 'utf8' : inputEncoding;
       data = binaryLikeToArrayBuffer(data, inputEncoding);
     } else {
-      data = binaryLikeToArrayBuffer(data as any, inputEncoding);
+      data = binaryLikeToArrayBuffer(data as BinaryLikeNode, inputEncoding);
     }
 
     const ret = this.internal.update(data);
 
     if (outputEncoding && outputEncoding !== 'buffer') {
       this.decoder = getDecoder(this.decoder, outputEncoding);
-
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
       return this.decoder!.write(SBuffer.from(ret) as any);
     }
 
@@ -183,7 +187,7 @@ class CipherCommon extends Stream.Transform {
 
     if (outputEncoding && outputEncoding !== 'buffer') {
       this.decoder = getDecoder(this.decoder, outputEncoding);
-
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
       return this.decoder!.end(SBuffer.from(ret) as any);
     }
 
@@ -209,7 +213,7 @@ class CipherCommon extends Stream.Transform {
     buffer: Buffer,
     options?: {
       plaintextLength: number;
-    }
+    },
   ): this {
     this.internal.setAAD({
       data: buffer.buffer,
@@ -232,8 +236,8 @@ class Cipher extends CipherCommon {
   constructor(
     cipherType: string,
     cipherKey: BinaryLikeNode,
-    options: Record<string, any> = {},
-    iv?: BinaryLike | null
+    options: Record<string, TransformOptions> = {},
+    iv?: BinaryLike | null,
   ) {
     if (iv != null) {
       iv = binaryLikeToArrayBuffer(iv);
@@ -246,8 +250,8 @@ class Decipher extends CipherCommon {
   constructor(
     cipherType: string,
     cipherKey: BinaryLikeNode,
-    options: Record<string, any> = {},
-    iv?: BinaryLike | null
+    options: Record<string, TransformOptions> = {},
+    iv?: BinaryLike | null,
   ) {
     if (iv != null) {
       iv = binaryLikeToArrayBuffer(iv);
@@ -260,39 +264,55 @@ class Decipher extends CipherCommon {
 export function createDecipher(
   algorithm: CipherCCMTypes,
   password: BinaryLikeNode,
-  options: CipherCCMOptions
+  options: CipherCCMOptions,
 ): DecipherCCM;
 export function createDecipher(
   algorithm: CipherGCMTypes,
   password: BinaryLikeNode,
-  options?: CipherGCMOptions
+  options?: CipherGCMOptions,
 ): DecipherGCM;
+export function createDecipher(
+  algorithm: CipherType,
+  password: BinaryLikeNode,
+  options?: Stream.TransformOptions,
+): DecipherCCM | DecipherGCM | Decipher;
 export function createDecipher(
   algorithm: string,
   password: BinaryLikeNode,
-  options?: CipherCCMOptions | CipherGCMOptions | Stream.TransformOptions
+  options?: CipherCCMOptions | CipherGCMOptions | Stream.TransformOptions,
 ): DecipherCCM | DecipherGCM | Decipher {
-  return new Decipher(algorithm, password, options);
+  if (options === undefined) options = {};
+  return new Decipher(
+    algorithm,
+    password,
+    options as Record<string, TransformOptions>,
+  );
 }
 
 export function createDecipheriv(
   algorithm: CipherCCMTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options: CipherCCMOptions
+  options: CipherCCMOptions,
 ): DecipherCCM;
 export function createDecipheriv(
   algorithm: CipherOCBTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options: CipherOCBOptions
+  options: CipherOCBOptions,
 ): DecipherOCB;
 export function createDecipheriv(
   algorithm: CipherGCMTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options?: CipherGCMOptions
+  options?: CipherGCMOptions,
 ): DecipherGCM;
+export function createDecipheriv(
+  algorithm: CipherType,
+  key: BinaryLikeNode,
+  iv: BinaryLike | null,
+  options?: Stream.TransformOptions,
+): DecipherCCM | DecipherOCB | DecipherGCM | Decipher;
 export function createDecipheriv(
   algorithm: string,
   key: BinaryLikeNode,
@@ -301,47 +321,67 @@ export function createDecipheriv(
     | CipherCCMOptions
     | CipherOCBOptions
     | CipherGCMOptions
-    | Stream.TransformOptions
+    | Stream.TransformOptions,
 ): DecipherCCM | DecipherOCB | DecipherGCM | Decipher {
-  return new Decipher(algorithm, key, options, iv);
+  return new Decipher(
+    algorithm,
+    key,
+    options as Record<string, TransformOptions>,
+    iv,
+  );
 }
 
 export function createCipher(
   algorithm: CipherCCMTypes,
   password: BinaryLikeNode,
-  options: CipherCCMOptions
+  options: CipherCCMOptions,
 ): CipherCCM;
 export function createCipher(
   algorithm: CipherGCMTypes,
   password: BinaryLikeNode,
-  options?: CipherGCMOptions
+  options?: CipherGCMOptions,
 ): CipherGCM;
+export function createCipher(
+  algorithm: CipherType,
+  password: BinaryLikeNode,
+  options?: Stream.TransformOptions,
+): CipherCCM | CipherGCM | Cipher;
 export function createCipher(
   algorithm: string,
   password: BinaryLikeNode,
-  options?: CipherGCMOptions | CipherCCMOptions | Stream.TransformOptions
+  options?: CipherGCMOptions | CipherCCMOptions | Stream.TransformOptions,
 ): CipherCCM | CipherGCM | Cipher {
-  return new Cipher(algorithm, password, options);
+  return new Cipher(
+    algorithm,
+    password,
+    options as Record<string, TransformOptions>,
+  );
 }
 
 export function createCipheriv(
   algorithm: CipherCCMTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options: CipherCCMOptions
+  options: CipherCCMOptions,
 ): CipherCCM;
 export function createCipheriv(
   algorithm: CipherOCBTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options: CipherOCBOptions
+  options: CipherOCBOptions,
 ): CipherOCB;
 export function createCipheriv(
   algorithm: CipherGCMTypes,
   key: BinaryLikeNode,
   iv: BinaryLike,
-  options?: CipherGCMOptions
+  options?: CipherGCMOptions,
 ): CipherGCM;
+export function createCipheriv(
+  algorithm: CipherType,
+  key: BinaryLikeNode,
+  iv: BinaryLike | null,
+  options?: Stream.TransformOptions,
+): CipherCCM | CipherOCB | CipherGCM | Cipher;
 export function createCipheriv(
   algorithm: string,
   key: BinaryLikeNode,
@@ -350,41 +390,34 @@ export function createCipheriv(
     | CipherCCMOptions
     | CipherOCBOptions
     | CipherGCMOptions
-    | Stream.TransformOptions
+    | Stream.TransformOptions,
 ): CipherCCM | CipherOCB | CipherGCM | Cipher {
-  return new Cipher(algorithm, key, options, iv);
+  return new Cipher(
+    algorithm,
+    key,
+    options as Record<string, TransformOptions>,
+    iv,
+  );
 }
 
 // RSA Functions
 // Follows closely the model implemented in node
 
-// TODO(osp) types...
 function rsaFunctionFor(
   method: (
     data: ArrayBuffer,
-    format: number,
-    type: any,
-    passphrase: any,
+    format: KFormatType,
+    type: KeyEncoding | undefined,
+    passphrase: string | ArrayBuffer | undefined,
     buffer: ArrayBuffer,
     padding: number,
-    oaepHash: any,
-    oaepLabel: any
+    oaepHash: ArrayBuffer | undefined,
+    oaepLabel: ArrayBuffer | undefined,
   ) => Buffer,
   defaultPadding: number,
-  keyType: 'public' | 'private'
+  keyType: 'public' | 'private',
 ) {
-  return (
-    options: {
-      key: any;
-      encoding?: string;
-      format?: any;
-      padding?: any;
-      oaepHash?: any;
-      oaepLabel?: any;
-      passphrase?: string;
-    },
-    buffer: BinaryLike
-  ) => {
+  return (options: EncodingOptions, buffer: BinaryLike) => {
     const { format, type, data, passphrase } =
       keyType === 'private'
         ? preparePrivateKey(options)
@@ -405,7 +438,7 @@ function rsaFunctionFor(
       buffer,
       padding,
       oaepHash,
-      oaepLabel
+      oaepLabel,
     );
 
     return Buffer.from(rawRes);
@@ -415,19 +448,19 @@ function rsaFunctionFor(
 export const publicEncrypt = rsaFunctionFor(
   _publicEncrypt,
   constants.RSA_PKCS1_OAEP_PADDING,
-  'public'
+  'public',
 );
 export const publicDecrypt = rsaFunctionFor(
   _publicDecrypt,
   constants.RSA_PKCS1_PADDING,
-  'public'
+  'public',
 );
 // const privateEncrypt = rsaFunctionFor(_privateEncrypt, constants.RSA_PKCS1_PADDING,
 //   'private');
 export const privateDecrypt = rsaFunctionFor(
   _privateDecrypt,
   constants.RSA_PKCS1_OAEP_PADDING,
-  'private'
+  'private',
 );
 
 //                                   _       _  __          _____      _
@@ -450,11 +483,11 @@ export type GenerateKeyPairOptions = {
   primeLength?: number; // Prime length in bits (DH).
   generator?: number; // Custom generator (DH). Default: 2.
   groupName?: string; // Diffie-Hellman group name (DH). See crypto.getDiffieHellman().
-  publicKeyEncoding?: any; // See keyObject.export().
-  privateKeyEncoding?: any; // See keyObject.export().
+  publicKeyEncoding?: EncodingOptions; // See keyObject.export().
+  privateKeyEncoding?: EncodingOptions; // See keyObject.export().
   paramEncoding?: string;
-  hash?: any;
-  mgf1Hash?: any;
+  hash?: string;
+  mgf1Hash?: string;
 };
 
 export type KeyPairKey = Buffer | KeyObjectHandle | CryptoKey | undefined;
@@ -468,7 +501,7 @@ export type GenerateKeyPairReturn = [
 export type GenerateKeyPairCallback = (
   error?: Error,
   publicKey?: KeyPairKey,
-  privateKey?: KeyPairKey
+  privateKey?: KeyPairKey,
 ) => GenerateKeyPairReturn | void;
 
 export type KeyPair = {
@@ -480,7 +513,7 @@ export type GenerateKeyPairPromiseReturn = [error?: Error, keypair?: KeyPair];
 
 function parseKeyEncoding(
   keyType: string,
-  options: GenerateKeyPairOptions = kEmptyObject
+  options: GenerateKeyPairOptions = kEmptyObject,
 ) {
   const { publicKeyEncoding, privateKeyEncoding } = options;
 
@@ -491,12 +524,12 @@ function parseKeyEncoding(
     ({ format: publicFormat, type: publicType } = parsePublicKeyEncoding(
       publicKeyEncoding,
       keyType,
-      'publicKeyEncoding'
+      'publicKeyEncoding',
     ));
   } else {
     throw new Error(
       'Invalid argument options.publicKeyEncoding',
-      publicKeyEncoding
+      publicKeyEncoding,
     );
   }
 
@@ -512,12 +545,12 @@ function parseKeyEncoding(
     } = parsePrivateKeyEncoding(
       privateKeyEncoding,
       keyType,
-      'privateKeyEncoding'
+      'privateKeyEncoding',
     ));
   } else {
     throw new Error(
       'Invalid argument options.privateKeyEncoding',
-      publicKeyEncoding
+      publicKeyEncoding as ErrorOptions,
     );
   }
 
@@ -537,8 +570,8 @@ function parseKeyEncoding(
 function internalGenerateKeyPair(
   isAsync: boolean,
   type: KeyPairType,
-  options: GenerateKeyPairOptions | undefined,
-  callback?: GenerateKeyPairCallback
+  options?: GenerateKeyPairOptions,
+  callback?: GenerateKeyPairCallback,
 ): GenerateKeyPairReturn | void {
   const encoding = parseKeyEncoding(type, options);
 
@@ -549,99 +582,12 @@ function internalGenerateKeyPair(
     case 'rsa-pss':
     // fallthrough
     case 'rsa':
-      validateObject<GenerateKeyPairOptions>(options, 'options');
-      const { modulusLength } = options!;
-      validateUint32(modulusLength as number, 'options.modulusLength');
-      let { publicExponent } = options!;
-      if (publicExponent == null) {
-        publicExponent = 0x10001;
-      } else {
-        validateUint32(publicExponent, 'options.publicExponent');
-      }
-
-      if (type === 'rsa') {
-        if (isAsync) {
-          NativeQuickCrypto.generateKeyPair(
-            KeyVariant.RSA_SSA_PKCS1_v1_5, // Used also for RSA-OAEP
-            modulusLength as number,
-            publicExponent,
-            ...encoding
-          )
-            .then(([err, publicKey, privateKey]) => {
-              if (publicKey instanceof Buffer) {
-                publicKey = Buffer.from(publicKey);
-              }
-              if (privateKey instanceof Buffer) {
-                privateKey = Buffer.from(privateKey);
-              }
-              callback!(err, publicKey, privateKey);
-            })
-            .catch((err) => {
-              callback!(err, undefined, undefined);
-            });
-        } else {
-          let [err, publicKey, privateKey] =
-            NativeQuickCrypto.generateKeyPairSync(
-              KeyVariant.RSA_SSA_PKCS1_v1_5,
-              modulusLength as number,
-              publicExponent,
-              ...encoding
-            );
-
-          if (publicKey instanceof Buffer) {
-            publicKey = Buffer.from(publicKey);
-          }
-          if (privateKey instanceof Buffer) {
-            privateKey = Buffer.from(privateKey);
-          }
-
-          return [err, publicKey, privateKey];
-        }
-      }
-
-      const { hash, mgf1Hash, hashAlgorithm, mgf1HashAlgorithm, saltLength } =
-        options!;
-
-      // // We don't have a process object on RN
-      // // const pendingDeprecation = getOptionValue('--pending-deprecation');
-
-      if (saltLength !== undefined)
-        validateInt32(saltLength, 'options.saltLength', 0);
-      if (hashAlgorithm !== undefined)
-        validateString(hashAlgorithm, 'options.hashAlgorithm');
-      if (mgf1HashAlgorithm !== undefined)
-        validateString(mgf1HashAlgorithm, 'options.mgf1HashAlgorithm');
-      if (hash !== undefined) {
-        // pendingDeprecation && process.emitWarning(
-        //   '"options.hash" is deprecated, ' +
-        //   'use "options.hashAlgorithm" instead.',
-        //   'DeprecationWarning',
-        //   'DEP0154');
-        validateString(hash, 'options.hash');
-        if (hashAlgorithm && hash !== hashAlgorithm) {
-          throw new Error(`Invalid Argument options.hash ${hash}`);
-        }
-      }
-      if (mgf1Hash !== undefined) {
-        // pendingDeprecation && process.emitWarning(
-        //   '"options.mgf1Hash" is deprecated, ' +
-        //   'use "options.mgf1HashAlgorithm" instead.',
-        //   'DeprecationWarning',
-        //   'DEP0154');
-        validateString(mgf1Hash, 'options.mgf1Hash');
-        if (mgf1HashAlgorithm && mgf1Hash !== mgf1HashAlgorithm) {
-          throw new Error(`Invalid Argument options.mgf1Hash ${mgf1Hash}`);
-        }
-      }
-
-      return NativeQuickCrypto.generateKeyPairSync(
-        KeyVariant.RSA_PSS,
-        modulusLength as number,
-        publicExponent,
-        hashAlgorithm || hash,
-        mgf1HashAlgorithm || mgf1Hash,
-        saltLength,
-        ...encoding
+      return internalRsaGenerateKeyPair(
+        isAsync,
+        type,
+        options,
+        callback,
+        encoding,
       );
 
     // case 'dsa': {
@@ -662,54 +608,13 @@ function internalGenerateKeyPair(
     // }
 
     case 'ec':
-      validateObject<GenerateKeyPairOptions>(options, 'options');
-      const { namedCurve } = options!;
-      validateString(namedCurve, 'options.namedCurve');
-      let paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
-      const { paramEncoding } = options!;
-      if (paramEncoding == null || paramEncoding === 'named')
-        paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
-      else if (paramEncoding === 'explicit')
-        paramEncodingFlag = ECCurve.OPENSSL_EC_EXPLICIT_CURVE;
-      else
-        throw new Error(
-          `Invalid Argument options.paramEncoding ${paramEncoding}`
-        );
-
-      if (isAsync) {
-        NativeQuickCrypto.generateKeyPair(
-          KeyVariant.EC,
-          namedCurve as NamedCurve,
-          paramEncodingFlag,
-          ...encoding
-        )
-          .then(([err, publicKey, privateKey]) => {
-            if (publicKey instanceof Buffer) {
-              publicKey = Buffer.from(publicKey);
-            }
-            if (privateKey instanceof Buffer) {
-              privateKey = Buffer.from(privateKey);
-            }
-            callback?.(err, publicKey, privateKey);
-          })
-          .catch((err) => {
-            callback?.(err, undefined, undefined);
-          });
-      }
-
-      let [err, publicKey, privateKey] = NativeQuickCrypto.generateKeyPairSync(
-        KeyVariant.EC,
-        namedCurve as NamedCurve,
-        paramEncodingFlag,
-        ...encoding
+      return internalEcGenerateKeyPair(
+        isAsync,
+        type,
+        options,
+        callback,
+        encoding,
       );
-      if (publicKey instanceof Buffer) {
-        publicKey = Buffer.from(publicKey);
-      }
-      if (privateKey instanceof Buffer) {
-        privateKey = Buffer.from(privateKey);
-      }
-      return [err, publicKey, privateKey];
 
     // case 'ed25519':
     // case 'ed448':
@@ -782,10 +687,162 @@ function internalGenerateKeyPair(
   return [err, undefined, undefined];
 }
 
+const internalRsaGenerateKeyPair = (
+  isAsync: boolean,
+  type: KeyPairType,
+  options: GenerateKeyPairOptions | undefined,
+  callback: GenerateKeyPairCallback | undefined,
+  encoding: (string | ArrayBuffer | KFormatType | KeyEncoding | undefined)[],
+): GenerateKeyPairReturn | void => {
+  validateObject<GenerateKeyPairOptions>(options, 'options');
+  const { modulusLength } = options!;
+  validateUint32(modulusLength as number, 'options.modulusLength');
+  let { publicExponent } = options!;
+  if (publicExponent == null) {
+    publicExponent = 0x10001;
+  } else {
+    validateUint32(publicExponent, 'options.publicExponent');
+  }
+
+  if (type === 'rsa') {
+    if (isAsync) {
+      NativeQuickCrypto.generateKeyPair(
+        KeyVariant.RSA_SSA_PKCS1_v1_5, // Used also for RSA-OAEP
+        modulusLength as number,
+        publicExponent,
+        ...encoding,
+      )
+        .then(([err, publicKey, privateKey]) => {
+          if (publicKey instanceof Buffer) {
+            publicKey = Buffer.from(publicKey);
+          }
+          if (privateKey instanceof Buffer) {
+            privateKey = Buffer.from(privateKey);
+          }
+          callback!(err, publicKey, privateKey);
+        })
+        .catch((err) => {
+          callback!(err, undefined, undefined);
+        });
+    } else {
+      const [err, publicKey, privateKey] =
+        NativeQuickCrypto.generateKeyPairSync(
+          KeyVariant.RSA_SSA_PKCS1_v1_5,
+          modulusLength as number,
+          publicExponent,
+          ...encoding,
+        );
+
+      const pub =
+        publicKey instanceof Buffer ? Buffer.from(publicKey) : publicKey;
+      const priv =
+        privateKey instanceof Buffer ? Buffer.from(privateKey) : privateKey;
+      return [err, pub, priv];
+    }
+  }
+
+  const { hash, mgf1Hash, hashAlgorithm, mgf1HashAlgorithm, saltLength } =
+    options!;
+
+  // // We don't have a process object on RN
+  // // const pendingDeprecation = getOptionValue('--pending-deprecation');
+
+  if (saltLength !== undefined)
+    validateInt32(saltLength, 'options.saltLength', 0);
+  if (hashAlgorithm !== undefined)
+    validateString(hashAlgorithm, 'options.hashAlgorithm');
+  if (mgf1HashAlgorithm !== undefined)
+    validateString(mgf1HashAlgorithm, 'options.mgf1HashAlgorithm');
+  if (hash !== undefined) {
+    // pendingDeprecation && process.emitWarning(
+    //   '"options.hash" is deprecated, ' +
+    //   'use "options.hashAlgorithm" instead.',
+    //   'DeprecationWarning',
+    //   'DEP0154');
+    validateString(hash, 'options.hash');
+    if (hashAlgorithm && hash !== hashAlgorithm) {
+      throw new Error(`Invalid Argument options.hash ${hash}`);
+    }
+  }
+  if (mgf1Hash !== undefined) {
+    // pendingDeprecation && process.emitWarning(
+    //   '"options.mgf1Hash" is deprecated, ' +
+    //   'use "options.mgf1HashAlgorithm" instead.',
+    //   'DeprecationWarning',
+    //   'DEP0154');
+    validateString(mgf1Hash, 'options.mgf1Hash');
+    if (mgf1HashAlgorithm && mgf1Hash !== mgf1HashAlgorithm) {
+      throw new Error(`Invalid Argument options.mgf1Hash ${mgf1Hash}`);
+    }
+  }
+
+  return NativeQuickCrypto.generateKeyPairSync(
+    KeyVariant.RSA_PSS,
+    modulusLength as number,
+    publicExponent,
+    hashAlgorithm || hash,
+    mgf1HashAlgorithm || mgf1Hash,
+    saltLength,
+    ...encoding,
+  );
+};
+
+const internalEcGenerateKeyPair = (
+  isAsync: boolean,
+  _type: KeyPairType,
+  options: GenerateKeyPairOptions | undefined,
+  callback: GenerateKeyPairCallback | undefined,
+  encoding: (string | ArrayBuffer | KFormatType | KeyEncoding | undefined)[],
+): GenerateKeyPairReturn | void => {
+  validateObject<GenerateKeyPairOptions>(options, 'options');
+  const { namedCurve } = options!;
+  validateString(namedCurve, 'options.namedCurve');
+  let paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
+  const { paramEncoding } = options!;
+  if (paramEncoding == null || paramEncoding === 'named')
+    paramEncodingFlag = ECCurve.OPENSSL_EC_NAMED_CURVE;
+  else if (paramEncoding === 'explicit')
+    paramEncodingFlag = ECCurve.OPENSSL_EC_EXPLICIT_CURVE;
+  else
+    throw new Error(`Invalid Argument options.paramEncoding ${paramEncoding}`);
+
+  if (isAsync) {
+    NativeQuickCrypto.generateKeyPair(
+      KeyVariant.EC,
+      namedCurve as NamedCurve,
+      paramEncodingFlag,
+      ...encoding,
+    )
+      .then(([err, publicKey, privateKey]) => {
+        if (publicKey instanceof Buffer) {
+          publicKey = Buffer.from(publicKey);
+        }
+        if (privateKey instanceof Buffer) {
+          privateKey = Buffer.from(privateKey);
+        }
+        callback?.(err, publicKey, privateKey);
+      })
+      .catch((err) => {
+        callback?.(err, undefined, undefined);
+      });
+  }
+
+  const [err, publicKey, privateKey] = NativeQuickCrypto.generateKeyPairSync(
+    KeyVariant.EC,
+    namedCurve as NamedCurve,
+    paramEncodingFlag,
+    ...encoding,
+  );
+  const pub = publicKey instanceof Buffer ? Buffer.from(publicKey) : publicKey;
+  const priv =
+    privateKey instanceof Buffer ? Buffer.from(privateKey) : privateKey;
+  return [err, pub, priv];
+};
+
 export const generateKeyPair = (
   type: KeyPairType,
   options: GenerateKeyPairOptions,
-  callback: GenerateKeyPairCallback
+  callback: GenerateKeyPairCallback,
 ): void => {
   validateFunction(callback);
   internalGenerateKeyPair(true, type, options, callback);
@@ -795,7 +852,7 @@ export const generateKeyPair = (
 // (attempted to use util.promisify, to no avail)
 export const generateKeyPairPromise = (
   type: KeyPairType,
-  options: GenerateKeyPairOptions
+  options: GenerateKeyPairOptions,
 ): Promise<GenerateKeyPairPromiseReturn> => {
   return new Promise((resolve, reject) => {
     generateKeyPair(type, options, (err, publicKey, privateKey) => {
@@ -812,17 +869,18 @@ export const generateKeyPairPromise = (
 export function generateKeyPairSync(type: KeyPairType): CryptoKeyPair;
 export function generateKeyPairSync(
   type: KeyPairType,
-  options: GenerateKeyPairOptions
+  options: GenerateKeyPairOptions,
 ): CryptoKeyPair;
 export function generateKeyPairSync(
   type: KeyPairType,
-  options?: GenerateKeyPairOptions
+  options?: GenerateKeyPairOptions,
 ): CryptoKeyPair {
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
   const [_, publicKey, privateKey] = internalGenerateKeyPair(
     false,
     type,
     options,
-    undefined
+    undefined,
   )!;
 
   return {