react-native-quick-crypto 1.0.0-beta.1 → 1.0.0-beta.10

package/QuickCrypto.podspec

@@ -2,7 +2,7 @@ require "json"
 
 package = JSON.parse(File.read(File.join(__dir__, "package.json")))
 
-Pod::UI.puts "[QuickCrypto] crypto just got quicker 💨"
+Pod::UI.puts "[QuickCrypto]  💨 crypto just got quicker"
 
 Pod::Spec.new do |s|
   s.name         = "QuickCrypto"
@@ -12,7 +12,11 @@ Pod::Spec.new do |s|
   s.license      = package["license"]
   s.authors      = package["authors"]
 
-  s.platforms    = { :ios => min_ios_version_supported }
+  s.ios.deployment_target = 16.0 # min_ios_version_supported (see https://github.com/Expensify/App/pull/53149#issuecomment-2562786065)
+  s.visionos.deployment_target = 1.0
+  s.macos.deployment_target = 10.13
+  s.tvos.deployment_target = 13.4
+
   s.source       = { :git => "https://github.com/margelo/react-native-quick-crypto.git", :tag => "#{s.version}" }
 
   s.source_files = [
@@ -22,13 +26,22 @@ Pod::Spec.new do |s|
     "ios/**/*.{h,m,mm}",
     # implementation (C++)
     "cpp/**/*.{hpp,cpp}",
+    # dependencies (C++)
+    "deps/**/*.{hpp,cpp}",
+    # dependencies (C)
+    "deps/**/*.{h,c}",
   ]
 
+  if ENV["USE_FRAMEWORKS"]
+    s.dependency "React-Core"
+    add_dependency(s, "React-jsinspector", :framework_name => "jsinspector_modern")
+    add_dependency(s, "React-rendererconsistency", :framework_name => "React_rendererconsistency")
+  end
+
   # Add all files generated by Nitrogen
   load 'nitrogen/generated/ios/QuickCrypto+autolinking.rb'
   add_nitrogen_files(s)
 
-  install_modules_dependencies(s)
   s.dependency "OpenSSL-Universal"
-
+  install_modules_dependencies(s)
 end

package/README.md

@@ -0,0 +1,172 @@
+<a href="https://margelo.io">
+  <img src="./docs/img/banner.svg" width="100%" />
+</a>
+
+# ⚡️ react-native-quick-crypto
+
+A fast implementation of Node's `crypto` module.
+
+> Note: This version `1.x` is undergoing a major refactor, porting to New Architecture, Bridgeless, and [`Nitro Modules`](https://github.com/mrousavy/react-native-nitro) and is incomplete compared to the `0.x` version.  Status, as always, will be represented in [implementation-coverage.md](../main/docs/implementation-coverage.md).
+
+> Note: Minimum supported version of React Native is `0.75`.  If you need to use earlier versions, please use `0.x` versions of this library.
+
+## Features
+
+Unlike any other current JS-based polyfills, react-native-quick-crypto is written in C/C++ JSI and provides much greater performance - especially on mobile devices.
+QuickCrypto can be used as a drop-in replacement for your Web3/Crypto apps to speed up common cryptography functions.
+
+- 🏎️ Up to 58x faster than all other solutions
+- ⚡️ Lightning fast implementation with pure C++ and JSI, instead of JS
+- 🧪 Well tested in JS and C++ (OpenSSL)
+- 💰 Made for crypto apps and Wallets
+- 🔢 Secure native compiled cryptography
+- 🔁 Easy drop-in replacement for [crypto-browserify](https://github.com/browserify/crypto-browserify) or [react-native-crypto](https://github.com/tradle/react-native-crypto)
+
+## Versions
+
+| Version | RN Architecture | Modules |
+| ------- | ------ | ------- |
+| `1.x`     | new [->](https://github.com/reactwg/react-native-new-architecture/blob/main/docs/enable-apps.md)  | Nitro Modules [->](https://github.com/margelo/react-native-nitro) |
+| `0.x`     | old  | Bridge & JSI |
+
+## Benchmarks
+
+For example, creating a Wallet using ethers.js uses complex algorithms to generate a private-key/mnemonic-phrase pair:
+
+```ts
+const start = performance.now();
+const wallet = ethers.Wallet.createRandom();
+const end = performance.now();
+console.log(`Creating a Wallet took ${end - start} ms.`);
+```
+
+**Without** react-native-quick-crypto 🐢:
+
+```
+Creating a Wallet took 16862 ms
+```
+
+**With** react-native-quick-crypto ⚡️:
+
+```
+Creating a Wallet took 289 ms
+```
+
+---
+
+## Installation
+
+<h3>
+  React Native  <a href="#"><img src="./docs/img/react-native.png" height="15" /></a>
+</h3>
+
+```sh
+bun add react-native-quick-crypto react-native-nitro-modules
+cd ios && pod install
+```
+
+<h3>
+  Expo  <a href="#"><img src="./docs/img/expo.png" height="12" /></a>
+</h3>
+
+```sh
+expo install react-native-quick-crypto
+expo prebuild
+```
+
+Optional: override `global.Buffer` and `global.crypto` in your application as early as possible for example in index.js.
+
+```ts
+import { install } from 'react-native-quick-crypto';
+
+install();
+```
+
+## Replace `crypto-browserify`
+
+If you are using a library that depends on `crypto`, instead of polyfilling it with `crypto-browserify` (or `react-native-crypto`) you can use `react-native-quick-crypto` for a fully native implementation. This way you can get much faster crypto operations with just a single-line change!
+
+### Using metro config
+
+Use the [`resolveRequest`](https://facebook.github.io/metro/docs/resolution#resolverequest-customresolver) configuration option in your `metro.config.js`
+
+```js
+config.resolver.resolveRequest = (context, moduleName, platform) => {
+  if (moduleName === 'crypto') {
+    // when importing crypto, resolve to react-native-quick-crypto
+    return context.resolveRequest(
+      context,
+      'react-native-quick-crypto',
+      platform,
+    )
+  }
+  // otherwise chain to the standard Metro resolver.
+  return context.resolveRequest(context, moduleName, platform)
+}
+```
+
+### Using babel-plugin-module-resolver
+
+You need to install `babel-plugin-module-resolver`, it's a babel plugin that will alias any imports in the code with the values you pass to it. It tricks any module that will try to import certain dependencies with the native versions we require for React Native.
+
+```sh
+yarn add --dev babel-plugin-module-resolver
+```
+
+Then, in your `babel.config.js`, add the plugin to swap the `crypto`, `stream` and `buffer` dependencies:
+
+```diff
+module.exports = {
+  presets: ['module:metro-react-native-babel-preset'],
+  plugins: [
++   [
++     'module-resolver',
++     {
++       alias: {
++         'crypto': 'react-native-quick-crypto',
++         'stream': 'readable-stream',
++         'buffer': '@craftzdog/react-native-buffer',
++       },
++     },
++   ],
+    ...
+  ],
+};
+```
+
+Then restart your bundler using `yarn start --reset-cache`.
+
+## Usage
+
+For example, to hash a string with SHA256 you can do the following:
+
+```ts
+import QuickCrypto from 'react-native-quick-crypto';
+
+const hashed = QuickCrypto.createHash('sha256')
+  .update('Damn, Margelo writes hella good software!')
+  .digest('hex');
+```
+
+## Limitations
+
+As the library uses JSI for synchronous native methods access, remote debugging (e.g. with Chrome) is no longer possible. Instead, you should use [Flipper](https://fbflipper.com).
+
+Not all cryptographic algorithms are supported yet. See the [implementation coverage](./docs/implementation-coverage.md) document for more details. If you need a specific algorithm, please open a `feature request` issue and we'll see what we can do.
+
+## Community Discord
+
+[Join the Margelo Community Discord](https://discord.gg/6CSHz2qAvA) to chat about react-native-quick-crypto or other Margelo libraries.
+
+## Adopting at scale
+
+react-native-quick-crypto was built at Margelo, an elite app development agency. For enterprise support or other business inquiries, contact us at <a href="mailto:hello@margelo.io?subject=Adopting react-native-quick-crypto at scale">hello@margelo.io</a>!
+
+## Contributing
+
+See the [contributing guide](CONTRIBUTING.md) to learn how to contribute to the repository and the development workflow.
+
+## License
+
+- react-native-quick-crypto is licensed under MIT.
+- react-native-quick-crypto is heavily inspired by NodeJS Crypto, which is licensed under [nodejs/LICENSE](https://github.com/nodejs/node/blob/main/LICENSE).

package/android/CMakeLists.txt

@@ -1,8 +1,7 @@
+project(QuickCrypto)
 cmake_minimum_required(VERSION 3.9.0)
 
-project(QuickCrypto)
 set(PACKAGE_NAME QuickCrypto)
-
 set(CMAKE_VERBOSE_MAKEFILE ON)
 set(CMAKE_CXX_STANDARD 20)
 
@@ -10,17 +9,28 @@ set(CMAKE_CXX_STANDARD 20)
 add_library(
   ${PACKAGE_NAME} SHARED
   src/main/cpp/cpp-adapter.cpp
+  ../cpp/ed25519/HybridEdKeyPair.cpp
+  ../cpp/pbkdf2/HybridPbkdf2.cpp
   ../cpp/random/HybridRandom.cpp
+  ../deps/fastpbkdf2/fastpbkdf2.c
 )
 
-include_directories(../cpp)
+# add Nitrogen specs
 include(${CMAKE_SOURCE_DIR}/../nitrogen/generated/android/QuickCrypto+autolinking.cmake)
 
+# local includes
+include_directories(
+  "src/main/cpp"
+  "../cpp/ed25519"
+  "../cpp/pbkdf2"
+  "../cpp/random"
+  "../cpp/utils"
+  "../deps/fastpbkdf2"
+)
+
 # Third party libraries (Prefabs)
 find_library(LOG_LIB log)
 
-find_package(ReactAndroid REQUIRED CONFIG)
-find_package(fbjni REQUIRED CONFIG)
 find_package(openssl REQUIRED CONFIG)
 
 # Link all libraries together
@@ -28,17 +38,18 @@ target_link_libraries(
   ${PACKAGE_NAME}
   ${LOG_LIB}                             # <-- Logcat logger
   android                                # <-- Android core
-  fbjni::fbjni                           # <-- Facebook C++ JNI helpers
   openssl::crypto                        # <-- OpenSSL (Crypto)
-  ReactAndroid::jsi
-  ReactAndroid::turbomodulejsijni
-  ReactAndroid::react_nativemodule_core
-  ReactAndroid::react_render_core
-  ReactAndroid::runtimeexecutor
-  ReactAndroid::fabricjni
-  ReactAndroid::react_debug
-  ReactAndroid::react_render_core
-  ReactAndroid::react_render_componentregistry
-  ReactAndroid::rrc_view
-  ReactAndroid::folly_runtime
   )
+
+if(ReactAndroid_VERSION_MINOR GREATER_EQUAL 76)
+  target_link_libraries(
+    ${PACKAGE_NAME}
+    ReactAndroid::reactnative             # <-- RN: Native Modules umbrella prefab
+  )
+else()
+  target_link_libraries(
+    ${PACKAGE_NAME}
+    ReactAndroid::turbomodulejsijni
+    ReactAndroid::react_nativemodule_core  # <-- RN: React Native native module core
+  )
+endif()

package/android/build.gradle

@@ -7,7 +7,7 @@ buildscript {
   }
 
   dependencies {
-    classpath "com.android.tools.build:gradle:8.2.2"
+    classpath "com.android.tools.build:gradle:8.7.3"
     classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:${kotlinVersion}"
   }
 }
@@ -49,9 +49,18 @@ android {
 
     externalNativeBuild {
       cmake {
-        cppFlags "-O2 -frtti -fexceptions -Wall -fstack-protector-all"
+        cppFlags "-frtti -fexceptions -Wall -fstack-protector-all"
         arguments "-DANDROID_STL=c++_shared"
         abiFilters (*reactNativeArchitectures())
+
+        buildTypes {
+          debug {
+            cppFlags "-O1 -g"
+          }
+          release {
+            cppFlags "-O2"
+          }
+        }
       }
     }
   }
@@ -67,6 +76,27 @@ android {
     prefab true
   }
 
+packagingOptions {
+    excludes = [
+            "META-INF",
+            "META-INF/**",
+            "**/libc++_shared.so",
+            "**/libfbjni.so",
+            "**/libjsi.so",
+            "**/libfolly_json.so",
+            "**/libfolly_runtime.so",
+            "**/libglog.so",
+            "**/libhermes.so",
+            "**/libhermes-executor-debug.so",
+            "**/libhermes_executor.so",
+            "**/libreactnative.so",
+            "**/libreactnativejni.so",
+            "**/libturbomodulejsijni.so",
+            "**/libreact_nativemodule_core.so",
+            "**/libjscexecutor.so"
+    ]
+  }
+
   buildTypes {
     release {
       minifyEnabled false
@@ -104,8 +134,11 @@ dependencies {
   //noinspection GradleDynamicVersion
   implementation "com.facebook.react:react-native:+"
 
+  // Add a dependency on NitroModules
   implementation project(":react-native-nitro-modules")
-  implementation "com.android.ndk.thirdparty:openssl:1.1.1q-beta-1"
+
+  // Add a dependency on OpenSSL
+  implementation 'io.github.ronickg:openssl:3.3.2'
 }
 
 if (isNewArchitectureEnabled()) {

package/android/src/main/cpp/cpp-adapter.cpp

@@ -1,15 +1,8 @@
+#include <fbjni/fbjni.h>
 #include <jni.h>
 
-#include "random/HybridRandom.hpp"
-#include <NitroModules/HybridObjectRegistry.hpp>
-
-using namespace margelo::nitro::crypto;
-using namespace margelo::crypto;
+#include "QuickCryptoOnLoad.hpp"
 
 JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM* vm, void*) {
-  HybridObjectRegistry::registerHybridObjectConstructor(
-    "Random", []() -> std::shared_ptr<HybridObject> { return std::make_shared<HybridRandom>();
-  });
-
-  return JNI_VERSION_1_2;
+  return facebook::jni::initialize(vm, [=] { margelo::nitro::crypto::initialize(vm); });
 }

package/android/src/main/java/com/margelo/nitro/quickcrypto/QuickCryptoPackage.java

@@ -1,27 +1,21 @@
 package com.margelo.nitro.quickcrypto;
 
 import android.util.Log;
+
 import androidx.annotation.Nullable;
 
 import com.facebook.react.bridge.NativeModule;
 import com.facebook.react.bridge.ReactApplicationContext;
 import com.facebook.react.module.model.ReactModuleInfoProvider;
 import com.facebook.react.TurboReactPackage;
+import com.margelo.nitro.core.HybridObject;
+import com.margelo.nitro.core.HybridObjectRegistry;
 
 import java.util.HashMap;
+import java.util.function.Supplier;
 
 public class QuickCryptoPackage extends TurboReactPackage {
   private static final String TAG = "QuickCrypto";
-  static {
-    try {
-      Log.i(TAG, "Loading C++ library...");
-      System.loadLibrary(TAG);
-      Log.i(TAG, "Successfully loaded C++ library!");
-    } catch (Throwable e) {
-      Log.e(TAG, "Failed to load C++ library! Is it properly installed and linked?", e);
-      throw e;
-    }
-  }
 
   @Nullable
   @Override
@@ -35,4 +29,15 @@ public class QuickCryptoPackage extends TurboReactPackage {
       return new HashMap<>();
     };
   }
+
+  static {
+    try {
+      Log.i(TAG, "Loading C++ library...");
+      System.loadLibrary(TAG);
+      Log.i(TAG, "Successfully loaded C++ library!");
+    } catch (Throwable e) {
+      Log.e(TAG, "Failed to load C++ library! Is it properly installed and linked?", e);
+      throw e;
+    }
+  }
 }

package/cpp/ed25519/HybridEdKeyPair.cpp

@@ -0,0 +1,268 @@
+#include "HybridEdKeyPair.hpp"
+
+#include <memory>
+#include <string>
+
+namespace margelo::nitro::crypto {
+
+std::shared_ptr<Promise<void>>
+HybridEdKeyPair::generateKeyPair(
+  double publicFormat,
+  double publicType,
+  double privateFormat,
+  double privateType,
+  const std::optional<std::string>& cipher,
+  const std::optional<std::shared_ptr<ArrayBuffer>>& passphrase
+) {
+  // get owned NativeArrayBuffers before passing to sync function
+  std::optional<std::shared_ptr<ArrayBuffer>> nativePassphrase = std::nullopt;
+  if (passphrase.has_value()) {
+    nativePassphrase = ToNativeArrayBuffer(passphrase.value());
+  }
+
+  return Promise<void>::async(
+    [this, publicFormat, publicType, privateFormat, privateType, cipher,
+     nativePassphrase]() {
+      this->generateKeyPairSync(
+        publicFormat,
+        publicType,
+        privateFormat,
+        privateType,
+        cipher,
+        nativePassphrase
+      );
+    }
+  );
+}
+
+void
+HybridEdKeyPair::generateKeyPairSync(
+    double publicFormat,
+    double publicType,
+    double privateFormat,
+    double privateType,
+    const std::optional<std::string>& cipher,
+    const std::optional<std::shared_ptr<ArrayBuffer>>& passphrase
+) {
+  EVP_PKEY_CTX* pctx;
+
+  // key context
+  pctx = EVP_PKEY_CTX_new_from_name(nullptr, this->curve.c_str(), nullptr);
+  if (pctx == nullptr) {
+    throw std::runtime_error("Invalid curve name: " + this->curve);
+  }
+
+  // keygen init
+  if (EVP_PKEY_keygen_init(pctx) <= 0) {
+    EVP_PKEY_CTX_free(pctx);
+    throw std::runtime_error("Failed to initialize keygen");
+  }
+
+  // generate key
+  EVP_PKEY_keygen(pctx, &this->pkey);
+  if (this->pkey == nullptr) {
+    EVP_PKEY_CTX_free(pctx);
+    throw std::runtime_error("Failed to generate key");
+  }
+
+  // cleanup
+  EVP_PKEY_CTX_free(pctx);
+}
+
+
+std::shared_ptr<Promise<std::shared_ptr<ArrayBuffer>>>
+HybridEdKeyPair::sign(
+  const std::shared_ptr<ArrayBuffer>& message,
+  const std::optional<std::shared_ptr<ArrayBuffer>>& key
+) {
+  // get owned NativeArrayBuffer before passing to sync function
+  auto nativeMessage = ToNativeArrayBuffer(message);
+  std::optional<std::shared_ptr<ArrayBuffer>> nativeKey = std::nullopt;
+  if (key.has_value()) {
+    nativeKey = ToNativeArrayBuffer(key.value());
+  }
+
+  return Promise<std::shared_ptr<ArrayBuffer>>::async([this, nativeMessage, nativeKey]() {
+      return this->signSync(nativeMessage, nativeKey);
+    }
+  );
+}
+
+std::shared_ptr<ArrayBuffer>
+HybridEdKeyPair::signSync(
+  const std::shared_ptr<ArrayBuffer>& message,
+  const std::optional<std::shared_ptr<ArrayBuffer>>& key
+) {
+
+  size_t sig_len = 0;
+  uint8_t* sig = NULL;
+  EVP_MD_CTX* md_ctx = nullptr;
+  EVP_PKEY_CTX* pkey_ctx = nullptr;
+
+  // get key to use for signing
+  EVP_PKEY* pkey = this->importPrivateKey(key);
+
+  // key context
+  md_ctx = EVP_MD_CTX_new();
+  if (md_ctx == nullptr) {
+    EVP_MD_CTX_free(md_ctx);
+    throw std::runtime_error("Error creating signing context");
+  }
+
+  pkey_ctx = EVP_PKEY_CTX_new_from_name(nullptr, this->curve.c_str(), nullptr);
+  if (pkey_ctx == nullptr) {
+    EVP_PKEY_CTX_free(pkey_ctx);
+    throw std::runtime_error("Error creating signing context: " + this->curve);
+  }
+
+  if (EVP_DigestSignInit(md_ctx, &pkey_ctx, NULL, NULL, pkey) <= 0) {
+    EVP_MD_CTX_free(md_ctx);
+    char* err = ERR_error_string(ERR_get_error(), NULL);
+    throw std::runtime_error("Failed to initialize signing: " + std::string(err));
+  }
+
+  // Calculate the required size for the signature by passing a NULL buffer.
+  if (EVP_DigestSign(md_ctx, NULL, &sig_len, message.get()->data(), message.get()->size()) <= 0) {
+    EVP_MD_CTX_free(md_ctx);
+    throw std::runtime_error("Failed to calculate signature size");
+  }
+  sig = new uint8_t[sig_len];
+
+  // Actually calculate the signature
+  if (EVP_DigestSign(md_ctx, sig, &sig_len, message.get()->data(), message.get()->size()) <= 0) {
+    EVP_MD_CTX_free(md_ctx);
+    throw std::runtime_error("Failed to calculate signature");
+  }
+
+  // return value for JS
+  std::shared_ptr<ArrayBuffer> signature = std::make_shared<NativeArrayBuffer>(
+    sig,
+    sig_len,
+    [=]() { delete[] sig; }
+  );
+
+  // Clean up
+  EVP_MD_CTX_free(md_ctx);
+
+  return signature;
+}
+
+std::shared_ptr<Promise<bool>>
+HybridEdKeyPair::verify(
+  const std::shared_ptr<ArrayBuffer>& signature,
+  const std::shared_ptr<ArrayBuffer>& message,
+  const std::optional<std::shared_ptr<ArrayBuffer>>& key
+) {
+  // get owned NativeArrayBuffers before passing to sync function
+  auto nativeSignature = ToNativeArrayBuffer(signature);
+  auto nativeMessage = ToNativeArrayBuffer(message);
+  std::optional<std::shared_ptr<ArrayBuffer>> nativeKey = std::nullopt;
+  if (key.has_value()) {
+    nativeKey = ToNativeArrayBuffer(key.value());
+  }
+
+  return Promise<bool>::async([this, nativeSignature, nativeMessage, nativeKey]() {
+      return this->verifySync(nativeSignature, nativeMessage, nativeKey);
+    }
+  );
+}
+
+bool
+HybridEdKeyPair::verifySync(
+  const std::shared_ptr<ArrayBuffer>& signature,
+  const std::shared_ptr<ArrayBuffer>& message,
+  const std::optional<std::shared_ptr<ArrayBuffer>>& key
+) {
+  // get key to use for verifying
+  EVP_PKEY* pkey = this->importPrivateKey(key);
+
+  EVP_MD_CTX* md_ctx = nullptr;
+  EVP_PKEY_CTX* pkey_ctx = nullptr;
+
+  // key context
+  md_ctx = EVP_MD_CTX_new();
+  if (md_ctx == nullptr) {
+    EVP_MD_CTX_free(md_ctx);
+    throw std::runtime_error("Error creating verify context");
+  }
+
+  pkey_ctx = EVP_PKEY_CTX_new_from_name(nullptr, this->curve.c_str(), nullptr);
+  if (pkey_ctx == nullptr) {
+    EVP_PKEY_CTX_free(pkey_ctx);
+    throw std::runtime_error("Error creating verify context: " + this->curve);
+  }
+
+  if (EVP_DigestVerifyInit(md_ctx, &pkey_ctx, NULL, NULL, pkey) <= 0) {
+    EVP_MD_CTX_free(md_ctx);
+    char* err = ERR_error_string(ERR_get_error(), NULL);
+    throw std::runtime_error("Failed to initialize verify: " + std::string(err));
+  }
+
+  // verify
+  auto res = EVP_DigestVerify(
+    md_ctx,
+    signature.get()->data(), signature.get()->size(),
+    message.get()->data(), message.get()->size()
+  );
+
+  //return value for JS
+  if (res < 0) {
+    EVP_MD_CTX_free(md_ctx);
+    throw std::runtime_error("Failed to verify");
+  }
+  return res == 1; // true if 1, false if 0
+}
+
+std::shared_ptr<ArrayBuffer>
+HybridEdKeyPair::getPublicKey() {
+  this->checkKeyPair();
+  size_t len = 32;
+  uint8_t* publ = new uint8_t[len];
+  EVP_PKEY_get_raw_public_key(this->pkey, publ, &len);
+
+  return std::make_shared<NativeArrayBuffer>(publ, len, [=]() { delete[] publ; });
+}
+
+std::shared_ptr<ArrayBuffer>
+HybridEdKeyPair::getPrivateKey() {
+  this->checkKeyPair();
+  size_t len = 32;
+  uint8_t* priv = new uint8_t[len];
+  EVP_PKEY_get_raw_private_key(this->pkey, priv, &len);
+
+  return std::make_shared<NativeArrayBuffer>(priv, len, [=]() { delete[] priv; });
+}
+
+void
+HybridEdKeyPair::checkKeyPair() {
+  if (this->pkey == nullptr) {
+    throw std::runtime_error("Keypair not initialized");
+  }
+}
+
+void
+HybridEdKeyPair::setCurve(const std::string& curve) {
+  this->curve = curve;
+}
+
+EVP_PKEY*
+HybridEdKeyPair::importPrivateKey(const std::optional<std::shared_ptr<ArrayBuffer>>& key) {
+  EVP_PKEY* pkey = nullptr;
+  if (key.has_value()) {
+    pkey = EVP_PKEY_new_raw_private_key(
+      EVP_PKEY_ED25519, // TODO: use this->curve somehow
+      NULL,
+      key.value()->data(),
+      32
+    );
+    if (pkey == nullptr) {
+      throw std::runtime_error("Failed to read private key");
+    }
+  } else {
+    this->checkKeyPair();
+    pkey = this->pkey;
+  }
+  return pkey;
+}
+
+} // namespace margelo::nitro::crypto