npm - react-native-quick-crypto - Versions diffs - 1.0.0-beta.8 → 1.0.0 - Mend

react-native-quick-crypto 1.0.0-beta.8 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (480) hide show

package/QuickCrypto.podspec +145 -6
package/README.md +14 -27
package/android/CMakeLists.txt +62 -7
package/android/build.gradle +12 -2
package/android/src/main/java/com/margelo/nitro/quickcrypto/QuickCryptoPackage.java +0 -2
package/app.plugin.js +3 -0
package/cpp/blake3/HybridBlake3.cpp +118 -0
package/cpp/blake3/HybridBlake3.hpp +35 -0
package/cpp/cipher/CCMCipher.cpp +199 -0
package/cpp/cipher/CCMCipher.hpp +26 -0
package/cpp/cipher/ChaCha20Cipher.cpp +97 -0
package/cpp/cipher/ChaCha20Cipher.hpp +25 -0
package/cpp/cipher/ChaCha20Poly1305Cipher.cpp +170 -0
package/cpp/cipher/ChaCha20Poly1305Cipher.hpp +30 -0
package/cpp/cipher/GCMCipher.cpp +68 -0
package/cpp/cipher/GCMCipher.hpp +14 -0
package/cpp/cipher/HybridCipher.cpp +322 -0
package/cpp/cipher/HybridCipher.hpp +68 -0
package/cpp/cipher/HybridCipherFactory.hpp +105 -0
package/cpp/cipher/HybridRsaCipher.cpp +348 -0
package/cpp/cipher/HybridRsaCipher.hpp +29 -0
package/cpp/cipher/OCBCipher.cpp +55 -0
package/cpp/cipher/OCBCipher.hpp +19 -0
package/cpp/cipher/XSalsa20Cipher.cpp +61 -0
package/cpp/cipher/XSalsa20Cipher.hpp +33 -0
package/cpp/ec/HybridEcKeyPair.cpp +428 -0
package/cpp/ec/HybridEcKeyPair.hpp +48 -0
package/cpp/ed25519/HybridEdKeyPair.cpp +228 -98
package/cpp/ed25519/HybridEdKeyPair.hpp +42 -56
package/cpp/hash/HybridHash.cpp +185 -0
package/cpp/hash/HybridHash.hpp +43 -0
package/cpp/hmac/HybridHmac.cpp +95 -0
package/cpp/hmac/HybridHmac.hpp +31 -0
package/cpp/keys/HybridKeyObjectHandle.cpp +749 -0
package/cpp/keys/HybridKeyObjectHandle.hpp +51 -0
package/cpp/keys/KeyObjectData.cpp +268 -0
package/cpp/keys/KeyObjectData.hpp +71 -0
package/cpp/keys/node.h +5 -0
package/cpp/pbkdf2/HybridPbkdf2.cpp +34 -55
package/cpp/pbkdf2/HybridPbkdf2.hpp +5 -16
package/cpp/random/HybridRandom.cpp +6 -17
package/cpp/random/HybridRandom.hpp +5 -6
package/cpp/rsa/HybridRsaKeyPair.cpp +154 -0
package/cpp/rsa/HybridRsaKeyPair.hpp +43 -0
package/cpp/sign/HybridSignHandle.cpp +191 -0
package/cpp/sign/HybridSignHandle.hpp +36 -0
package/cpp/sign/HybridVerifyHandle.cpp +158 -0
package/cpp/sign/HybridVerifyHandle.hpp +36 -0
package/cpp/sign/SignUtils.hpp +108 -0
package/cpp/utils/Macros.hpp +68 -0
package/cpp/utils/Utils.hpp +43 -2
package/cpp/utils/base64.h +309 -0
package/deps/blake3/.cargo/config.toml +2 -0
package/deps/blake3/.git-blame-ignore-revs +2 -0
package/deps/blake3/.github/workflows/build_b3sum.py +38 -0
package/deps/blake3/.github/workflows/ci.yml +491 -0
package/deps/blake3/.github/workflows/tag.yml +43 -0
package/deps/blake3/.github/workflows/upload_github_release_asset.py +73 -0
package/deps/blake3/CONTRIBUTING.md +31 -0
package/deps/blake3/Cargo.toml +135 -0
package/deps/blake3/LICENSE_A2 +202 -0
package/deps/blake3/LICENSE_A2LLVM +219 -0
package/deps/blake3/LICENSE_CC0 +121 -0
package/deps/blake3/README.md +229 -0
package/deps/blake3/b3sum/Cargo.lock +513 -0
package/deps/blake3/b3sum/Cargo.toml +26 -0
package/deps/blake3/b3sum/README.md +72 -0
package/deps/blake3/b3sum/src/main.rs +564 -0
package/deps/blake3/b3sum/src/unit_tests.rs +235 -0
package/deps/blake3/b3sum/tests/cli_tests.rs +680 -0
package/deps/blake3/b3sum/what_does_check_do.md +176 -0
package/deps/blake3/benches/bench.rs +623 -0
package/deps/blake3/build.rs +389 -0
package/deps/blake3/c/CMakeLists.txt +383 -0
package/deps/blake3/c/CMakePresets.json +73 -0
package/deps/blake3/c/Makefile.testing +82 -0
package/deps/blake3/c/README.md +403 -0
package/deps/blake3/c/blake3-config.cmake.in +14 -0
package/deps/blake3/c/blake3.c +650 -0
package/deps/blake3/c/blake3.h +86 -0
package/deps/blake3/c/blake3_avx2.c +326 -0
package/deps/blake3/c/blake3_avx2_x86-64_unix.S +1815 -0
package/deps/blake3/c/blake3_avx2_x86-64_windows_gnu.S +1817 -0
package/deps/blake3/c/blake3_avx2_x86-64_windows_msvc.asm +1828 -0
package/deps/blake3/c/blake3_avx512.c +1388 -0
package/deps/blake3/c/blake3_avx512_x86-64_unix.S +4824 -0
package/deps/blake3/c/blake3_avx512_x86-64_windows_gnu.S +2615 -0
package/deps/blake3/c/blake3_avx512_x86-64_windows_msvc.asm +2634 -0
package/deps/blake3/c/blake3_c_rust_bindings/Cargo.toml +32 -0
package/deps/blake3/c/blake3_c_rust_bindings/README.md +4 -0
package/deps/blake3/c/blake3_c_rust_bindings/benches/bench.rs +477 -0
package/deps/blake3/c/blake3_c_rust_bindings/build.rs +253 -0
package/deps/blake3/c/blake3_c_rust_bindings/cross_test.sh +31 -0
package/deps/blake3/c/blake3_c_rust_bindings/src/lib.rs +333 -0
package/deps/blake3/c/blake3_c_rust_bindings/src/test.rs +696 -0
package/deps/blake3/c/blake3_dispatch.c +332 -0
package/deps/blake3/c/blake3_impl.h +333 -0
package/deps/blake3/c/blake3_neon.c +366 -0
package/deps/blake3/c/blake3_portable.c +160 -0
package/deps/blake3/c/blake3_sse2.c +566 -0
package/deps/blake3/c/blake3_sse2_x86-64_unix.S +2291 -0
package/deps/blake3/c/blake3_sse2_x86-64_windows_gnu.S +2332 -0
package/deps/blake3/c/blake3_sse2_x86-64_windows_msvc.asm +2350 -0
package/deps/blake3/c/blake3_sse41.c +560 -0
package/deps/blake3/c/blake3_sse41_x86-64_unix.S +2028 -0
package/deps/blake3/c/blake3_sse41_x86-64_windows_gnu.S +2069 -0
package/deps/blake3/c/blake3_sse41_x86-64_windows_msvc.asm +2089 -0
package/deps/blake3/c/blake3_tbb.cpp +37 -0
package/deps/blake3/c/dependencies/CMakeLists.txt +3 -0
package/deps/blake3/c/dependencies/tbb/CMakeLists.txt +28 -0
package/deps/blake3/c/example.c +36 -0
package/deps/blake3/c/example_tbb.c +57 -0
package/deps/blake3/c/libblake3.pc.in +12 -0
package/deps/blake3/c/main.c +166 -0
package/deps/blake3/c/test.py +97 -0
package/deps/blake3/media/B3.svg +70 -0
package/deps/blake3/media/BLAKE3.svg +85 -0
package/deps/blake3/media/speed.svg +1474 -0
package/deps/blake3/reference_impl/Cargo.toml +8 -0
package/deps/blake3/reference_impl/README.md +14 -0
package/deps/blake3/reference_impl/reference_impl.rs +374 -0
package/deps/blake3/src/ffi_avx2.rs +65 -0
package/deps/blake3/src/ffi_avx512.rs +169 -0
package/deps/blake3/src/ffi_neon.rs +82 -0
package/deps/blake3/src/ffi_sse2.rs +126 -0
package/deps/blake3/src/ffi_sse41.rs +126 -0
package/deps/blake3/src/guts.rs +60 -0
package/deps/blake3/src/hazmat.rs +704 -0
package/deps/blake3/src/io.rs +64 -0
package/deps/blake3/src/join.rs +92 -0
package/deps/blake3/src/lib.rs +1835 -0
package/deps/blake3/src/platform.rs +587 -0
package/deps/blake3/src/portable.rs +198 -0
package/deps/blake3/src/rust_avx2.rs +474 -0
package/deps/blake3/src/rust_sse2.rs +775 -0
package/deps/blake3/src/rust_sse41.rs +766 -0
package/deps/blake3/src/test.rs +1049 -0
package/deps/blake3/src/traits.rs +227 -0
package/deps/blake3/src/wasm32_simd.rs +794 -0
package/deps/blake3/test_vectors/Cargo.toml +19 -0
package/deps/blake3/test_vectors/cross_test.sh +25 -0
package/deps/blake3/test_vectors/src/bin/generate.rs +4 -0
package/deps/blake3/test_vectors/src/lib.rs +350 -0
package/deps/blake3/test_vectors/test_vectors.json +217 -0
package/deps/blake3/tools/compiler_version/Cargo.toml +7 -0
package/deps/blake3/tools/compiler_version/build.rs +6 -0
package/deps/blake3/tools/compiler_version/src/main.rs +27 -0
package/deps/blake3/tools/instruction_set_support/Cargo.toml +6 -0
package/deps/blake3/tools/instruction_set_support/src/main.rs +10 -0
package/deps/blake3/tools/release.md +16 -0
package/deps/fastpbkdf2/fastpbkdf2.c +5 -1
package/deps/ncrypto/ncrypto.cc +4679 -0
package/deps/ncrypto/ncrypto.h +1625 -0
package/lib/commonjs/blake3.js +98 -0
package/lib/commonjs/blake3.js.map +1 -0
package/lib/commonjs/cipher.js +180 -0
package/lib/commonjs/cipher.js.map +1 -0
package/lib/commonjs/constants.js +32 -0
package/lib/commonjs/constants.js.map +1 -0
package/lib/commonjs/ec.js +480 -0
package/lib/commonjs/ec.js.map +1 -0
package/lib/commonjs/ed.js +214 -2
package/lib/commonjs/ed.js.map +1 -1
package/lib/commonjs/expo-plugin/@types.js +2 -0
package/lib/commonjs/expo-plugin/@types.js.map +1 -0
package/lib/commonjs/expo-plugin/withRNQC.js +25 -0
package/lib/commonjs/expo-plugin/withRNQC.js.map +1 -0
package/lib/commonjs/expo-plugin/withSodiumAndroid.js +25 -0
package/lib/commonjs/expo-plugin/withSodiumAndroid.js.map +1 -0
package/lib/commonjs/expo-plugin/withSodiumIos.js +26 -0
package/lib/commonjs/expo-plugin/withSodiumIos.js.map +1 -0
package/lib/commonjs/expo-plugin/withXCode.js +51 -0
package/lib/commonjs/expo-plugin/withXCode.js.map +1 -0
package/lib/commonjs/hash.js +215 -0
package/lib/commonjs/hash.js.map +1 -0
package/lib/commonjs/hmac.js +109 -0
package/lib/commonjs/hmac.js.map +1 -0
package/lib/commonjs/index.js +102 -24
package/lib/commonjs/index.js.map +1 -1
package/lib/commonjs/keys/classes.js +109 -52
package/lib/commonjs/keys/classes.js.map +1 -1
package/lib/commonjs/keys/generateKeyPair.js +141 -144
package/lib/commonjs/keys/generateKeyPair.js.map +1 -1
package/lib/commonjs/keys/index.js +229 -0
package/lib/commonjs/keys/index.js.map +1 -1
package/lib/commonjs/keys/publicCipher.js +152 -0
package/lib/commonjs/keys/publicCipher.js.map +1 -0
package/lib/commonjs/keys/signVerify.js +178 -39
package/lib/commonjs/keys/signVerify.js.map +1 -1
package/lib/commonjs/keys/utils.js +18 -13
package/lib/commonjs/keys/utils.js.map +1 -1
package/lib/commonjs/pbkdf2.js.map +1 -1
package/lib/commonjs/random.js +6 -0
package/lib/commonjs/random.js.map +1 -1
package/lib/commonjs/rsa.js +202 -0
package/lib/commonjs/rsa.js.map +1 -0
package/lib/commonjs/specs/blake3.nitro.js +6 -0
package/lib/commonjs/specs/blake3.nitro.js.map +1 -0
package/lib/commonjs/specs/cipher.nitro.js +6 -0
package/lib/commonjs/specs/cipher.nitro.js.map +1 -0
package/lib/commonjs/specs/ecKeyPair.nitro.js +6 -0
package/lib/commonjs/specs/ecKeyPair.nitro.js.map +1 -0
package/lib/commonjs/specs/hash.nitro.js +6 -0
package/lib/commonjs/specs/hash.nitro.js.map +1 -0
package/lib/commonjs/specs/hmac.nitro.js +6 -0
package/lib/commonjs/specs/hmac.nitro.js.map +1 -0
package/lib/commonjs/specs/rsaCipher.nitro.js +6 -0
package/lib/commonjs/specs/rsaCipher.nitro.js.map +1 -0
package/lib/commonjs/specs/rsaKeyPair.nitro.js +6 -0
package/lib/commonjs/specs/rsaKeyPair.nitro.js.map +1 -0
package/lib/commonjs/specs/sign.nitro.js +6 -0
package/lib/commonjs/specs/sign.nitro.js.map +1 -0
package/lib/commonjs/subtle.js +987 -0
package/lib/commonjs/subtle.js.map +1 -0
package/lib/commonjs/utils/cipher.js +64 -0
package/lib/commonjs/utils/cipher.js.map +1 -0
package/lib/commonjs/utils/conversion.js +44 -5
package/lib/commonjs/utils/conversion.js.map +1 -1
package/lib/commonjs/utils/hashnames.js +2 -1
package/lib/commonjs/utils/hashnames.js.map +1 -1
package/lib/commonjs/utils/index.js +11 -0
package/lib/commonjs/utils/index.js.map +1 -1
package/lib/commonjs/utils/noble.js +82 -0
package/lib/commonjs/utils/noble.js.map +1 -0
package/lib/commonjs/utils/types.js +32 -17
package/lib/commonjs/utils/types.js.map +1 -1
package/lib/commonjs/utils/validation.js +74 -1
package/lib/commonjs/utils/validation.js.map +1 -1
package/lib/module/blake3.js +90 -0
package/lib/module/blake3.js.map +1 -0
package/lib/module/cipher.js +173 -0
package/lib/module/cipher.js.map +1 -0
package/lib/module/constants.js +28 -0
package/lib/module/constants.js.map +1 -0
package/lib/module/ec.js +470 -0
package/lib/module/ec.js.map +1 -0
package/lib/module/ed.js +212 -3
package/lib/module/ed.js.map +1 -1
package/lib/module/expo-plugin/@types.js +2 -0
package/lib/module/expo-plugin/@types.js.map +1 -0
package/lib/module/expo-plugin/withRNQC.js +21 -0
package/lib/module/expo-plugin/withRNQC.js.map +1 -0
package/lib/module/expo-plugin/withSodiumAndroid.js +20 -0
package/lib/module/expo-plugin/withSodiumAndroid.js.map +1 -0
package/lib/module/expo-plugin/withSodiumIos.js +20 -0
package/lib/module/expo-plugin/withSodiumIos.js.map +1 -0
package/lib/module/expo-plugin/withXCode.js +46 -0
package/lib/module/expo-plugin/withXCode.js.map +1 -0
package/lib/module/hash.js +207 -0
package/lib/module/hash.js.map +1 -0
package/lib/module/hmac.js +104 -0
package/lib/module/hmac.js.map +1 -0
package/lib/module/index.js +21 -21
package/lib/module/index.js.map +1 -1
package/lib/module/keys/classes.js +106 -49
package/lib/module/keys/classes.js.map +1 -1
package/lib/module/keys/generateKeyPair.js +134 -143
package/lib/module/keys/generateKeyPair.js.map +1 -1
package/lib/module/keys/index.js +161 -22
package/lib/module/keys/index.js.map +1 -1
package/lib/module/keys/publicCipher.js +145 -0
package/lib/module/keys/publicCipher.js.map +1 -0
package/lib/module/keys/signVerify.js +170 -39
package/lib/module/keys/signVerify.js.map +1 -1
package/lib/module/keys/utils.js +16 -12
package/lib/module/keys/utils.js.map +1 -1
package/lib/module/pbkdf2.js.map +1 -1
package/lib/module/random.js +6 -0
package/lib/module/random.js.map +1 -1
package/lib/module/rsa.js +194 -0
package/lib/module/rsa.js.map +1 -0
package/lib/module/specs/blake3.nitro.js +4 -0
package/lib/module/specs/blake3.nitro.js.map +1 -0
package/lib/module/specs/cipher.nitro.js +4 -0
package/lib/module/specs/cipher.nitro.js.map +1 -0
package/lib/module/specs/ecKeyPair.nitro.js +4 -0
package/lib/module/specs/ecKeyPair.nitro.js.map +1 -0
package/lib/module/specs/hash.nitro.js +4 -0
package/lib/module/specs/hash.nitro.js.map +1 -0
package/lib/module/specs/hmac.nitro.js +4 -0
package/lib/module/specs/hmac.nitro.js.map +1 -0
package/lib/module/specs/rsaCipher.nitro.js +4 -0
package/lib/module/specs/rsaCipher.nitro.js.map +1 -0
package/lib/module/specs/rsaKeyPair.nitro.js +4 -0
package/lib/module/specs/rsaKeyPair.nitro.js.map +1 -0
package/lib/module/specs/sign.nitro.js +4 -0
package/lib/module/specs/sign.nitro.js.map +1 -0
package/lib/module/subtle.js +982 -0
package/lib/module/subtle.js.map +1 -0
package/lib/module/utils/cipher.js +56 -0
package/lib/module/utils/cipher.js.map +1 -0
package/lib/module/utils/conversion.js +26 -5
package/lib/module/utils/conversion.js.map +1 -1
package/lib/module/utils/hashnames.js +2 -1
package/lib/module/utils/hashnames.js.map +1 -1
package/lib/module/utils/index.js +1 -0
package/lib/module/utils/index.js.map +1 -1
package/lib/module/utils/noble.js +76 -0
package/lib/module/utils/noble.js.map +1 -0
package/lib/module/utils/types.js +32 -17
package/lib/module/utils/types.js.map +1 -1
package/lib/module/utils/validation.js +69 -1
package/lib/module/utils/validation.js.map +1 -1
package/lib/tsconfig.tsbuildinfo +1 -1
package/lib/typescript/blake3.d.ts +33 -0
package/lib/typescript/blake3.d.ts.map +1 -0
package/lib/typescript/cipher.d.ts +60 -0
package/lib/typescript/cipher.d.ts.map +1 -0
package/lib/typescript/constants.d.ts +21 -0
package/lib/typescript/constants.d.ts.map +1 -0
package/lib/typescript/ec.d.ts +22 -0
package/lib/typescript/ec.d.ts.map +1 -0
package/lib/typescript/ed.d.ts +28 -1
package/lib/typescript/ed.d.ts.map +1 -1
package/lib/typescript/expo-plugin/@types.d.ts +8 -0
package/lib/typescript/expo-plugin/@types.d.ts.map +1 -0
package/lib/typescript/expo-plugin/withRNQC.d.ts +4 -0
package/lib/typescript/expo-plugin/withRNQC.d.ts.map +1 -0
package/lib/typescript/expo-plugin/withSodiumAndroid.d.ts +4 -0
package/lib/typescript/expo-plugin/withSodiumAndroid.d.ts.map +1 -0
package/lib/typescript/expo-plugin/withSodiumIos.d.ts +4 -0
package/lib/typescript/expo-plugin/withSodiumIos.d.ts.map +1 -0
package/lib/typescript/expo-plugin/withXCode.d.ts +9 -0
package/lib/typescript/expo-plugin/withXCode.d.ts.map +1 -0
package/lib/typescript/hash.d.ts +122 -0
package/lib/typescript/hash.d.ts.map +1 -0
package/lib/typescript/hmac.d.ts +66 -0
package/lib/typescript/hmac.d.ts.map +1 -0
package/lib/typescript/index.d.ts +102 -10
package/lib/typescript/index.d.ts.map +1 -1
package/lib/typescript/keys/classes.d.ts +50 -8
package/lib/typescript/keys/classes.d.ts.map +1 -1
package/lib/typescript/keys/generateKeyPair.d.ts +5 -0
package/lib/typescript/keys/generateKeyPair.d.ts.map +1 -1
package/lib/typescript/keys/index.d.ts +22 -2
package/lib/typescript/keys/index.d.ts.map +1 -1
package/lib/typescript/keys/publicCipher.d.ts +20 -0
package/lib/typescript/keys/publicCipher.d.ts.map +1 -0
package/lib/typescript/keys/signVerify.d.ts +28 -0
package/lib/typescript/keys/signVerify.d.ts.map +1 -1
package/lib/typescript/keys/utils.d.ts +3 -1
package/lib/typescript/keys/utils.d.ts.map +1 -1
package/lib/typescript/pbkdf2.d.ts +1 -1
package/lib/typescript/pbkdf2.d.ts.map +1 -1
package/lib/typescript/random.d.ts +6 -0
package/lib/typescript/random.d.ts.map +1 -1
package/lib/typescript/rsa.d.ts +19 -0
package/lib/typescript/rsa.d.ts.map +1 -0
package/lib/typescript/specs/blake3.nitro.d.ts +15 -0
package/lib/typescript/specs/blake3.nitro.d.ts.map +1 -0
package/lib/typescript/specs/cipher.nitro.d.ts +29 -0
package/lib/typescript/specs/cipher.nitro.d.ts.map +1 -0
package/lib/typescript/specs/ecKeyPair.nitro.d.ts +20 -0
package/lib/typescript/specs/ecKeyPair.nitro.d.ts.map +1 -0
package/lib/typescript/specs/edKeyPair.nitro.d.ts +1 -0
package/lib/typescript/specs/edKeyPair.nitro.d.ts.map +1 -1
package/lib/typescript/specs/hash.nitro.d.ts +13 -0
package/lib/typescript/specs/hash.nitro.d.ts.map +1 -0
package/lib/typescript/specs/hmac.nitro.d.ts +10 -0
package/lib/typescript/specs/hmac.nitro.d.ts.map +1 -0
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts +1 -1
package/lib/typescript/specs/keyObjectHandle.nitro.d.ts.map +1 -1
package/lib/typescript/specs/rsaCipher.nitro.d.ts +44 -0
package/lib/typescript/specs/rsaCipher.nitro.d.ts.map +1 -0
package/lib/typescript/specs/rsaKeyPair.nitro.d.ts +20 -0
package/lib/typescript/specs/rsaKeyPair.nitro.d.ts.map +1 -0
package/lib/typescript/specs/sign.nitro.d.ts +19 -0
package/lib/typescript/specs/sign.nitro.d.ts.map +1 -0
package/lib/typescript/subtle.d.ts +17 -0
package/lib/typescript/subtle.d.ts.map +1 -0
package/lib/typescript/utils/cipher.d.ts +7 -0
package/lib/typescript/utils/cipher.d.ts.map +1 -0
package/lib/typescript/utils/conversion.d.ts +1 -0
package/lib/typescript/utils/conversion.d.ts.map +1 -1
package/lib/typescript/utils/hashnames.d.ts +3 -1
package/lib/typescript/utils/hashnames.d.ts.map +1 -1
package/lib/typescript/utils/index.d.ts +1 -0
package/lib/typescript/utils/index.d.ts.map +1 -1
package/lib/typescript/utils/noble.d.ts +19 -0
package/lib/typescript/utils/noble.d.ts.map +1 -0
package/lib/typescript/utils/types.d.ts +125 -23
package/lib/typescript/utils/types.d.ts.map +1 -1
package/lib/typescript/utils/validation.d.ts +5 -0
package/lib/typescript/utils/validation.d.ts.map +1 -1
package/nitrogen/generated/.gitattributes +1 -0
package/nitrogen/generated/android/QuickCrypto+autolinking.cmake +30 -1
package/nitrogen/generated/android/QuickCrypto+autolinking.gradle +1 -1
package/nitrogen/generated/android/QuickCryptoOnLoad.cpp +115 -1
package/nitrogen/generated/android/QuickCryptoOnLoad.hpp +1 -1
package/nitrogen/generated/android/kotlin/com/margelo/nitro/crypto/QuickCryptoOnLoad.kt +35 -0
package/nitrogen/generated/ios/QuickCrypto+autolinking.rb +3 -1
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Bridge.cpp +1 -1
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Bridge.hpp +1 -1
package/nitrogen/generated/ios/QuickCrypto-Swift-Cxx-Umbrella.hpp +3 -3
package/nitrogen/generated/ios/QuickCryptoAutolinking.mm +111 -1
package/nitrogen/generated/ios/QuickCryptoAutolinking.swift +1 -1
package/nitrogen/generated/shared/c++/AsymmetricKeyType.hpp +104 -0
package/nitrogen/generated/shared/c++/CipherArgs.hpp +86 -0
package/nitrogen/generated/shared/c++/HybridBlake3Spec.cpp +28 -0
package/nitrogen/generated/shared/c++/HybridBlake3Spec.hpp +76 -0
package/nitrogen/generated/shared/c++/HybridCipherFactorySpec.cpp +21 -0
package/nitrogen/generated/shared/c++/HybridCipherFactorySpec.hpp +67 -0
package/nitrogen/generated/shared/c++/HybridCipherSpec.cpp +28 -0
package/nitrogen/generated/shared/c++/HybridCipherSpec.hpp +76 -0
package/nitrogen/generated/shared/c++/HybridEcKeyPairSpec.cpp +29 -0
package/nitrogen/generated/shared/c++/HybridEcKeyPairSpec.hpp +77 -0
package/nitrogen/generated/shared/c++/HybridEdKeyPairSpec.cpp +2 -1
package/nitrogen/generated/shared/c++/HybridEdKeyPairSpec.hpp +5 -4
package/nitrogen/generated/shared/c++/HybridHashSpec.cpp +26 -0
package/nitrogen/generated/shared/c++/HybridHashSpec.hpp +75 -0
package/nitrogen/generated/shared/c++/HybridHmacSpec.cpp +23 -0
package/nitrogen/generated/shared/c++/HybridHmacSpec.hpp +66 -0
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridKeyObjectHandleSpec.hpp +8 -8
package/nitrogen/generated/shared/c++/HybridPbkdf2Spec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridPbkdf2Spec.hpp +3 -3
package/nitrogen/generated/shared/c++/HybridRandomSpec.cpp +1 -1
package/nitrogen/generated/shared/c++/HybridRandomSpec.hpp +3 -3
package/nitrogen/generated/shared/c++/HybridRsaCipherSpec.cpp +24 -0
package/nitrogen/generated/shared/c++/HybridRsaCipherSpec.hpp +72 -0
package/nitrogen/generated/shared/c++/HybridRsaKeyPairSpec.cpp +29 -0
package/nitrogen/generated/shared/c++/HybridRsaKeyPairSpec.hpp +77 -0
package/nitrogen/generated/shared/c++/HybridSignHandleSpec.cpp +23 -0
package/nitrogen/generated/shared/c++/HybridSignHandleSpec.hpp +71 -0
package/nitrogen/generated/shared/c++/HybridVerifyHandleSpec.cpp +23 -0
package/nitrogen/generated/shared/c++/HybridVerifyHandleSpec.hpp +71 -0
package/nitrogen/generated/shared/c++/JWK.hpp +17 -18
package/nitrogen/generated/shared/c++/JWKkty.hpp +12 -14
package/nitrogen/generated/shared/c++/JWKuse.hpp +8 -10
package/nitrogen/generated/shared/c++/KFormatType.hpp +14 -16
package/nitrogen/generated/shared/c++/KeyDetail.hpp +6 -7
package/nitrogen/generated/shared/c++/KeyEncoding.hpp +15 -17
package/nitrogen/generated/shared/c++/KeyObject.hpp +67 -0
package/nitrogen/generated/shared/c++/KeyType.hpp +11 -13
package/nitrogen/generated/shared/c++/KeyUsage.hpp +38 -24
package/nitrogen/generated/shared/c++/NamedCurve.hpp +10 -12
package/package.json +28 -23
package/src/blake3.ts +123 -0
package/src/cipher.ts +335 -0
package/src/constants.ts +32 -0
package/src/ec.ts +657 -0
package/src/ed.ts +297 -13
package/src/expo-plugin/@types.ts +7 -0
package/src/expo-plugin/withRNQC.ts +23 -0
package/src/expo-plugin/withSodiumAndroid.ts +24 -0
package/src/expo-plugin/withSodiumIos.ts +30 -0
package/src/expo-plugin/withXCode.ts +55 -0
package/src/hash.ts +274 -0
package/src/hmac.ts +135 -0
package/src/index.ts +20 -20
package/src/keys/classes.ts +148 -55
package/src/keys/generateKeyPair.ts +177 -134
package/src/keys/index.ts +226 -14
package/src/keys/publicCipher.ts +229 -0
package/src/keys/signVerify.ts +239 -39
package/src/keys/utils.ts +24 -18
package/src/pbkdf2.ts +1 -1
package/src/random.ts +7 -0
package/src/rsa.ts +310 -0
package/src/specs/blake3.nitro.ts +12 -0
package/src/specs/cipher.nitro.ts +25 -0
package/src/specs/ecKeyPair.nitro.ts +38 -0
package/src/specs/edKeyPair.nitro.ts +2 -0
package/src/specs/hash.nitro.ts +10 -0
package/src/specs/hmac.nitro.ts +7 -0
package/src/specs/keyObjectHandle.nitro.ts +1 -1
package/src/specs/rsaCipher.nitro.ts +65 -0
package/src/specs/rsaKeyPair.nitro.ts +33 -0
package/src/specs/sign.nitro.ts +31 -0
package/src/subtle.ts +1436 -0
package/src/utils/cipher.ts +60 -0
package/src/utils/conversion.ts +33 -4
package/src/utils/hashnames.ts +4 -2
package/src/utils/index.ts +1 -0
package/src/utils/noble.ts +85 -0
package/src/utils/types.ts +209 -29
package/src/utils/validation.ts +96 -1
package/lib/module/package.json +0 -1
package/nitrogen/generated/android/QuickCryptoOnLoad.kt +0 -1
package/nitrogen/generated/shared/c++/CFRGKeyPairType.hpp +0 -86

package/cpp/keys/HybridKeyObjectHandle.cpp ADDED Viewed

@@ -0,0 +1,749 @@
+#include <cstdio>
+#include <stdexcept>
+#include "../utils/base64.h"
+#include "HybridKeyObjectHandle.hpp"
+#include "Utils.hpp"
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/evp.h>
+#include <openssl/obj_mac.h>
+#include <openssl/rsa.h>
+namespace margelo::nitro::crypto {
+// Helper functions for base64url encoding/decoding with BIGNUMs
+static std::string bn_to_base64url(const BIGNUM* bn, size_t expected_size = 0) {
+  if (!bn)
+    return "";
+  int num_bytes = BN_num_bytes(bn);
+  if (num_bytes == 0)
+    return "";
+  // If expected_size is provided and larger than num_bytes, pad with leading zeros
+  size_t buffer_size =
+      (expected_size > 0 && expected_size > static_cast<size_t>(num_bytes)) ? expected_size : static_cast<size_t>(num_bytes);
+  std::vector<unsigned char> buffer(buffer_size, 0);
+  // BN_bn2bin writes to the end of the buffer if it's larger than needed
+  size_t offset = buffer_size - num_bytes;
+  BN_bn2bin(bn, buffer.data() + offset);
+  // Return clean base64url - RFC 7517 compliant (no padding characters)
+  return base64_encode<std::string>(buffer.data(), buffer.size(), true);
+}
+// Helper to add padding to base64url strings
+static std::string add_base64_padding(const std::string& b64) {
+  std::string padded = b64;
+  // Base64 strings should be a multiple of 4 characters
+  // Add '=' padding to make it so
+  while (padded.length() % 4 != 0) {
+    padded += '=';
+  }
+  return padded;
+}
+static BIGNUM* base64url_to_bn(const std::string& b64) {
+  if (b64.empty())
+    return nullptr;
+  try {
+    // Strip trailing periods (some JWK implementations use '.' as padding)
+    std::string cleaned = b64;
+    while (!cleaned.empty() && cleaned.back() == '.') {
+      cleaned.pop_back();
+    }
+    // Add padding if needed for base64url
+    std::string padded = add_base64_padding(cleaned);
+    std::string decoded = base64_decode<std::string>(padded, false);
+    if (decoded.empty())
+      return nullptr;
+    return BN_bin2bn(reinterpret_cast<const unsigned char*>(decoded.data()), static_cast<int>(decoded.size()), nullptr);
+  } catch (const std::exception& e) {
+    throw std::runtime_error(std::string("Input is not valid base64-encoded data."));
+  }
+}
+static std::string base64url_encode(const unsigned char* data, size_t len) {
+  return base64_encode<std::string>(data, len, true);
+}
+static std::string base64url_decode(const std::string& input) {
+  // Strip trailing periods (some JWK implementations use '.' as padding)
+  std::string cleaned = input;
+  while (!cleaned.empty() && cleaned.back() == '.') {
+    cleaned.pop_back();
+  }
+  // Add padding if needed for base64url
+  std::string padded = add_base64_padding(cleaned);
+  return base64_decode<std::string>(padded, false);
+}
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportKey(std::optional<KFormatType> format, std::optional<KeyEncoding> type,
+                                                              const std::optional<std::string>& cipher,
+                                                              const std::optional<std::shared_ptr<ArrayBuffer>>& passphrase) {
+  auto keyType = data_.GetKeyType();
+  // Handle secret keys
+  if (keyType == KeyType::SECRET) {
+    return data_.GetSymmetricKey();
+  }
+  // Handle asymmetric keys (public/private)
+  if (keyType == KeyType::PUBLIC || keyType == KeyType::PRIVATE) {
+    const auto& pkey = data_.GetAsymmetricKey();
+    if (!pkey) {
+      throw std::runtime_error("Invalid asymmetric key");
+    }
+    int keyId = EVP_PKEY_id(pkey.get());
+    // For curve keys (X25519, X448, Ed25519, Ed448), use raw format if no format specified
+    bool isCurveKey = (keyId == EVP_PKEY_X25519 || keyId == EVP_PKEY_X448 || keyId == EVP_PKEY_ED25519 || keyId == EVP_PKEY_ED448);
+    // If no format specified and it's a curve key, export as raw
+    if (!format.has_value() && !type.has_value() && isCurveKey) {
+      if (keyType == KeyType::PUBLIC) {
+        auto rawData = pkey.rawPublicKey();
+        if (!rawData) {
+          throw std::runtime_error("Failed to get raw public key");
+        }
+        return ToNativeArrayBuffer(std::string(reinterpret_cast<const char*>(rawData.get()), rawData.size()));
+      } else {
+        auto rawData = pkey.rawPrivateKey();
+        if (!rawData) {
+          throw std::runtime_error("Failed to get raw private key");
+        }
+        return ToNativeArrayBuffer(std::string(reinterpret_cast<const char*>(rawData.get()), rawData.size()));
+      }
+    }
+    // Set default format and type if not provided
+    auto exportFormat = format.value_or(KFormatType::DER);
+    auto exportType = type.value_or(keyType == KeyType::PUBLIC ? KeyEncoding::SPKI : KeyEncoding::PKCS8);
+    // If SPKI is requested, export as public key (works for both public and private keys)
+    // This allows extracting the public key from a private key
+    bool exportAsPublic = (exportType == KeyEncoding::SPKI) || (keyType == KeyType::PUBLIC);
+    // Create encoding config
+    if (exportAsPublic) {
+      ncrypto::EVPKeyPointer::PublicKeyEncodingConfig config(false, static_cast<ncrypto::EVPKeyPointer::PKFormatType>(exportFormat),
+                                                             static_cast<ncrypto::EVPKeyPointer::PKEncodingType>(exportType));
+      auto result = pkey.writePublicKey(config);
+      if (!result) {
+        throw std::runtime_error("Failed to export public key");
+      }
+      auto bio = std::move(result.value);
+      BUF_MEM* bptr = bio;
+      return ToNativeArrayBuffer(std::string(bptr->data, bptr->length));
+    } else {
+      ncrypto::EVPKeyPointer::PrivateKeyEncodingConfig config(false, static_cast<ncrypto::EVPKeyPointer::PKFormatType>(exportFormat),
+                                                              static_cast<ncrypto::EVPKeyPointer::PKEncodingType>(exportType));
+      // Handle cipher and passphrase for encrypted private keys
+      if (cipher.has_value()) {
+        const EVP_CIPHER* evp_cipher = EVP_get_cipherbyname(cipher.value().c_str());
+        if (!evp_cipher) {
+          throw std::runtime_error("Unknown cipher: " + cipher.value());
+        }
+        config.cipher = evp_cipher;
+      }
+      if (passphrase.has_value()) {
+        auto& passphrase_ptr = passphrase.value();
+        config.passphrase = std::make_optional(ncrypto::DataPointer(passphrase_ptr->data(), passphrase_ptr->size()));
+      }
+      auto result = pkey.writePrivateKey(config);
+      if (!result) {
+        throw std::runtime_error("Failed to export private key");
+      }
+      auto bio = std::move(result.value);
+      BUF_MEM* bptr = bio;
+      return ToNativeArrayBuffer(std::string(bptr->data, bptr->length));
+    }
+  }
+  throw std::runtime_error("Unsupported key type for export");
+}
+JWK HybridKeyObjectHandle::exportJwk(const JWK& key, bool handleRsaPss) {
+  JWK result = key;
+  auto keyType = data_.GetKeyType();
+  // Handle secret keys (AES, HMAC)
+  if (keyType == KeyType::SECRET) {
+    auto symKey = data_.GetSymmetricKey();
+    result.kty = JWKkty::OCT;
+    // RFC 7517 compliant base64url encoding (no padding characters)
+    result.k = base64url_encode(reinterpret_cast<const unsigned char*>(symKey->data()), symKey->size());
+    return result;
+  }
+  // Handle asymmetric keys (RSA, EC)
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid key for JWK export");
+  }
+  int keyId = EVP_PKEY_id(pkey.get());
+  // Export RSA keys
+  if (keyId == EVP_PKEY_RSA || keyId == EVP_PKEY_RSA_PSS) {
+    const RSA* rsa = EVP_PKEY_get0_RSA(pkey.get());
+    if (!rsa)
+      throw std::runtime_error("Failed to get RSA key");
+    result.kty = JWKkty::RSA;
+    const BIGNUM *n_bn, *e_bn, *d_bn, *p_bn, *q_bn, *dmp1_bn, *dmq1_bn, *iqmp_bn;
+    RSA_get0_key(rsa, &n_bn, &e_bn, &d_bn);
+    RSA_get0_factors(rsa, &p_bn, &q_bn);
+    RSA_get0_crt_params(rsa, &dmp1_bn, &dmq1_bn, &iqmp_bn);
+    // Public components (always present)
+    if (n_bn)
+      result.n = bn_to_base64url(n_bn);
+    if (e_bn)
+      result.e = bn_to_base64url(e_bn);
+    // Private components (only for private keys)
+    if (keyType == KeyType::PRIVATE) {
+      if (d_bn)
+        result.d = bn_to_base64url(d_bn);
+      if (p_bn)
+        result.p = bn_to_base64url(p_bn);
+      if (q_bn)
+        result.q = bn_to_base64url(q_bn);
+      if (dmp1_bn)
+        result.dp = bn_to_base64url(dmp1_bn);
+      if (dmq1_bn)
+        result.dq = bn_to_base64url(dmq1_bn);
+      if (iqmp_bn)
+        result.qi = bn_to_base64url(iqmp_bn);
+    }
+    return result;
+  }
+  // Export EC keys
+  if (keyId == EVP_PKEY_EC) {
+    const EC_KEY* ec = EVP_PKEY_get0_EC_KEY(pkey.get());
+    if (!ec)
+      throw std::runtime_error("Failed to get EC key");
+    const EC_GROUP* group = EC_KEY_get0_group(ec);
+    if (!group)
+      throw std::runtime_error("Failed to get EC group");
+    int nid = EC_GROUP_get_curve_name(group);
+    const char* curve_name = OBJ_nid2sn(nid);
+    if (!curve_name)
+      throw std::runtime_error("Unknown curve");
+    // Get the field size in bytes for proper padding
+    size_t field_size = (EC_GROUP_get_degree(group) + 7) / 8;
+    result.kty = JWKkty::EC;
+    // Map OpenSSL curve names to JWK curve names
+    if (strcmp(curve_name, "prime256v1") == 0) {
+      result.crv = "P-256";
+    } else if (strcmp(curve_name, "secp384r1") == 0) {
+      result.crv = "P-384";
+    } else if (strcmp(curve_name, "secp521r1") == 0) {
+      result.crv = "P-521";
+    } else {
+      result.crv = curve_name;
+    }
+    const EC_POINT* pub_key = EC_KEY_get0_public_key(ec);
+    if (pub_key) {
+      BIGNUM* x_bn = BN_new();
+      BIGNUM* y_bn = BN_new();
+      if (EC_POINT_get_affine_coordinates(group, pub_key, x_bn, y_bn, nullptr) == 1) {
+        result.x = bn_to_base64url(x_bn, field_size);
+        result.y = bn_to_base64url(y_bn, field_size);
+      }
+      BN_free(x_bn);
+      BN_free(y_bn);
+    }
+    // Export private key if this is a private key
+    if (keyType == KeyType::PRIVATE) {
+      const BIGNUM* priv_key = EC_KEY_get0_private_key(ec);
+      if (priv_key) {
+        result.d = bn_to_base64url(priv_key, field_size);
+      }
+    }
+    return result;
+  }
+  throw std::runtime_error("Unsupported key type for JWK export");
+}
+AsymmetricKeyType HybridKeyObjectHandle::getAsymmetricKeyType() {
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Key is not an asymmetric key");
+  }
+  int keyType = EVP_PKEY_id(pkey.get());
+  switch (keyType) {
+    case EVP_PKEY_RSA:
+      return AsymmetricKeyType::RSA;
+    case EVP_PKEY_RSA_PSS:
+      return AsymmetricKeyType::RSA_PSS;
+    case EVP_PKEY_DSA:
+      return AsymmetricKeyType::DSA;
+    case EVP_PKEY_EC:
+      return AsymmetricKeyType::EC;
+    case EVP_PKEY_DH:
+      return AsymmetricKeyType::DH;
+    case EVP_PKEY_X25519:
+      return AsymmetricKeyType::X25519;
+    case EVP_PKEY_X448:
+      return AsymmetricKeyType::X448;
+    case EVP_PKEY_ED25519:
+      return AsymmetricKeyType::ED25519;
+    case EVP_PKEY_ED448:
+      return AsymmetricKeyType::ED448;
+    default:
+      throw std::runtime_error("Unsupported asymmetric key type");
+  }
+}
+bool HybridKeyObjectHandle::init(KeyType keyType, const std::variant<std::string, std::shared_ptr<ArrayBuffer>>& key,
+                                 std::optional<KFormatType> format, std::optional<KeyEncoding> type,
+                                 const std::optional<std::shared_ptr<ArrayBuffer>>& passphrase) {
+  // Reset any existing data to prevent state leakage
+  data_ = KeyObjectData();
+  // get ArrayBuffer from key - always copy to ensure we own the data
+  std::shared_ptr<ArrayBuffer> ab;
+  if (std::holds_alternative<std::string>(key)) {
+    ab = ToNativeArrayBuffer(std::get<std::string>(key));
+  } else {
+    const auto& abPtr = std::get<std::shared_ptr<ArrayBuffer>>(key);
+    ab = ToNativeArrayBuffer(abPtr);
+  }
+  // Handle raw asymmetric key material - only for special curves with known raw sizes
+  std::optional<KFormatType> actualFormat = format;
+  if (!actualFormat.has_value() && !type.has_value() && (keyType == KeyType::PUBLIC || keyType == KeyType::PRIVATE)) {
+    size_t keySize = ab->size();
+    // Only route to initRawKey for exact special curve sizes:
+    // X25519/Ed25519: 32 bytes, X448: 56 bytes, Ed448: 57 bytes
+    // DER-encoded keys will be much larger and should use standard parsing
+    if ((keySize == 32) || (keySize == 56) || (keySize == 57)) {
+      return initRawKey(keyType, ab);
+    }
+    // For larger sizes (DER-encoded keys), fall through to standard parsing
+  }
+  switch (keyType) {
+    case KeyType::SECRET: {
+      this->data_ = KeyObjectData::CreateSecret(ab);
+      break;
+    }
+    case KeyType::PUBLIC: {
+      auto data = KeyObjectData::GetPublicOrPrivateKey(ab, actualFormat, type, passphrase);
+      if (!data)
+        return false;
+      this->data_ = data.addRefWithType(KeyType::PUBLIC);
+      break;
+    }
+    case KeyType::PRIVATE: {
+      if (auto data = KeyObjectData::GetPrivateKey(ab, actualFormat, type, passphrase, false)) {
+        this->data_ = std::move(data);
+      }
+      break;
+    }
+  }
+  return true;
+}
+std::optional<KeyType> HybridKeyObjectHandle::initJwk(const JWK& keyData, std::optional<NamedCurve> namedCurve) {
+  // Reset any existing data
+  data_ = KeyObjectData();
+  if (!keyData.kty.has_value()) {
+    throw std::runtime_error("JWK missing required 'kty' field");
+  }
+  JWKkty kty = keyData.kty.value();
+  // Handle symmetric keys (AES, HMAC)
+  if (kty == JWKkty::OCT) {
+    if (!keyData.k.has_value()) {
+      throw std::runtime_error("JWK oct key missing 'k' field");
+    }
+    std::string decoded = base64url_decode(keyData.k.value());
+    auto keyBuffer = ToNativeArrayBuffer(decoded);
+    data_ = KeyObjectData::CreateSecret(keyBuffer);
+    return KeyType::SECRET;
+  }
+  // Handle RSA keys
+  if (kty == JWKkty::RSA) {
+    bool isPrivate = keyData.d.has_value();
+    if (!keyData.n.has_value() || !keyData.e.has_value()) {
+      throw std::runtime_error("JWK RSA key missing required 'n' or 'e' fields");
+    }
+    RSA* rsa = RSA_new();
+    if (!rsa)
+      throw std::runtime_error("Failed to create RSA key");
+    // Set public components
+    BIGNUM* n = base64url_to_bn(keyData.n.value());
+    BIGNUM* e = base64url_to_bn(keyData.e.value());
+    if (!n || !e) {
+      RSA_free(rsa);
+      throw std::runtime_error("Failed to decode RSA public components");
+    }
+    if (isPrivate) {
+      // Private key
+      if (!keyData.d.has_value()) {
+        BN_free(n);
+        BN_free(e);
+        RSA_free(rsa);
+        throw std::runtime_error("JWK RSA private key missing 'd' field");
+      }
+      BIGNUM* d = base64url_to_bn(keyData.d.value());
+      if (!d) {
+        BN_free(n);
+        BN_free(e);
+        RSA_free(rsa);
+        throw std::runtime_error("Failed to decode RSA 'd' component");
+      }
+      // Set key components (RSA_set0_key takes ownership)
+      if (RSA_set0_key(rsa, n, e, d) != 1) {
+        BN_free(n);
+        BN_free(e);
+        BN_free(d);
+        RSA_free(rsa);
+        throw std::runtime_error("Failed to set RSA key components");
+      }
+      // Set optional CRT parameters if present
+      if (keyData.p.has_value() && keyData.q.has_value()) {
+        BIGNUM* p = base64url_to_bn(keyData.p.value());
+        BIGNUM* q = base64url_to_bn(keyData.q.value());
+        if (p && q) {
+          RSA_set0_factors(rsa, p, q);
+        }
+      }
+      if (keyData.dp.has_value() && keyData.dq.has_value() && keyData.qi.has_value()) {
+        BIGNUM* dmp1 = base64url_to_bn(keyData.dp.value());
+        BIGNUM* dmq1 = base64url_to_bn(keyData.dq.value());
+        BIGNUM* iqmp = base64url_to_bn(keyData.qi.value());
+        if (dmp1 && dmq1 && iqmp) {
+          RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp);
+        }
+      }
+      // Create EVP_PKEY from RSA
+      EVP_PKEY* pkey = EVP_PKEY_new();
+      if (!pkey || EVP_PKEY_assign_RSA(pkey, rsa) != 1) {
+        RSA_free(rsa);
+        if (pkey)
+          EVP_PKEY_free(pkey);
+        throw std::runtime_error("Failed to create EVP_PKEY from RSA");
+      }
+      data_ = KeyObjectData::CreateAsymmetric(KeyType::PRIVATE, ncrypto::EVPKeyPointer(pkey));
+      return KeyType::PRIVATE;
+    } else {
+      // Public key
+      if (RSA_set0_key(rsa, n, e, nullptr) != 1) {
+        BN_free(n);
+        BN_free(e);
+        RSA_free(rsa);
+        throw std::runtime_error("Failed to set RSA public key components");
+      }
+      EVP_PKEY* pkey = EVP_PKEY_new();
+      if (!pkey || EVP_PKEY_assign_RSA(pkey, rsa) != 1) {
+        RSA_free(rsa);
+        if (pkey)
+          EVP_PKEY_free(pkey);
+        throw std::runtime_error("Failed to create EVP_PKEY from RSA");
+      }
+      data_ = KeyObjectData::CreateAsymmetric(KeyType::PUBLIC, ncrypto::EVPKeyPointer(pkey));
+      return KeyType::PUBLIC;
+    }
+  }
+  // Handle EC keys
+  if (kty == JWKkty::EC) {
+    bool isPrivate = keyData.d.has_value();
+    if (!keyData.crv.has_value() || !keyData.x.has_value() || !keyData.y.has_value()) {
+      throw std::runtime_error("JWK EC key missing required fields (crv, x, y)");
+    }
+    std::string crv = keyData.crv.value();
+    // Map JWK curve names to OpenSSL NIDs
+    int nid;
+    if (crv == "P-256") {
+      nid = NID_X9_62_prime256v1;
+    } else if (crv == "P-384") {
+      nid = NID_secp384r1;
+    } else if (crv == "P-521") {
+      nid = NID_secp521r1;
+    } else {
+      throw std::runtime_error("Unsupported EC curve: " + crv);
+    }
+    // Create EC_KEY
+    EC_KEY* ec = EC_KEY_new_by_curve_name(nid);
+    if (!ec)
+      throw std::runtime_error("Failed to create EC key");
+    const EC_GROUP* group = EC_KEY_get0_group(ec);
+    // Decode public key coordinates
+    BIGNUM* x_bn = base64url_to_bn(keyData.x.value());
+    BIGNUM* y_bn = base64url_to_bn(keyData.y.value());
+    if (!x_bn || !y_bn) {
+      EC_KEY_free(ec);
+      throw std::runtime_error("Failed to decode EC public key coordinates");
+    }
+    // Set public key
+    EC_POINT* pub_key = EC_POINT_new(group);
+    if (!pub_key || EC_POINT_set_affine_coordinates(group, pub_key, x_bn, y_bn, nullptr) != 1) {
+      BN_free(x_bn);
+      BN_free(y_bn);
+      if (pub_key)
+        EC_POINT_free(pub_key);
+      EC_KEY_free(ec);
+      throw std::runtime_error("Failed to set EC public key");
+    }
+    BN_free(x_bn);
+    BN_free(y_bn);
+    if (EC_KEY_set_public_key(ec, pub_key) != 1) {
+      EC_POINT_free(pub_key);
+      EC_KEY_free(ec);
+      throw std::runtime_error("Failed to set EC public key on EC_KEY");
+    }
+    EC_POINT_free(pub_key);
+    // Set private key if present
+    if (isPrivate) {
+      BIGNUM* d_bn = base64url_to_bn(keyData.d.value());
+      if (!d_bn) {
+        EC_KEY_free(ec);
+        throw std::runtime_error("Failed to decode EC private key");
+      }
+      if (EC_KEY_set_private_key(ec, d_bn) != 1) {
+        BN_free(d_bn);
+        EC_KEY_free(ec);
+        throw std::runtime_error("Failed to set EC private key");
+      }
+      BN_free(d_bn);
+    }
+    // Create EVP_PKEY from EC_KEY
+    EVP_PKEY* pkey = EVP_PKEY_new();
+    if (!pkey || EVP_PKEY_assign_EC_KEY(pkey, ec) != 1) {
+      EC_KEY_free(ec);
+      if (pkey)
+        EVP_PKEY_free(pkey);
+      throw std::runtime_error("Failed to create EVP_PKEY from EC_KEY");
+    }
+    KeyType type = isPrivate ? KeyType::PRIVATE : KeyType::PUBLIC;
+    data_ = KeyObjectData::CreateAsymmetric(type, ncrypto::EVPKeyPointer(pkey));
+    return type;
+  }
+  throw std::runtime_error("Unsupported JWK key type");
+}
+KeyDetail HybridKeyObjectHandle::keyDetail() {
+  const auto& pkey_ptr = data_.GetAsymmetricKey();
+  if (!pkey_ptr) {
+    return KeyDetail{};
+  }
+  EVP_PKEY* pkey = pkey_ptr.get();
+  int keyType = EVP_PKEY_base_id(pkey);
+  if (keyType == EVP_PKEY_RSA) {
+    // Extract RSA key details
+    int modulusLength = EVP_PKEY_bits(pkey);
+    // Extract public exponent (typically 65537 = 0x10001)
+    const RSA* rsa = EVP_PKEY_get0_RSA(pkey);
+    if (rsa) {
+      const BIGNUM* e_bn = nullptr;
+      RSA_get0_key(rsa, nullptr, &e_bn, nullptr);
+      if (e_bn) {
+        unsigned long exponent_val = BN_get_word(e_bn);
+        return KeyDetail(std::nullopt, static_cast<double>(exponent_val), static_cast<double>(modulusLength), std::nullopt, std::nullopt,
+                         std::nullopt, std::nullopt);
+      }
+    }
+    // Fallback if we couldn't extract the exponent
+    return KeyDetail(std::nullopt, std::nullopt, static_cast<double>(modulusLength), std::nullopt, std::nullopt, std::nullopt,
+                     std::nullopt);
+  }
+  if (keyType == EVP_PKEY_EC) {
+    // Extract EC curve name
+    EC_KEY* ec_key = EVP_PKEY_get1_EC_KEY(pkey);
+    if (ec_key) {
+      const EC_GROUP* group = EC_KEY_get0_group(ec_key);
+      if (group) {
+        int nid = EC_GROUP_get_curve_name(group);
+        const char* curve_name = OBJ_nid2sn(nid);
+        if (curve_name) {
+          std::string namedCurve(curve_name);
+          EC_KEY_free(ec_key);
+          return KeyDetail(std::nullopt, std::nullopt, std::nullopt, std::nullopt, std::nullopt, std::nullopt, namedCurve);
+        }
+      }
+      EC_KEY_free(ec_key);
+    }
+  }
+  return KeyDetail{};
+}
+bool HybridKeyObjectHandle::initRawKey(KeyType keyType, std::shared_ptr<ArrayBuffer> keyData) {
+  // For asymmetric keys (x25519/x448/ed25519/ed448), we need to determine the curve type
+  // Based on key size: x25519=32 bytes, x448=56 bytes, ed25519=32 bytes, ed448=57 bytes
+  int curveId = -1;
+  size_t keySize = keyData->size();
+  if (keySize == 32) {
+    // Could be x25519 or ed25519 - for now assume x25519 based on test context
+    curveId = EVP_PKEY_X25519;
+  } else if (keySize == 56) {
+    curveId = EVP_PKEY_X448;
+  } else if (keySize == 57) {
+    curveId = EVP_PKEY_ED448;
+  } else {
+    throw std::runtime_error("Invalid key size: expected 32, 56, or 57 bytes for curve keys");
+  }
+  ncrypto::Buffer<const unsigned char> buffer{.data = reinterpret_cast<const unsigned char*>(keyData->data()), .len = keyData->size()};
+  ncrypto::EVPKeyPointer pkey;
+  if (keyType == KeyType::PRIVATE) {
+    pkey = ncrypto::EVPKeyPointer::NewRawPrivate(curveId, buffer);
+  } else if (keyType == KeyType::PUBLIC) {
+    pkey = ncrypto::EVPKeyPointer::NewRawPublic(curveId, buffer);
+  } else {
+    throw std::runtime_error("Raw keys are only supported for asymmetric key types");
+  }
+  if (!pkey) {
+    throw std::runtime_error("Failed to create key from raw data");
+  }
+  this->data_ = KeyObjectData::CreateAsymmetric(keyType, std::move(pkey));
+  return true;
+}
+bool HybridKeyObjectHandle::initECRaw(const std::string& namedCurve, const std::shared_ptr<ArrayBuffer>& keyData) {
+  // Reset any existing data
+  data_ = KeyObjectData();
+  // Map curve name to NID (same logic as HybridEcKeyPair::GetCurveFromName)
+  int nid = 0;
+  if (namedCurve == "prime256v1" || namedCurve == "P-256") {
+    nid = NID_X9_62_prime256v1;
+  } else if (namedCurve == "secp384r1" || namedCurve == "P-384") {
+    nid = NID_secp384r1;
+  } else if (namedCurve == "secp521r1" || namedCurve == "P-521") {
+    nid = NID_secp521r1;
+  } else if (namedCurve == "secp256k1") {
+    nid = NID_secp256k1;
+  } else {
+    // Try standard OpenSSL name resolution
+    nid = OBJ_txt2nid(namedCurve.c_str());
+  }
+  if (nid == 0) {
+    throw std::runtime_error("Unknown curve: " + namedCurve);
+  }
+  // Create EC_GROUP for the curve
+  ncrypto::ECGroupPointer group = ncrypto::ECGroupPointer::NewByCurveName(nid);
+  if (!group) {
+    throw std::runtime_error("Failed to create EC_GROUP for curve");
+  }
+  // Create EC_POINT from raw bytes
+  ncrypto::ECPointPointer point = ncrypto::ECPointPointer::New(group.get());
+  if (!point) {
+    throw std::runtime_error("Failed to create EC_POINT");
+  }
+  // Convert raw bytes to EC_POINT
+  ncrypto::Buffer<const unsigned char> buffer{.data = reinterpret_cast<const unsigned char*>(keyData->data()), .len = keyData->size()};
+  if (!point.setFromBuffer(buffer, group.get())) {
+    throw std::runtime_error("Failed to read DER asymmetric key");
+  }
+  // Create EC_KEY and set the public key
+  ncrypto::ECKeyPointer ec = ncrypto::ECKeyPointer::New(group.get());
+  if (!ec) {
+    throw std::runtime_error("Failed to create EC_KEY");
+  }
+  if (!ec.setPublicKey(point)) {
+    throw std::runtime_error("Failed to set public key on EC_KEY");
+  }
+  // Create EVP_PKEY from EC_KEY
+  ncrypto::EVPKeyPointer pkey = ncrypto::EVPKeyPointer::New();
+  if (!pkey) {
+    throw std::runtime_error("Failed to create EVP_PKEY");
+  }
+  if (!pkey.set(ec)) {
+    throw std::runtime_error("Failed to assign EC_KEY to EVP_PKEY");
+  }
+  // Store as public key
+  this->data_ = KeyObjectData::CreateAsymmetric(KeyType::PUBLIC, std::move(pkey));
+  return true;
+}
+} // namespace margelo::nitro::crypto