react-native-quick-crypto 1.0.9 → 1.0.11

package/cpp/cipher/XChaCha20Poly1305Cipher.hpp

@@ -0,0 +1,43 @@
+#pragma once
+
+#ifdef BLSALLOC_SODIUM
+#include "sodium.h"
+#else
+#define crypto_aead_xchacha20poly1305_ietf_KEYBYTES 32U
+#define crypto_aead_xchacha20poly1305_ietf_NPUBBYTES 24U
+#define crypto_aead_xchacha20poly1305_ietf_ABYTES 16U
+#endif
+
+#include <vector>
+
+#include "HybridCipher.hpp"
+
+namespace margelo::nitro::crypto {
+
+class XChaCha20Poly1305Cipher : public HybridCipher {
+ public:
+  XChaCha20Poly1305Cipher() : HybridObject(TAG), final_called_(false) {}
+  ~XChaCha20Poly1305Cipher();
+
+  void init(const std::shared_ptr<ArrayBuffer> cipher_key, const std::shared_ptr<ArrayBuffer> iv) override;
+  std::shared_ptr<ArrayBuffer> update(const std::shared_ptr<ArrayBuffer>& data) override;
+  std::shared_ptr<ArrayBuffer> final() override;
+  bool setAAD(const std::shared_ptr<ArrayBuffer>& data, std::optional<double> plaintextLength) override;
+  std::shared_ptr<ArrayBuffer> getAuthTag() override;
+  bool setAuthTag(const std::shared_ptr<ArrayBuffer>& tag) override;
+  bool setAutoPadding(bool autoPad) override;
+
+ private:
+  static constexpr size_t kKeySize = crypto_aead_xchacha20poly1305_ietf_KEYBYTES;
+  static constexpr size_t kNonceSize = crypto_aead_xchacha20poly1305_ietf_NPUBBYTES;
+  static constexpr size_t kTagSize = crypto_aead_xchacha20poly1305_ietf_ABYTES;
+
+  uint8_t key_[kKeySize];
+  uint8_t nonce_[kNonceSize];
+  std::vector<uint8_t> aad_;
+  std::vector<uint8_t> data_buffer_;
+  uint8_t auth_tag_[kTagSize];
+  bool final_called_;
+};
+
+} // namespace margelo::nitro::crypto

package/cpp/cipher/XSalsa20Poly1305Cipher.cpp

@@ -0,0 +1,145 @@
+#include "XSalsa20Poly1305Cipher.hpp"
+
+#include <cstring>
+#include <stdexcept>
+
+#include "NitroModules/ArrayBuffer.hpp"
+#include "QuickCryptoUtils.hpp"
+
+namespace margelo::nitro::crypto {
+
+XSalsa20Poly1305Cipher::~XSalsa20Poly1305Cipher() {
+#ifdef BLSALLOC_SODIUM
+  sodium_memzero(key_, kKeySize);
+  sodium_memzero(nonce_, kNonceSize);
+  sodium_memzero(auth_tag_, kTagSize);
+  if (!data_buffer_.empty()) {
+    sodium_memzero(data_buffer_.data(), data_buffer_.size());
+  }
+#else
+  std::memset(key_, 0, kKeySize);
+  std::memset(nonce_, 0, kNonceSize);
+  std::memset(auth_tag_, 0, kTagSize);
+#endif
+  data_buffer_.clear();
+}
+
+void XSalsa20Poly1305Cipher::init(const std::shared_ptr<ArrayBuffer> cipher_key, const std::shared_ptr<ArrayBuffer> iv) {
+  auto native_key = ToNativeArrayBuffer(cipher_key);
+  auto native_iv = ToNativeArrayBuffer(iv);
+
+  if (native_key->size() != kKeySize) {
+    throw std::runtime_error("XSalsa20-Poly1305 key must be 32 bytes, got " + std::to_string(native_key->size()) + " bytes");
+  }
+
+  if (native_iv->size() != kNonceSize) {
+    throw std::runtime_error("XSalsa20-Poly1305 nonce must be 24 bytes, got " + std::to_string(native_iv->size()) + " bytes");
+  }
+
+  std::memcpy(key_, native_key->data(), kKeySize);
+  std::memcpy(nonce_, native_iv->data(), kNonceSize);
+
+  data_buffer_.clear();
+  final_called_ = false;
+}
+
+std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::update(const std::shared_ptr<ArrayBuffer>& data) {
+#ifndef BLSALLOC_SODIUM
+  throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
+#else
+  auto native_data = ToNativeArrayBuffer(data);
+  size_t data_len = native_data->size();
+
+  size_t old_size = data_buffer_.size();
+  data_buffer_.resize(old_size + data_len);
+  std::memcpy(data_buffer_.data() + old_size, native_data->data(), data_len);
+
+  return std::make_shared<NativeArrayBuffer>(nullptr, 0, nullptr);
+#endif
+}
+
+std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::final() {
+#ifndef BLSALLOC_SODIUM
+  throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
+#else
+  if (is_cipher) {
+    uint8_t* ciphertext = new uint8_t[data_buffer_.size()];
+
+    int result = crypto_secretbox_detached(ciphertext, auth_tag_, data_buffer_.data(), data_buffer_.size(), nonce_, key_);
+
+    if (result != 0) {
+      sodium_memzero(ciphertext, data_buffer_.size());
+      delete[] ciphertext;
+      throw std::runtime_error("XSalsa20Poly1305Cipher: encryption failed");
+    }
+
+    final_called_ = true;
+    size_t ct_len = data_buffer_.size();
+    return std::make_shared<NativeArrayBuffer>(ciphertext, ct_len, [=]() { delete[] ciphertext; });
+  } else {
+    if (data_buffer_.empty()) {
+      final_called_ = true;
+      return std::make_shared<NativeArrayBuffer>(nullptr, 0, nullptr);
+    }
+
+    uint8_t* plaintext = new uint8_t[data_buffer_.size()];
+
+    int result = crypto_secretbox_open_detached(plaintext, data_buffer_.data(), auth_tag_, data_buffer_.size(), nonce_, key_);
+
+    if (result != 0) {
+      sodium_memzero(plaintext, data_buffer_.size());
+      delete[] plaintext;
+      throw std::runtime_error("XSalsa20Poly1305Cipher: decryption failed - authentication tag mismatch");
+    }
+
+    final_called_ = true;
+    size_t pt_len = data_buffer_.size();
+    return std::make_shared<NativeArrayBuffer>(plaintext, pt_len, [=]() { delete[] plaintext; });
+  }
+#endif
+}
+
+bool XSalsa20Poly1305Cipher::setAAD(const std::shared_ptr<ArrayBuffer>& data, std::optional<double> plaintextLength) {
+  throw std::runtime_error("AAD is not supported for xsalsa20-poly1305 (use xchacha20-poly1305 instead)");
+}
+
+std::shared_ptr<ArrayBuffer> XSalsa20Poly1305Cipher::getAuthTag() {
+#ifndef BLSALLOC_SODIUM
+  throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
+#else
+  if (!is_cipher) {
+    throw std::runtime_error("getAuthTag can only be called during encryption");
+  }
+  if (!final_called_) {
+    throw std::runtime_error("getAuthTag must be called after final()");
+  }
+
+  uint8_t* tag_copy = new uint8_t[kTagSize];
+  std::memcpy(tag_copy, auth_tag_, kTagSize);
+  return std::make_shared<NativeArrayBuffer>(tag_copy, kTagSize, [=]() { delete[] tag_copy; });
+#endif
+}
+
+bool XSalsa20Poly1305Cipher::setAuthTag(const std::shared_ptr<ArrayBuffer>& tag) {
+#ifndef BLSALLOC_SODIUM
+  throw std::runtime_error("XSalsa20Poly1305Cipher: libsodium must be enabled (BLSALLOC_SODIUM)");
+#else
+  if (is_cipher) {
+    throw std::runtime_error("setAuthTag can only be called during decryption");
+  }
+
+  auto native_tag = ToNativeArrayBuffer(tag);
+  if (native_tag->size() != kTagSize) {
+    throw std::runtime_error("XSalsa20-Poly1305 tag must be 16 bytes, got " + std::to_string(native_tag->size()) + " bytes");
+  }
+
+  std::memcpy(auth_tag_, native_tag->data(), kTagSize);
+  return true;
+#endif
+}
+
+bool XSalsa20Poly1305Cipher::setAutoPadding(bool autoPad) {
+  throw std::runtime_error("setAutoPadding is not supported for xsalsa20-poly1305");
+}
+
+} // namespace margelo::nitro::crypto

package/cpp/cipher/XSalsa20Poly1305Cipher.hpp

@@ -0,0 +1,42 @@
+#pragma once
+
+#ifdef BLSALLOC_SODIUM
+#include "sodium.h"
+#else
+#define crypto_secretbox_xsalsa20poly1305_KEYBYTES 32U
+#define crypto_secretbox_xsalsa20poly1305_NONCEBYTES 24U
+#define crypto_secretbox_xsalsa20poly1305_MACBYTES 16U
+#endif
+
+#include <vector>
+
+#include "HybridCipher.hpp"
+
+namespace margelo::nitro::crypto {
+
+class XSalsa20Poly1305Cipher : public HybridCipher {
+ public:
+  XSalsa20Poly1305Cipher() : HybridObject(TAG), final_called_(false) {}
+  ~XSalsa20Poly1305Cipher();
+
+  void init(const std::shared_ptr<ArrayBuffer> cipher_key, const std::shared_ptr<ArrayBuffer> iv) override;
+  std::shared_ptr<ArrayBuffer> update(const std::shared_ptr<ArrayBuffer>& data) override;
+  std::shared_ptr<ArrayBuffer> final() override;
+  bool setAAD(const std::shared_ptr<ArrayBuffer>& data, std::optional<double> plaintextLength) override;
+  std::shared_ptr<ArrayBuffer> getAuthTag() override;
+  bool setAuthTag(const std::shared_ptr<ArrayBuffer>& tag) override;
+  bool setAutoPadding(bool autoPad) override;
+
+ private:
+  static constexpr size_t kKeySize = crypto_secretbox_xsalsa20poly1305_KEYBYTES;
+  static constexpr size_t kNonceSize = crypto_secretbox_xsalsa20poly1305_NONCEBYTES;
+  static constexpr size_t kTagSize = crypto_secretbox_xsalsa20poly1305_MACBYTES;
+
+  uint8_t key_[kKeySize];
+  uint8_t nonce_[kNonceSize];
+  std::vector<uint8_t> data_buffer_;
+  uint8_t auth_tag_[kTagSize];
+  bool final_called_;
+};
+
+} // namespace margelo::nitro::crypto

package/cpp/dh/HybridDhKeyPair.cpp

@@ -0,0 +1,179 @@
+#include "HybridDhKeyPair.hpp"
+
+#include <NitroModules/ArrayBuffer.hpp>
+#include <NitroModules/Promise.hpp>
+#include <memory>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/buffer.h>
+#include <openssl/dh.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <stdexcept>
+#include <string>
+
+// Suppress deprecation warnings for DH_* functions
+// Node.js ncrypto uses the same pattern — these APIs work but are deprecated in OpenSSL 3.x
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+
+namespace margelo::nitro::crypto {
+
+using BN_ptr = std::unique_ptr<BIGNUM, decltype(&BN_free)>;
+using DH_ptr = std::unique_ptr<DH, decltype(&DH_free)>;
+using EVP_PKEY_CTX_ptr = std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)>;
+
+void HybridDhKeyPair::setPrimeLength(double primeLength) {
+  primeLength_ = static_cast<int>(primeLength);
+}
+
+void HybridDhKeyPair::setPrime(const std::shared_ptr<ArrayBuffer>& prime) {
+  prime_.assign(prime->data(), prime->data() + prime->size());
+}
+
+void HybridDhKeyPair::setGenerator(double generator) {
+  generator_ = static_cast<int>(generator);
+}
+
+std::shared_ptr<Promise<void>> HybridDhKeyPair::generateKeyPair() {
+  return Promise<void>::async([this]() { this->generateKeyPairSync(); });
+}
+
+void HybridDhKeyPair::generateKeyPairSync() {
+  pkey_.reset();
+
+  EVP_PKEY* params = nullptr;
+
+  if (!prime_.empty()) {
+    // Mode B: Custom prime provided as binary
+    DH_ptr dh(DH_new(), DH_free);
+    if (!dh) {
+      throw std::runtime_error("DH: failed to create DH structure");
+    }
+
+    BIGNUM* p = BN_bin2bn(prime_.data(), static_cast<int>(prime_.size()), nullptr);
+    BIGNUM* g = BN_new();
+    if (!p || !g) {
+      if (p)
+        BN_free(p);
+      if (g)
+        BN_free(g);
+      throw std::runtime_error("DH: failed to create BIGNUM parameters");
+    }
+    BN_set_word(g, static_cast<unsigned long>(generator_));
+
+    if (DH_set0_pqg(dh.get(), p, nullptr, g) != 1) {
+      BN_free(p);
+      BN_free(g);
+      throw std::runtime_error("DH: failed to set DH parameters");
+    }
+
+    EVP_PKEY* pkey_params = EVP_PKEY_new();
+    if (!pkey_params) {
+      throw std::runtime_error("DH: failed to create EVP_PKEY for parameters");
+    }
+
+    if (EVP_PKEY_assign_DH(pkey_params, dh.get()) != 1) {
+      EVP_PKEY_free(pkey_params);
+      throw std::runtime_error("DH: failed to assign DH to EVP_PKEY");
+    }
+    dh.release(); // EVP_PKEY now owns it
+
+    params = pkey_params;
+
+  } else if (primeLength_ > 0) {
+    // Mode C: Generate random prime of given size
+    EVP_PKEY_CTX_ptr pctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DH, nullptr), EVP_PKEY_CTX_free);
+    if (!pctx) {
+      throw std::runtime_error("DH: failed to create parameter context");
+    }
+
+    if (EVP_PKEY_paramgen_init(pctx.get()) <= 0) {
+      throw std::runtime_error("DH: failed to initialize parameter generation");
+    }
+
+    if (EVP_PKEY_CTX_set_dh_paramgen_prime_len(pctx.get(), primeLength_) <= 0) {
+      throw std::runtime_error("DH: failed to set prime length");
+    }
+
+    if (EVP_PKEY_CTX_set_dh_paramgen_generator(pctx.get(), generator_) <= 0) {
+      throw std::runtime_error("DH: failed to set generator");
+    }
+
+    if (EVP_PKEY_paramgen(pctx.get(), &params) <= 0) {
+      throw std::runtime_error("DH: failed to generate parameters");
+    }
+  } else {
+    throw std::runtime_error("DH: either prime or primeLength must be set");
+  }
+
+  std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> params_guard(params, EVP_PKEY_free);
+
+  // Generate key pair from parameters
+  EVP_PKEY_CTX_ptr kctx(EVP_PKEY_CTX_new(params, nullptr), EVP_PKEY_CTX_free);
+  if (!kctx) {
+    throw std::runtime_error("DH: failed to create keygen context");
+  }
+
+  if (EVP_PKEY_keygen_init(kctx.get()) <= 0) {
+    throw std::runtime_error("DH: failed to initialize key generation");
+  }
+
+  EVP_PKEY* raw_pkey = nullptr;
+  if (EVP_PKEY_keygen(kctx.get(), &raw_pkey) <= 0) {
+    throw std::runtime_error("DH: failed to generate key pair");
+  }
+
+  pkey_.reset(raw_pkey);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDhKeyPair::getPublicKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DH: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DH: failed to create BIO for public key export");
+  }
+
+  if (i2d_PUBKEY_bio(bio, pkey_.get()) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DH: failed to export public key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDhKeyPair::getPrivateKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DH: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DH: failed to create BIO for private key export");
+  }
+
+  if (i2d_PKCS8PrivateKey_bio(bio, pkey_.get(), nullptr, nullptr, 0, nullptr, nullptr) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DH: failed to export private key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+#pragma clang diagnostic pop
+
+} // namespace margelo::nitro::crypto

package/cpp/dh/HybridDhKeyPair.hpp

@@ -0,0 +1,37 @@
+#pragma once
+
+#include <memory>
+#include <openssl/dh.h>
+#include <openssl/evp.h>
+#include <string>
+#include <vector>
+
+#include "HybridDhKeyPairSpec.hpp"
+#include "QuickCryptoUtils.hpp"
+
+namespace margelo::nitro::crypto {
+
+class HybridDhKeyPair : public HybridDhKeyPairSpec {
+ public:
+  HybridDhKeyPair() : HybridObject(TAG) {}
+  ~HybridDhKeyPair() override = default;
+
+ public:
+  std::shared_ptr<Promise<void>> generateKeyPair() override;
+  void generateKeyPairSync() override;
+  void setPrimeLength(double primeLength) override;
+  void setPrime(const std::shared_ptr<ArrayBuffer>& prime) override;
+  void setGenerator(double generator) override;
+  std::shared_ptr<ArrayBuffer> getPublicKey() override;
+  std::shared_ptr<ArrayBuffer> getPrivateKey() override;
+
+ private:
+  int primeLength_ = 0;
+  std::vector<uint8_t> prime_;
+  int generator_ = 2;
+
+  using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>;
+  EVP_PKEY_ptr pkey_{nullptr, EVP_PKEY_free};
+};
+
+} // namespace margelo::nitro::crypto

package/cpp/dh/HybridDiffieHellman.cpp

@@ -433,6 +433,16 @@ const DH* HybridDiffieHellman::getDH() const {
   return dh;
 }
 
+double HybridDiffieHellman::getVerifyError() {
+  ensureInitialized();
+  const DH* dh = getDH();
+  int codes = 0;
+  if (DH_check(const_cast<DH*>(dh), &codes) != 1) {
+    return 0;
+  }
+  return static_cast<double>(codes);
+}
+
 #pragma clang diagnostic pop
 
 } // namespace margelo::nitro::crypto

package/cpp/dh/HybridDiffieHellman.hpp

@@ -30,6 +30,7 @@ class HybridDiffieHellman : public HybridDiffieHellmanSpec {
   std::shared_ptr<ArrayBuffer> getPrivateKey() override;
   void setPublicKey(const std::shared_ptr<ArrayBuffer>& publicKey) override;
   void setPrivateKey(const std::shared_ptr<ArrayBuffer>& privateKey) override;
+  double getVerifyError() override;
 
  private:
   EVP_PKEY_ptr _pkey;

package/cpp/dsa/HybridDsaKeyPair.cpp

@@ -0,0 +1,128 @@
+#include "HybridDsaKeyPair.hpp"
+
+#include <NitroModules/ArrayBuffer.hpp>
+#include <NitroModules/Promise.hpp>
+#include <memory>
+#include <openssl/bio.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <stdexcept>
+#include <string>
+
+namespace margelo::nitro::crypto {
+
+void HybridDsaKeyPair::setModulusLength(double modulusLength) {
+  modulusLength_ = static_cast<int>(modulusLength);
+}
+
+void HybridDsaKeyPair::setDivisorLength(double divisorLength) {
+  divisorLength_ = static_cast<int>(divisorLength);
+}
+
+std::shared_ptr<Promise<void>> HybridDsaKeyPair::generateKeyPair() {
+  return Promise<void>::async([this]() { this->generateKeyPairSync(); });
+}
+
+void HybridDsaKeyPair::generateKeyPairSync() {
+  if (modulusLength_ <= 0) {
+    throw std::runtime_error("DSA modulusLength must be set before generating key pair");
+  }
+
+  pkey_.reset();
+
+  // Step 1: Generate DSA parameters
+  std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)> param_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, nullptr), EVP_PKEY_CTX_free);
+
+  if (!param_ctx) {
+    throw std::runtime_error("DSA: failed to create parameter context");
+  }
+
+  if (EVP_PKEY_paramgen_init(param_ctx.get()) <= 0) {
+    throw std::runtime_error("DSA: failed to initialize parameter generation");
+  }
+
+  if (EVP_PKEY_CTX_set_dsa_paramgen_bits(param_ctx.get(), modulusLength_) <= 0) {
+    throw std::runtime_error("DSA: failed to set modulus length");
+  }
+
+  if (divisorLength_ >= 0) {
+    if (EVP_PKEY_CTX_set_dsa_paramgen_q_bits(param_ctx.get(), divisorLength_) <= 0) {
+      throw std::runtime_error("DSA: failed to set divisor length");
+    }
+  }
+
+  EVP_PKEY* raw_params = nullptr;
+  if (EVP_PKEY_paramgen(param_ctx.get(), &raw_params) <= 0) {
+    throw std::runtime_error("DSA: failed to generate parameters");
+  }
+
+  std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> params(raw_params, EVP_PKEY_free);
+
+  // Step 2: Generate key pair from parameters
+  std::unique_ptr<EVP_PKEY_CTX, decltype(&EVP_PKEY_CTX_free)> key_ctx(EVP_PKEY_CTX_new(params.get(), nullptr), EVP_PKEY_CTX_free);
+
+  if (!key_ctx) {
+    throw std::runtime_error("DSA: failed to create key generation context");
+  }
+
+  if (EVP_PKEY_keygen_init(key_ctx.get()) <= 0) {
+    throw std::runtime_error("DSA: failed to initialize key generation");
+  }
+
+  EVP_PKEY* raw_pkey = nullptr;
+  if (EVP_PKEY_keygen(key_ctx.get(), &raw_pkey) <= 0) {
+    throw std::runtime_error("DSA: failed to generate key pair");
+  }
+
+  pkey_.reset(raw_pkey);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDsaKeyPair::getPublicKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DSA: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DSA: failed to create BIO for public key export");
+  }
+
+  if (i2d_PUBKEY_bio(bio, pkey_.get()) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DSA: failed to export public key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+std::shared_ptr<ArrayBuffer> HybridDsaKeyPair::getPrivateKey() {
+  if (!pkey_) {
+    throw std::runtime_error("DSA: no key pair generated");
+  }
+
+  BIO* bio = BIO_new(BIO_s_mem());
+  if (!bio) {
+    throw std::runtime_error("DSA: failed to create BIO for private key export");
+  }
+
+  if (i2d_PKCS8PrivateKey_bio(bio, pkey_.get(), nullptr, nullptr, 0, nullptr, nullptr) != 1) {
+    BIO_free(bio);
+    throw std::runtime_error("DSA: failed to export private key");
+  }
+
+  BUF_MEM* mem;
+  BIO_get_mem_ptr(bio, &mem);
+  std::string derData(mem->data, mem->length);
+  BIO_free(bio);
+
+  return ToNativeArrayBuffer(derData);
+}
+
+} // namespace margelo::nitro::crypto

package/cpp/dsa/HybridDsaKeyPair.hpp

@@ -0,0 +1,32 @@
+#pragma once
+
+#include <memory>
+#include <openssl/evp.h>
+
+#include "HybridDsaKeyPairSpec.hpp"
+#include "QuickCryptoUtils.hpp"
+
+namespace margelo::nitro::crypto {
+
+class HybridDsaKeyPair : public HybridDsaKeyPairSpec {
+ public:
+  HybridDsaKeyPair() : HybridObject(TAG) {}
+  ~HybridDsaKeyPair() override = default;
+
+ public:
+  std::shared_ptr<Promise<void>> generateKeyPair() override;
+  void generateKeyPairSync() override;
+  void setModulusLength(double modulusLength) override;
+  void setDivisorLength(double divisorLength) override;
+  std::shared_ptr<ArrayBuffer> getPublicKey() override;
+  std::shared_ptr<ArrayBuffer> getPrivateKey() override;
+
+ private:
+  int modulusLength_ = 0;
+  int divisorLength_ = -1;
+
+  using EVP_PKEY_ptr = std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)>;
+  EVP_PKEY_ptr pkey_{nullptr, EVP_PKEY_free};
+};
+
+} // namespace margelo::nitro::crypto

package/cpp/ec/HybridEcKeyPair.cpp

@@ -1,5 +1,6 @@
 #include <NitroModules/ArrayBuffer.hpp>
 #include <NitroModules/Promise.hpp>
+#include <algorithm>
 #include <memory>
 #include <openssl/bio.h>
 #include <openssl/buffer.h>
@@ -425,4 +426,24 @@ void HybridEcKeyPair::checkKeyPair() {
   }
 }
 
+std::vector<std::string> HybridEcKeyPair::getSupportedCurves() {
+  const size_t count = EC_get_builtin_curves(nullptr, 0);
+  std::vector<EC_builtin_curve> curves(count);
+  if (EC_get_builtin_curves(curves.data(), count) != count) {
+    throw std::runtime_error("Failed to enumerate EC curves");
+  }
+
+  std::vector<std::string> names;
+  names.reserve(count);
+  for (const auto& curve : curves) {
+    const char* sn = OBJ_nid2sn(curve.nid);
+    if (sn != nullptr) {
+      names.emplace_back(sn);
+    }
+  }
+
+  std::sort(names.begin(), names.end());
+  return names;
+}
+
 } // namespace margelo::nitro::crypto

package/cpp/ec/HybridEcKeyPair.hpp

@@ -34,6 +34,7 @@ class HybridEcKeyPair : public HybridEcKeyPairSpec {
   std::shared_ptr<ArrayBuffer> sign(const std::shared_ptr<ArrayBuffer>& data, const std::string& hashAlgorithm) override;
   bool verify(const std::shared_ptr<ArrayBuffer>& data, const std::shared_ptr<ArrayBuffer>& signature,
               const std::string& hashAlgorithm) override;
+  std::vector<std::string> getSupportedCurves() override;
 
  protected:
   void checkKeyPair();