react-native-quick-crypto 1.1.1 → 1.1.2

package/cpp/keys/HybridKeyObjectHandle.cpp

@@ -1,4 +1,5 @@
 #include <cstdio>
+#include <mutex>
 #include <stdexcept>
 
 #include "../utils/base64.h"
@@ -10,10 +11,42 @@
 #include <openssl/ec.h>
 #include <openssl/evp.h>
 #include <openssl/obj_mac.h>
+#include <openssl/provider.h>
 #include <openssl/rsa.h>
 
 namespace margelo::nitro::crypto {
 
+#if OPENSSL_VERSION_NUMBER >= 0x30600000L
+// Configure loaded providers to prefer seed-only PKCS#8 output for ML-DSA /
+// ML-KEM, falling back to priv-only when no seed is available. Without this,
+// OpenSSL defaults to "seed-priv" — a longer encoding that bundles both —
+// which breaks interop with Node and the exact-length export check in subtle.ts.
+// Mirrors src/crypto/crypto_util.cc in Node.
+static void configurePqcOutputFormats() {
+  static std::once_flag once;
+  std::call_once(once, []() {
+    OSSL_PROVIDER_do_all(
+        nullptr,
+        [](OSSL_PROVIDER* provider, void*) -> int {
+          OSSL_PROVIDER_add_conf_parameter(provider, "ml-kem.output_formats", "seed-only,priv-only");
+          OSSL_PROVIDER_add_conf_parameter(provider, "ml-dsa.output_formats", "seed-only,priv-only");
+          OSSL_PROVIDER_add_conf_parameter(provider, "slh-dsa.output_formats", "seed-only,priv-only");
+          return 1;
+        },
+        nullptr);
+  });
+}
+#endif
+
+HybridKeyObjectHandle::HybridKeyObjectHandle() : HybridObject(TAG) {
+#if OPENSSL_VERSION_NUMBER >= 0x30600000L
+  // Configure once on first handle construction. Providers are guaranteed
+  // loaded by this point (any prior crypto op routed through ncrypto), and
+  // the call_once flag makes subsequent constructions cheap.
+  configurePqcOutputFormats();
+#endif
+}
+
 // Helper functions for base64url encoding/decoding with BIGNUMs
 static std::string bn_to_base64url(const BIGNUM* bn, size_t expected_size = 0) {
   if (!bn)
@@ -142,7 +175,7 @@ std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportKey(std::optional<KFor
       const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
       if (typeName != nullptr) {
         std::string name(typeName);
-        bool isPqcKey = (name.starts_with("ML-KEM-") || name.starts_with("ML-DSA-"));
+        bool isPqcKey = (name.starts_with("ML-KEM-") || name.starts_with("ML-DSA-") || name.starts_with("SLH-DSA-"));
         if (isPqcKey) {
           if (keyType == KeyType::PUBLIC) {
             auto rawData = pkey.rawPublicKey();
@@ -364,9 +397,267 @@ JWK HybridKeyObjectHandle::exportJwk(const JWK& key, bool handleRsaPss) {
     return result;
   }
 
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  // Export AKP keys (ML-DSA, ML-KEM)
+  {
+    const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
+    if (typeName != nullptr) {
+      std::string name(typeName);
+      bool isPqcKey = (name.starts_with("ML-DSA-") || name.starts_with("ML-KEM-") || name.starts_with("SLH-DSA-"));
+      if (isPqcKey) {
+        result.kty = JWKkty::AKP;
+        result.alg = name;
+
+        auto pubKey = pkey.rawPublicKey();
+        if (!pubKey) {
+          throw std::runtime_error("Failed to get raw public key for AKP JWK export");
+        }
+        result.pub = base64url_encode(reinterpret_cast<const unsigned char*>(pubKey.get()), pubKey.size());
+
+        if (keyType == KeyType::PRIVATE) {
+          auto seed = pkey.rawSeed();
+          if (!seed) {
+            throw std::runtime_error("Key does not have an available seed");
+          }
+          result.priv = base64url_encode(reinterpret_cast<const unsigned char*>(seed.get()), seed.size());
+        }
+
+        return result;
+      }
+    }
+  }
+#endif
+
   throw std::runtime_error("Unsupported key type for JWK export");
 }
 
+// Returns true if the EVP_PKEY type supports raw public key export
+// (CFRG keys: Ed25519, Ed448, X25519, X448; PQC keys: ML-DSA, ML-KEM, SLH-DSA).
+static bool supportsRawPublic(int keyId, const char* typeName) {
+  if (keyId == EVP_PKEY_ED25519 || keyId == EVP_PKEY_ED448 || keyId == EVP_PKEY_X25519 || keyId == EVP_PKEY_X448) {
+    return true;
+  }
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  if (keyId == EVP_PKEY_ML_DSA_44 || keyId == EVP_PKEY_ML_DSA_65 || keyId == EVP_PKEY_ML_DSA_87) {
+    return true;
+  }
+  if (typeName != nullptr) {
+    std::string name(typeName);
+    if (name.starts_with("ML-KEM-") || name.starts_with("ML-DSA-") || name.starts_with("SLH-DSA-")) {
+      return true;
+    }
+  }
+#else
+  (void)typeName;
+#endif
+  return false;
+}
+
+// Returns true if the EVP_PKEY type supports raw private key export
+// (CFRG keys: Ed25519, Ed448, X25519, X448; SLH-DSA private keys).
+static bool supportsRawPrivate(int keyId, const char* typeName) {
+  if (keyId == EVP_PKEY_ED25519 || keyId == EVP_PKEY_ED448 || keyId == EVP_PKEY_X25519 || keyId == EVP_PKEY_X448) {
+    return true;
+  }
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  if (typeName != nullptr) {
+    std::string name(typeName);
+    if (name.starts_with("SLH-DSA-")) {
+      return true;
+    }
+  }
+#else
+  (void)typeName;
+#endif
+  return false;
+}
+
+// Returns true if the EVP_PKEY type supports raw seed export
+// (PQC keys: ML-DSA, ML-KEM, SLH-DSA).
+static bool supportsRawSeed(int keyId, const char* typeName) {
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  if (keyId == EVP_PKEY_ML_DSA_44 || keyId == EVP_PKEY_ML_DSA_65 || keyId == EVP_PKEY_ML_DSA_87) {
+    return true;
+  }
+  if (typeName != nullptr) {
+    std::string name(typeName);
+    if (name.starts_with("ML-KEM-") || name.starts_with("ML-DSA-") || name.starts_with("SLH-DSA-")) {
+      return true;
+    }
+  }
+#else
+  (void)keyId;
+  (void)typeName;
+#endif
+  return false;
+}
+
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportRawPublic() {
+  auto keyType = data_.GetKeyType();
+  if (keyType == KeyType::SECRET) {
+    throw std::runtime_error("Raw public key export is not supported for secret keys");
+  }
+
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid asymmetric key");
+  }
+
+  int keyId = EVP_PKEY_id(pkey.get());
+  const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
+
+  if (!supportsRawPublic(keyId, typeName)) {
+    throw std::runtime_error("The key type does not support raw public key export");
+  }
+
+  auto rawData = pkey.rawPublicKey();
+  if (!rawData) {
+    throw std::runtime_error("Failed to get raw public key");
+  }
+  return ToNativeArrayBuffer(reinterpret_cast<const uint8_t*>(rawData.get()), rawData.size());
+}
+
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportRawPrivate() {
+  auto keyType = data_.GetKeyType();
+  if (keyType != KeyType::PRIVATE) {
+    throw std::runtime_error("Raw private key export requires a private key");
+  }
+
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid asymmetric key");
+  }
+
+  int keyId = EVP_PKEY_id(pkey.get());
+  const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
+
+  if (!supportsRawPrivate(keyId, typeName)) {
+    throw std::runtime_error("The key type does not support raw private key export");
+  }
+
+  auto rawData = pkey.rawPrivateKey();
+  if (!rawData) {
+    throw std::runtime_error("Failed to get raw private key");
+  }
+  return ToNativeArrayBuffer(reinterpret_cast<const uint8_t*>(rawData.get()), rawData.size());
+}
+
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportRawSeed() {
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  auto keyType = data_.GetKeyType();
+  if (keyType != KeyType::PRIVATE) {
+    throw std::runtime_error("Raw seed export requires a private key");
+  }
+
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid asymmetric key");
+  }
+
+  int keyId = EVP_PKEY_id(pkey.get());
+  const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
+
+  if (!supportsRawSeed(keyId, typeName)) {
+    throw std::runtime_error("The key type does not support raw seed export");
+  }
+
+  auto rawData = pkey.rawSeed();
+  if (!rawData) {
+    throw std::runtime_error("Key does not have an available seed");
+  }
+  return ToNativeArrayBuffer(reinterpret_cast<const uint8_t*>(rawData.get()), rawData.size());
+#else
+  throw std::runtime_error("Raw seed export requires OpenSSL 3.5+");
+#endif
+}
+
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportECPublicRaw(bool compressed) {
+  auto keyType = data_.GetKeyType();
+  if (keyType == KeyType::SECRET) {
+    throw std::runtime_error("EC raw public key export is not supported for secret keys");
+  }
+
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid asymmetric key");
+  }
+
+  if (EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) {
+    throw std::runtime_error("Key is not an EC key");
+  }
+
+  const EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey.get());
+  if (!ec_key) {
+    throw std::runtime_error("Failed to get EC key");
+  }
+
+  const EC_GROUP* group = EC_KEY_get0_group(ec_key);
+  const EC_POINT* point = EC_KEY_get0_public_key(ec_key);
+  if (!group || !point) {
+    throw std::runtime_error("Failed to get EC public key point");
+  }
+
+  point_conversion_form_t form = compressed ? POINT_CONVERSION_COMPRESSED : POINT_CONVERSION_UNCOMPRESSED;
+
+  size_t len = EC_POINT_point2oct(group, point, form, nullptr, 0, nullptr);
+  if (len == 0) {
+    throw std::runtime_error("Failed to compute EC point size");
+  }
+  std::vector<uint8_t> buf(len);
+  if (EC_POINT_point2oct(group, point, form, buf.data(), buf.size(), nullptr) != len) {
+    throw std::runtime_error("Failed to encode EC public key point");
+  }
+  return ToNativeArrayBuffer(buf.data(), buf.size());
+}
+
+std::shared_ptr<ArrayBuffer> HybridKeyObjectHandle::exportECPrivateRaw() {
+  auto keyType = data_.GetKeyType();
+  if (keyType != KeyType::PRIVATE) {
+    throw std::runtime_error("EC raw private key export requires a private key");
+  }
+
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey) {
+    throw std::runtime_error("Invalid asymmetric key");
+  }
+
+  if (EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) {
+    throw std::runtime_error("Key is not an EC key");
+  }
+
+  const EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(pkey.get());
+  if (!ec_key) {
+    throw std::runtime_error("Failed to get EC key");
+  }
+
+  const BIGNUM* priv_bn = EC_KEY_get0_private_key(ec_key);
+  if (!priv_bn) {
+    throw std::runtime_error("EC key has no private component");
+  }
+
+  const EC_GROUP* group = EC_KEY_get0_group(ec_key);
+  if (!group) {
+    throw std::runtime_error("Failed to get EC group");
+  }
+
+  BIGNUM* order = BN_new();
+  if (!order) {
+    throw std::runtime_error("Failed to allocate BIGNUM");
+  }
+  if (EC_GROUP_get_order(group, order, nullptr) != 1) {
+    BN_free(order);
+    throw std::runtime_error("Failed to get EC group order");
+  }
+  size_t order_size = (BN_num_bits(order) + 7) / 8;
+  BN_free(order);
+
+  std::vector<uint8_t> buf(order_size, 0);
+  if (BN_bn2binpad(priv_bn, buf.data(), static_cast<int>(order_size)) < 0) {
+    throw std::runtime_error("Failed to encode EC private key");
+  }
+  return ToNativeArrayBuffer(buf.data(), buf.size());
+}
+
 AsymmetricKeyType HybridKeyObjectHandle::getAsymmetricKeyType() {
   const auto& pkey = data_.GetAsymmetricKey();
   if (!pkey) {
@@ -407,7 +698,7 @@ AsymmetricKeyType HybridKeyObjectHandle::getAsymmetricKeyType() {
   }
 
 #if OPENSSL_VERSION_NUMBER >= 0x30500000L
-  // EVP_PKEY_id returns -1 for provider-only key types (e.g. ML-KEM)
+  // EVP_PKEY_id returns -1 for provider-only key types (e.g. ML-KEM, SLH-DSA)
   // Fall back to string-based type name comparison
   const char* typeName = EVP_PKEY_get0_type_name(pkey.get());
   if (typeName != nullptr) {
@@ -418,6 +709,30 @@ AsymmetricKeyType HybridKeyObjectHandle::getAsymmetricKeyType() {
       return AsymmetricKeyType::ML_KEM_768;
     if (name == "ML-KEM-1024")
       return AsymmetricKeyType::ML_KEM_1024;
+    if (name == "SLH-DSA-SHA2-128s")
+      return AsymmetricKeyType::SLH_DSA_SHA2_128S;
+    if (name == "SLH-DSA-SHA2-128f")
+      return AsymmetricKeyType::SLH_DSA_SHA2_128F;
+    if (name == "SLH-DSA-SHA2-192s")
+      return AsymmetricKeyType::SLH_DSA_SHA2_192S;
+    if (name == "SLH-DSA-SHA2-192f")
+      return AsymmetricKeyType::SLH_DSA_SHA2_192F;
+    if (name == "SLH-DSA-SHA2-256s")
+      return AsymmetricKeyType::SLH_DSA_SHA2_256S;
+    if (name == "SLH-DSA-SHA2-256f")
+      return AsymmetricKeyType::SLH_DSA_SHA2_256F;
+    if (name == "SLH-DSA-SHAKE-128s")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_128S;
+    if (name == "SLH-DSA-SHAKE-128f")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_128F;
+    if (name == "SLH-DSA-SHAKE-192s")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_192S;
+    if (name == "SLH-DSA-SHAKE-192f")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_192F;
+    if (name == "SLH-DSA-SHAKE-256s")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_256S;
+    if (name == "SLH-DSA-SHAKE-256f")
+      return AsymmetricKeyType::SLH_DSA_SHAKE_256F;
   }
 #endif
 
@@ -703,6 +1018,96 @@ std::optional<KeyType> HybridKeyObjectHandle::initJwk(const JWK& keyData, std::o
     }
   }
 
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  // Handle AKP keys (ML-DSA, ML-KEM)
+  if (kty == JWKkty::AKP) {
+    if (!keyData.alg.has_value()) {
+      throw std::runtime_error("JWK AKP key missing 'alg' field");
+    }
+    if (!keyData.pub.has_value()) {
+      throw std::runtime_error("JWK AKP key missing 'pub' field");
+    }
+
+    const std::string& alg = keyData.alg.value();
+    int nid = 0;
+    if (alg == "ML-DSA-44")
+      nid = EVP_PKEY_ML_DSA_44;
+    else if (alg == "ML-DSA-65")
+      nid = EVP_PKEY_ML_DSA_65;
+    else if (alg == "ML-DSA-87")
+      nid = EVP_PKEY_ML_DSA_87;
+    else if (alg == "ML-KEM-512")
+      nid = EVP_PKEY_ML_KEM_512;
+    else if (alg == "ML-KEM-768")
+      nid = EVP_PKEY_ML_KEM_768;
+    else if (alg == "ML-KEM-1024")
+      nid = EVP_PKEY_ML_KEM_1024;
+    else if (alg == "SLH-DSA-SHA2-128s")
+      nid = EVP_PKEY_SLH_DSA_SHA2_128S;
+    else if (alg == "SLH-DSA-SHA2-128f")
+      nid = EVP_PKEY_SLH_DSA_SHA2_128F;
+    else if (alg == "SLH-DSA-SHA2-192s")
+      nid = EVP_PKEY_SLH_DSA_SHA2_192S;
+    else if (alg == "SLH-DSA-SHA2-192f")
+      nid = EVP_PKEY_SLH_DSA_SHA2_192F;
+    else if (alg == "SLH-DSA-SHA2-256s")
+      nid = EVP_PKEY_SLH_DSA_SHA2_256S;
+    else if (alg == "SLH-DSA-SHA2-256f")
+      nid = EVP_PKEY_SLH_DSA_SHA2_256F;
+    else if (alg == "SLH-DSA-SHAKE-128s")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_128S;
+    else if (alg == "SLH-DSA-SHAKE-128f")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_128F;
+    else if (alg == "SLH-DSA-SHAKE-192s")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_192S;
+    else if (alg == "SLH-DSA-SHAKE-192f")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_192F;
+    else if (alg == "SLH-DSA-SHAKE-256s")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_256S;
+    else if (alg == "SLH-DSA-SHAKE-256f")
+      nid = EVP_PKEY_SLH_DSA_SHAKE_256F;
+    else
+      throw std::runtime_error("Unsupported JWK AKP \"alg\": " + alg);
+
+    bool isPrivate = keyData.priv.has_value();
+    ncrypto::EVPKeyPointer pkey;
+
+    if (isPrivate) {
+      std::string seedBytes = base64url_decode(keyData.priv.value());
+      ncrypto::Buffer<const unsigned char> buf{
+          .data = reinterpret_cast<const unsigned char*>(seedBytes.data()),
+          .len = seedBytes.size(),
+      };
+      pkey = ncrypto::EVPKeyPointer::NewRawSeed(nid, buf);
+      if (!pkey) {
+        throw std::runtime_error("Invalid JWK AKP key");
+      }
+
+      // Verify the pub field matches the public key derived from the seed.
+      std::string pubBytes = base64url_decode(keyData.pub.value());
+      auto derivedPub = pkey.rawPublicKey();
+      if (!derivedPub || derivedPub.size() != pubBytes.size() || CRYPTO_memcmp(derivedPub.get(), pubBytes.data(), pubBytes.size()) != 0) {
+        throw std::runtime_error("Invalid JWK AKP key");
+      }
+
+      data_ = KeyObjectData::CreateAsymmetric(KeyType::PRIVATE, std::move(pkey));
+      return KeyType::PRIVATE;
+    } else {
+      std::string pubBytes = base64url_decode(keyData.pub.value());
+      ncrypto::Buffer<const unsigned char> buf{
+          .data = reinterpret_cast<const unsigned char*>(pubBytes.data()),
+          .len = pubBytes.size(),
+      };
+      pkey = ncrypto::EVPKeyPointer::NewRawPublic(nid, buf);
+      if (!pkey) {
+        throw std::runtime_error("Invalid JWK AKP key");
+      }
+      data_ = KeyObjectData::CreateAsymmetric(KeyType::PUBLIC, std::move(pkey));
+      return KeyType::PUBLIC;
+    }
+  }
+#endif
+
   throw std::runtime_error("Unsupported JWK key type");
 }
 
@@ -835,6 +1240,30 @@ bool HybridKeyObjectHandle::initPqcRaw(const std::string& algorithmName, const s
     nid = EVP_PKEY_ML_DSA_65;
   else if (algorithmName == "ML-DSA-87")
     nid = EVP_PKEY_ML_DSA_87;
+  else if (algorithmName == "SLH-DSA-SHA2-128s")
+    nid = EVP_PKEY_SLH_DSA_SHA2_128S;
+  else if (algorithmName == "SLH-DSA-SHA2-128f")
+    nid = EVP_PKEY_SLH_DSA_SHA2_128F;
+  else if (algorithmName == "SLH-DSA-SHA2-192s")
+    nid = EVP_PKEY_SLH_DSA_SHA2_192S;
+  else if (algorithmName == "SLH-DSA-SHA2-192f")
+    nid = EVP_PKEY_SLH_DSA_SHA2_192F;
+  else if (algorithmName == "SLH-DSA-SHA2-256s")
+    nid = EVP_PKEY_SLH_DSA_SHA2_256S;
+  else if (algorithmName == "SLH-DSA-SHA2-256f")
+    nid = EVP_PKEY_SLH_DSA_SHA2_256F;
+  else if (algorithmName == "SLH-DSA-SHAKE-128s")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_128S;
+  else if (algorithmName == "SLH-DSA-SHAKE-128f")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_128F;
+  else if (algorithmName == "SLH-DSA-SHAKE-192s")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_192S;
+  else if (algorithmName == "SLH-DSA-SHAKE-192f")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_192F;
+  else if (algorithmName == "SLH-DSA-SHAKE-256s")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_256S;
+  else if (algorithmName == "SLH-DSA-SHAKE-256f")
+    nid = EVP_PKEY_SLH_DSA_SHAKE_256F;
   else
     throw std::runtime_error("Unknown PQC algorithm: " + algorithmName);
 
@@ -859,6 +1288,193 @@ bool HybridKeyObjectHandle::initPqcRaw(const std::string& algorithmName, const s
 #endif
 }
 
+// Map a string asymmetricKeyType to an EVP_PKEY NID for OKP/PQC keys.
+// Returns 0 if the type is not a known OKP or PQC type.
+static int evpNidForAsymmetricKeyType(const std::string& asymmetricKeyType) {
+  if (asymmetricKeyType == "ed25519")
+    return EVP_PKEY_ED25519;
+  if (asymmetricKeyType == "ed448")
+    return EVP_PKEY_ED448;
+  if (asymmetricKeyType == "x25519")
+    return EVP_PKEY_X25519;
+  if (asymmetricKeyType == "x448")
+    return EVP_PKEY_X448;
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  if (asymmetricKeyType == "ml-dsa-44")
+    return EVP_PKEY_ML_DSA_44;
+  if (asymmetricKeyType == "ml-dsa-65")
+    return EVP_PKEY_ML_DSA_65;
+  if (asymmetricKeyType == "ml-dsa-87")
+    return EVP_PKEY_ML_DSA_87;
+  if (asymmetricKeyType == "ml-kem-512")
+    return EVP_PKEY_ML_KEM_512;
+  if (asymmetricKeyType == "ml-kem-768")
+    return EVP_PKEY_ML_KEM_768;
+  if (asymmetricKeyType == "ml-kem-1024")
+    return EVP_PKEY_ML_KEM_1024;
+  if (asymmetricKeyType == "slh-dsa-sha2-128s")
+    return EVP_PKEY_SLH_DSA_SHA2_128S;
+  if (asymmetricKeyType == "slh-dsa-sha2-128f")
+    return EVP_PKEY_SLH_DSA_SHA2_128F;
+  if (asymmetricKeyType == "slh-dsa-sha2-192s")
+    return EVP_PKEY_SLH_DSA_SHA2_192S;
+  if (asymmetricKeyType == "slh-dsa-sha2-192f")
+    return EVP_PKEY_SLH_DSA_SHA2_192F;
+  if (asymmetricKeyType == "slh-dsa-sha2-256s")
+    return EVP_PKEY_SLH_DSA_SHA2_256S;
+  if (asymmetricKeyType == "slh-dsa-sha2-256f")
+    return EVP_PKEY_SLH_DSA_SHA2_256F;
+  if (asymmetricKeyType == "slh-dsa-shake-128s")
+    return EVP_PKEY_SLH_DSA_SHAKE_128S;
+  if (asymmetricKeyType == "slh-dsa-shake-128f")
+    return EVP_PKEY_SLH_DSA_SHAKE_128F;
+  if (asymmetricKeyType == "slh-dsa-shake-192s")
+    return EVP_PKEY_SLH_DSA_SHAKE_192S;
+  if (asymmetricKeyType == "slh-dsa-shake-192f")
+    return EVP_PKEY_SLH_DSA_SHAKE_192F;
+  if (asymmetricKeyType == "slh-dsa-shake-256s")
+    return EVP_PKEY_SLH_DSA_SHAKE_256S;
+  if (asymmetricKeyType == "slh-dsa-shake-256f")
+    return EVP_PKEY_SLH_DSA_SHAKE_256F;
+#endif
+  return 0;
+}
+
+bool HybridKeyObjectHandle::initRawPublic(const std::string& asymmetricKeyType, const std::shared_ptr<ArrayBuffer>& keyData,
+                                          const std::optional<std::string>& namedCurve) {
+  data_ = KeyObjectData();
+
+  if (asymmetricKeyType == "ec") {
+    if (!namedCurve.has_value()) {
+      throw std::runtime_error("namedCurve is required for EC raw public key import");
+    }
+    return initECRaw(namedCurve.value(), keyData);
+  }
+
+  int nid = evpNidForAsymmetricKeyType(asymmetricKeyType);
+  if (nid == 0) {
+    throw std::runtime_error("Invalid asymmetricKeyType for raw public key import: " + asymmetricKeyType);
+  }
+
+  ncrypto::Buffer<const unsigned char> buffer{.data = reinterpret_cast<const unsigned char*>(keyData->data()), .len = keyData->size()};
+  auto pkey = ncrypto::EVPKeyPointer::NewRawPublic(nid, buffer);
+  if (!pkey) {
+    throw std::runtime_error("Failed to create raw public key");
+  }
+  this->data_ = KeyObjectData::CreateAsymmetric(KeyType::PUBLIC, std::move(pkey));
+  return true;
+}
+
+bool HybridKeyObjectHandle::initRawPrivate(const std::string& asymmetricKeyType, const std::shared_ptr<ArrayBuffer>& keyData,
+                                           const std::optional<std::string>& namedCurve) {
+  data_ = KeyObjectData();
+
+  if (asymmetricKeyType == "ec") {
+    if (!namedCurve.has_value()) {
+      throw std::runtime_error("namedCurve is required for EC raw private key import");
+    }
+
+    int nid = 0;
+    const std::string& curve = namedCurve.value();
+    if (curve == "prime256v1" || curve == "P-256")
+      nid = NID_X9_62_prime256v1;
+    else if (curve == "secp384r1" || curve == "P-384")
+      nid = NID_secp384r1;
+    else if (curve == "secp521r1" || curve == "P-521")
+      nid = NID_secp521r1;
+    else if (curve == "secp256k1")
+      nid = NID_secp256k1;
+    else
+      nid = OBJ_txt2nid(curve.c_str());
+
+    if (nid == 0) {
+      throw std::runtime_error("Unknown curve: " + curve);
+    }
+
+    auto ec_key = std::unique_ptr<EC_KEY, decltype(&EC_KEY_free)>(EC_KEY_new_by_curve_name(nid), EC_KEY_free);
+    if (!ec_key) {
+      throw std::runtime_error("Failed to create EC_KEY");
+    }
+    const EC_GROUP* group = EC_KEY_get0_group(ec_key.get());
+
+    BIGNUM* order = BN_new();
+    if (!order || EC_GROUP_get_order(group, order, nullptr) != 1) {
+      if (order)
+        BN_free(order);
+      throw std::runtime_error("Failed to get EC group order");
+    }
+    size_t order_size = (BN_num_bits(order) + 7) / 8;
+    BN_free(order);
+
+    if (keyData->size() != order_size) {
+      throw std::runtime_error("Invalid EC private key length");
+    }
+
+    BIGNUM* priv_bn = BN_bin2bn(reinterpret_cast<const unsigned char*>(keyData->data()), static_cast<int>(keyData->size()), nullptr);
+    if (!priv_bn) {
+      throw std::runtime_error("Failed to decode EC private key");
+    }
+
+    if (EC_KEY_set_private_key(ec_key.get(), priv_bn) != 1) {
+      BN_free(priv_bn);
+      throw std::runtime_error("Failed to set EC private key");
+    }
+
+    auto pub_point = std::unique_ptr<EC_POINT, decltype(&EC_POINT_free)>(EC_POINT_new(group), EC_POINT_free);
+    if (!pub_point || EC_POINT_mul(group, pub_point.get(), priv_bn, nullptr, nullptr, nullptr) != 1 ||
+        EC_KEY_set_public_key(ec_key.get(), pub_point.get()) != 1) {
+      BN_free(priv_bn);
+      throw std::runtime_error("Failed to derive EC public key");
+    }
+    BN_free(priv_bn);
+
+    EVP_PKEY* pkey = EVP_PKEY_new();
+    if (!pkey || EVP_PKEY_assign_EC_KEY(pkey, ec_key.get()) != 1) {
+      if (pkey)
+        EVP_PKEY_free(pkey);
+      throw std::runtime_error("Failed to create EVP_PKEY from EC_KEY");
+    }
+    ec_key.release();
+
+    this->data_ = KeyObjectData::CreateAsymmetric(KeyType::PRIVATE, ncrypto::EVPKeyPointer(pkey));
+    return true;
+  }
+
+  int nid = evpNidForAsymmetricKeyType(asymmetricKeyType);
+  if (nid == 0) {
+    throw std::runtime_error("Invalid asymmetricKeyType for raw private key import: " + asymmetricKeyType);
+  }
+
+  ncrypto::Buffer<const unsigned char> buffer{.data = reinterpret_cast<const unsigned char*>(keyData->data()), .len = keyData->size()};
+  auto pkey = ncrypto::EVPKeyPointer::NewRawPrivate(nid, buffer);
+  if (!pkey) {
+    throw std::runtime_error("Failed to create raw private key");
+  }
+  this->data_ = KeyObjectData::CreateAsymmetric(KeyType::PRIVATE, std::move(pkey));
+  return true;
+}
+
+bool HybridKeyObjectHandle::initRawSeed(const std::string& asymmetricKeyType, const std::shared_ptr<ArrayBuffer>& keyData) {
+#if OPENSSL_VERSION_NUMBER >= 0x30500000L
+  data_ = KeyObjectData();
+
+  int nid = evpNidForAsymmetricKeyType(asymmetricKeyType);
+  if (nid == 0) {
+    throw std::runtime_error("Invalid asymmetricKeyType for raw seed import: " + asymmetricKeyType);
+  }
+
+  ncrypto::Buffer<const unsigned char> buffer{.data = reinterpret_cast<const unsigned char*>(keyData->data()), .len = keyData->size()};
+  auto pkey = ncrypto::EVPKeyPointer::NewRawSeed(nid, buffer);
+  if (!pkey) {
+    throw std::runtime_error("Failed to create key from raw seed");
+  }
+  this->data_ = KeyObjectData::CreateAsymmetric(KeyType::PRIVATE, std::move(pkey));
+  return true;
+#else
+  throw std::runtime_error("Raw seed import requires OpenSSL 3.5+");
+#endif
+}
+
 bool HybridKeyObjectHandle::keyEquals(const std::shared_ptr<HybridKeyObjectHandleSpec>& other) {
   auto otherHandle = std::dynamic_pointer_cast<HybridKeyObjectHandle>(other);
   if (!otherHandle)
@@ -887,4 +1503,16 @@ double HybridKeyObjectHandle::getSymmetricKeySize() {
   return static_cast<double>(data_.GetSymmetricKeySize());
 }
 
+bool HybridKeyObjectHandle::checkEcKeyData() {
+  const auto& pkey = data_.GetAsymmetricKey();
+  if (!pkey || EVP_PKEY_id(pkey.get()) != EVP_PKEY_EC) {
+    return false;
+  }
+  auto ctx = pkey.newCtx();
+  if (!ctx) {
+    return false;
+  }
+  return data_.GetKeyType() == KeyType::PRIVATE ? ctx.privateCheck() : ctx.publicCheck();
+}
+
 } // namespace margelo::nitro::crypto