Skip to content

feat: implement 6 missing crypto APIs: 15 ❌ → ✅#921

Merged
boorad merged 15 commits intomainfrom
feat/red-x-hunting-0
Feb 13, 2026
Merged

feat: implement 6 missing crypto APIs: 15 ❌ → ✅#921
boorad merged 15 commits intomainfrom
feat/red-x-hunting-0

Conversation

@boorad
Copy link
Collaborator

@boorad boorad commented Feb 13, 2026
edited
Loading

Summary

Implements 6 previously missing Node.js crypto APIs, flipping 15 ❌ to ✅ in the implementation coverage doc.

New Features

  • Certificate class — verifySpkac, exportPublicKey, exportChallenge (SPKAC operations via ncrypto)
  • KeyObject.from() / KeyObject.toCryptoKey() — bidirectional conversion between KeyObject and CryptoKey
  • ECDH.convertKey() — static method for EC point format conversion (compressed/uncompressed/hybrid)
  • getCipherInfo() — returns cipher metadata (name, NID, mode, key length, IV length, block size)
  • generatePrime / generatePrimeSync / checkPrime / checkPrimeSync — prime generation and primality testing
  • argon2 / argon2Sync — password hashing with argon2d, argon2i, argon2id (requires OpenSSL 3.2+)

Additional Fixes

  • EC raw key export (subtle.exportKey("raw", ecKey)) now works correctly
  • getCipherInfo returns canonical OpenSSL cipher name (via OBJ_nid2sn) instead of echoing user input
  • Example app uses workspace:* instead of stale version number

Changes

  • 6 new C++ implementations (HybridArgon2, HybridCertificate, HybridPrime, plus additions to HybridCipher, HybridECDH, HybridKeyObjectHandle)
  • 6 new TypeScript API wrappers with proper Node.js-compatible signatures
  • 3 new Nitro specs (argon2.nitro.ts, certificate.nitro.ts, prime.nitro.ts)
  • Nitrogen codegen for new HybridObjects (autolinking, specs)
  • 6 new test suites covering all new functionality
  • Updated implementation coverage doc

Testing

Tests run in the React Native example app. New test suites:

  • argon2 — RFC 9106 test vectors, algorithm variants, determinism, async/sync parity
  • certificate — valid/invalid SPKAC verification, public key and challenge export
  • cipherinfo — known ciphers (aes-256-cbc, aes-128-gcm, chacha20-poly1305), custom key/IV lengths
  • ecdh — convertKey roundtrips, compressed/uncompressed/hybrid formats, hex encoding
  • keys — KeyObject.from/toCryptoKey roundtrip with ECDSA P-256, raw key export verification
  • prime — generate/check sync and async, safe primes, bigint support

Related

boorad added 11 commits February 12, 2026 23:20
@boorad
feat: add KeyObject.from() and KeyObject.toCryptoKey() methods
88c631b
@boorad
feat: add Certificate class (SPKAC) with exportChallenge, exportPubli…
8484c23 
…cKey, verifySpkac
@boorad
feat: add ECDH.convertKey() static method
dd751b5
@boorad
feat: add getCipherInfo() function
b261c44
@boorad
feat: add generatePrime/generatePrimeSync and checkPrime/checkPrimeSync
d360bc2
@boorad
feat: add argon2/argon2Sync password hashing (argon2d, argon2i, argon…
d863fb5 
…2id)
@boorad
chore: register new modules (Certificate, Prime, Argon2) in build sys…
7c6acd0 
…tem and exports
@boorad
docs: update implementation coverage (15 red X's flipped to green)
6e980d3
@boorad
test: add tests for Certificate, ECDH.convertKey, KeyObject, getCiphe…
31709ff 
…rInfo, Prime, Argon2

Also clang-format C++ files for Certificate, Cipher, Prime, Argon2
@boorad
fix: EC raw key export and getCipherInfo name resolution
412d20a 
- Add raw format export for EC public keys (uncompressed point encoding)
- Support 'raw' format in subtle.exportKey for EC keys
- Fix getCipherInfo to use input name instead of cipher.getName()
- Switch example dependency to workspace link
@boorad
fix: address review findings across new modules
80636da 
- getCipherInfo: use canonical OpenSSL name via cipher.getName(), remove number from signature
- Certificate: use safer empty ArrayBuffer pattern (non-null data pointer)
- Argon2: include OpenSSL error string in failure messages
- Prime: clean up callback signatures with proper union types
- Tests: strengthen verifySpkac assertion to assert.isTrue
@boorad boorad self-assigned this Feb 13, 2026
@boorad boorad changed the title feat: implement 6 missing crypto APIs (15 red X's → green) feat: implement 6 missing crypto APIs: 15 ❌ → ✅ Feb 13, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 13, 2026
edited
Loading

🤖 End-to-End Test Results - Android

Status: ✅ Passed
Platform: Android
Run: 21976705832

📸 Final Test Screenshot

Maestro Test Results - android

Screenshot automatically captured from End-to-End tests and will expire in 30 days

This comment is automatically updated on each test run.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 13, 2026
edited
Loading

🤖 End-to-End Test Results - iOS

Status: ✅ Passed
Platform: iOS
Run: 21976705846

📸 Final Test Screenshot

Maestro Test Results - ios

Screenshot automatically captured from End-to-End tests and will expire in 30 days

This comment is automatically updated on each test run.

@boorad boorad merged commit 6ffd3f1 into main Feb 13, 2026
8 checks passed
@boorad boorad deleted the feat/red-x-hunting-0 branch February 13, 2026 06:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@boorad boorad

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@boorad