Expanded Algorithm Support
Tabris.js now supports ECDSA keys in addition to ECDH. Signatures currently can only be generated in DER format using the non‑standard ECDSAinDERFormat algorithm.
Hardware-Backed Key Storage in the TEE
When extractable is set to false, ECDH and ECDSA keys are now generated in the device's Trusted Execution Environment (TEE). Previously, the TEE was used only on iOS. Now, keys are also stored in the TEE on Android when the device supports it.
Exporting a non‑extractable key now returns an opaque handle that enables using the key on the device for cryptographic operations without exposing the raw key material.
Optional User Authentication
The method generateKey now supports the usageRequiresAuth option. Using keys generated with this option will require user authentication, adding an extra layer of protection. This option is currently only supported for non‑extractable ECDH and ECDSA keys.