Crypto API
complete
Luke Sugiura
Crypto module from nodejs is essential to make cryptocurrency wallet. I wanted to use this library which enables you to use node crypto module in RN.
However, the library uses native component for random bytes generation so that I can't use it without detaching the project. It would be helpful to have api for random bytes generation as well as other reimplementations of node crypto module.
S
Sk Salman Ahmed Sabbir
The expo-crypto package for React Native seems to lack HMAC creation functionality, which is essential for many cryptographic operations. This absence limits the package's usefulness for developers who rely on HMAC for secure message authentication.
t
trajano
I had a similar scenario but broader. I wanted to use the
jose
libraries which do the JWT and JWKS signature verification. I posted the question but eventually just answered it myself.Naiem Yeganeh
For people who need crypto libraries in their expo project, good news is V33 has expo-random to generate keys. Once you have a random key anything else is still hard to do.
We are using crypto-js for many tasks. And very painstakingly we have forked many crypto libraries and their dependencies and have ported them to use crypto-js.
If you look at our github repo you can probably find a bunch of libraries that do the job, and can be directly used in an expo project. Just create a fork and
yarn install git+https:....
-hdkey
-bip39
-elliptic
-tweetnacl-js
-b58check
-bip39
蓝兔哈皮
I still don't quite understand how expo's ReactNative project uses bip39?
Can you describe in more detail?
I want to generate seeds with mnemonic, what should I do?
Flavio Rajta
Hey guys, checkout this package I made for using TweetNaCl in Expo https://www.npmjs.com/package/tweet-nacl-react-native-expo
Let me know what you think!
Evan Bacon
complete
Ready to go! https://docs.expo.io/versions/v33.0.0/sdk/crypto/
Peter Cauty
Evan Bacon: thank you so much for this! However, I'd have liked to have some others methods like RSA/AES keygen, Crypt, Decrypt, Sign and Verify, in a module called "Crypto" 😅 Or maybe I didn't understood the purpose of this new module 😇 great job anyway!
Ramiro Dutto Luquez
Evan Bacon: Thank you for the new feature!!! We really appreciate it! I think like Peter Cauty. It's posible to add RSA/AES keygen, Crypt, Decrypt, Sign and Verify methods to the expo-crypto module???
Marcin Czenko
Peter Cauty: what about https://tweetnacl.js.org? This is becoming a de facto standard, so if expo is going to align with something, then TweetNaCl is a good option - especially that it works well with expo already. Having randomBytes from expo-random and using nacl.setPRNG for generating signing key pair we have the whole spectrum of cryptographic primitives covered. For encryption keys and symmetric keys do not even need to use nacl.setPRNG. The only thing that makes using randomBytes from expo-random with nacl.js a bit less convenient is that randomBytes from expo is async. I did not yet have time to check if there is a way to make it sync.
Paul Cowgill
Ramiro Dutto Luquez: Here's a link for the new issue you created for this https://expo.canny.io/feature-requests/p/nodejs-crypto-module-full-features
I upvoted it.
Paul Cowgill
Marcin Czenko: Should we make a new, separate feature request for this (specifically using TweetNaCl.js) if there isn't one already?
Marcin Czenko
Paul Cowgill: I have added my comment and upvoted this one: https://expo.canny.io/feature-requests/p/nodejs-crypto-module-full-features.
Evan Bacon
in progress
James Ide and I have landed two new unimodules to cover basic Crypto functionality.
- expo-random (node.js random-bytes) https://github.com/expo/expo/tree/master/packages/expo-random
- expo-crypto (for creating digests) https://github.com/expo/expo/tree/master/packages/expo-crypto
You can use either of these modules outside of Expo if you want. AFAIK Expo v33 will included both libraries (at which time we will mark this request as complete).
In addition to native support; both modules also have support for react-native-web!! 💙🔥⭐️😁
Will keep you updated on when these are fully complete 😁🥓
Ben Burton
Evan Bacon: 🎉👏
Harry Lachenmayer
Evan Bacon: Amazing to hear, thanks so much for your efforts :)
Deb Lellouche
Evan Bacon: hey there! thanks for this :) Can we start using
expo-crypto
now that SDK 33 is out?Evan Bacon
Deb Lellouche: 👍 - 33 isn't fully released yet though.
Ben Burton
Without a cryptographic random number generator, it is not possible to generate secure random bytes with a suitable level of entropy for use with oauth PKCE signing. As a result, it seems questionable that any Expo application utilizing oauth can claim to be properly secure.
itslittlejohn
Ben Burton: I have the exact need.
Timboektoe
I really need some support for crypto api in my app. I am considering to temporarily use use a 'hidden' WebView in my app to do some cryptographic tasks. Any feedback on this?
Harry Lachenmayer
Some way of generating random bytes would be amazing to have in Expo - I currently need to generate a keypair to sign requests. My workaround for my prototype is to fetch some random bytes from random.org to use as a seed for the key generation - this is obviously also a terrible idea, but seems less bad than using Math.random()...
Joe
With multiple react-native bip44, bip39 libraries available and all of them using crypto adding this should be a priority. Most of us do not want to detach our entire project because of some entropy input.
Load More
→