Expose web crypto API
complete
Martin Heidegger
React native supports the web crypto API which works well in exited mode and comes with the very useful sync(!) getRandomValues API. It would be great if expo could expose the Crypto API as well - https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API
ide
complete
expo-standard-web-crypto is now available on npm (1.0.0-beta.0). It defines Crypto.getRandomValues() and works with SDK 39. It is designed to be W3C spec compliant. We have no plans to implement the rest of the Crypto API right now.
E
Emanuele
I add what would be very useful to me in particular is HMAC universal support to check the authenticity of data (other than its integrity) - it's already supported by Web Crypto API (see sign and verify methods of SubtleCrypto) and both Android and iOS
ide
What specific functions do you need? There are some RNG and Crypto methods here: https://docs.expo.io/versions/latest/sdk/random/ and https://docs.expo.io/versions/latest/sdk/crypto/. The methods are largely async until a massive overhaul to one of the internal dependencies (specifically, React Native) and debugging system enable sync methods in a few more places. But generally speaking, you can generate random values today.
Martin Heidegger
ide: The random function is probably the most important one, as it is not possibly emulated by other functions.
Martin Heidegger
That being said, it is also worth noting that the SubtleCrypto API would greatly help and it is interesting that the API uses ArrayBuffers for the data instead of string (which is an important detail-difference in comparsion to the API provided by the expo-crypto features)
Martin Heidegger
Before I forget: The documentation of the API specifically mentions: "implementations are not using a truly random number generator, but they are using a pseudo-random number generator seeded with a value with enough entropy." Which could be achieved in react-native / expo easily enough: generate a big enough seed natively before starting the runtime and pass-it in.
Timothée Rebours
ide: If I might add, the RSA and ECDSA key generation are very slow in all implementations in pure JS and can be drastically optimized in native code. In my use case, that's the killer feature I need.
Michael Wood
Hi Martin Heidegger. Do you think this feature request should be merged with https://expo.canny.io/feature-requests/p/nodejs-crypto-module-full-features?
Paul Cowgill
Michael Wood: I don't think so, since the node core module and the web API standard are different.
Martin Heidegger
Michael Wood: no, the web crypto api is a lot smaller and would still help