react-native-quick-crypto icon indicating copy to clipboard operation
react-native-quick-crypto copied to clipboard
verified publisher icon margelo

✨ Add blake3 support

Open XChikuX opened this issue 1 year ago • 3 comments

What feature or enhancement are you suggesting?

Blake3 is THE modern hashing algorithm out there.

There are plenty of opensource contributions toward blake3.

One such example is: https://github.com/connor4312/blake3

Could we please port it to work with react-native as well. I sorely miss this feature as it would be a great security add one. Especially for tagging images on users' phones directly.

I also use it to make secure HMACs:

async function makeHmac(msg: string, derivedKey: string): Promise<string> {
  const hashFunc = createBLAKE3(256);
  const hmac = await createHMAC(hashFunc, derivedKey);

  hmac.init();
  hmac.update(msg);
  const hmacResult = hmac.digest();

  const token = `Bearer ${hmacResult};${msg}`;
  return token;
}

Thanks!

What Platforms whould this feature/enhancement affect?

iOS, Android

Alternatives/Workarounds

There are no current workarounds except, very messily trying to connect a wasm implementation over react-native-react-bridge.

However, this approach is something I could not even get a basic example working.

Additional information

XChikuX avatar Jan 08 '25 15:01 XChikuX

What do you mean by "tagging images on users' phones directly"?

salieflewis avatar Feb 06 '25 20:02 salieflewis

I currently use blake3 for identifying image names in my backend. Whatever file the user uploads undergoes a blake3 hash and the hash is used to retrieve the image from s3.

I'd like to cross verify that the image is indeed it's name. By recomputing the hash on my side.

I know I can change this to SHA256. But I'm looking at bigger files in the future I'd like to tackle the same way.

XChikuX avatar Feb 07 '25 03:02 XChikuX

I currently use blake3 for identifying image names in my backend. Whatever file the user uploads undergoes a blake3 hash and the hash is used to retrieve the image from s3.

I'd like to cross verify that the image is indeed it's name. By recomputing the hash on my side.

I know I can change this to SHA256. But I'm looking at bigger files in the future I'd like to tackle the same way.

Ahh cool. We do similar things for https://river.site/

salieflewis avatar Feb 07 '25 18:02 salieflewis

implemented in #809

boorad avatar Nov 25 '25 17:11 boorad

OMG thank you!

This is the first library that allows me to do it in a simple way in the RN ecosystem!

XChikuX avatar Nov 26 '25 09:11 XChikuX