Comments (15)
OmarBasem
commented on June 27, 2024
8
Any progress or solution for this?
from libsignal-protocol-javascript.
kevlened
commented on June 27, 2024
6
@jjzazuet Proxying calls to a WebView is clever! It definitely maximizes WebCrypto API compatibility.
As an alternative, mostly JS solution, I published isomorphic-webcrypto, which uses the Microsoft Research library for WebCrypto support in React Native. There are a few caveats for React Native:
- It can't generate RSA keys or ECDSA with SHA-512
- React Native doesn't expose a secure way to get entropy, so you'll have to wait for the
crypto.ensureSecurecallback to complete before callingcrypto.getRandomValues() - I haven't tested the encryption flows, only the signing ones, so there may be issues I'm unaware of
This could be a place to start if someone wanted to build out a POC.
from libsignal-protocol-javascript.
tanx
commented on June 27, 2024
2
It turns out there is already a way to surface the native webcrypto apis to JavaScriptCore using a bridge to the WebKit WebView https://github.com/saulshanabrook/react-native-webview-crypto
Perhaps give this a try and see if all api requirments are met.
from libsignal-protocol-javascript.
tanx
commented on June 27, 2024
Using your ObjectiveC/Java libs for mobile would obviously also be an option, but since my business logic and UI are in JS, wrapping just the crypto primitives instead of the full protocol layer seems to make more sense.
from libsignal-protocol-javascript.
rmhrisk
commented on June 27, 2024
Neat. I have considered this, well, in part in that my hope was that I could add necessary algorithm support to - https://github.com/PeculiarVentures/node-webcrypto-liner which would enable building a signal implementation on it.
In native land, mabe https://github.com/PeculiarVentures/node-webcrypto-ossl could be of use?
from libsignal-protocol-javascript.
tanx
commented on June 27, 2024
From looking at crypto.js only a few apis would need to be shimmed:
crypto.getRandomValuesusing react-native-randombytes- AES-CBC
- HMAC-SHA-256
- SHA-512
Since 2-4 are already async that should be pretty strait forward. Only 1. is currently a sync api and would have to be refactored, as calls through the react native bridge are all async.
Wrapping a native cipher suite e.g. openssl could work, but perhaps using iOS and Android platform apis would be cleaner.
from libsignal-protocol-javascript.
ohenepee
commented on June 27, 2024
Any progress guys?
from libsignal-protocol-javascript.
jjzazuet
commented on June 27, 2024
Pinging back as well. I'm also trying to integrate with React Native. Thanks!
from libsignal-protocol-javascript.
JoschaP
commented on June 27, 2024
+1
from libsignal-protocol-javascript.
jjzazuet
commented on June 27, 2024
@tanx the last time I tried that, I only got as far as exposing the crypto.subtle object (and its corresponding methods) on iOS 11, since at the time (a couple months I think) Chrome on Android did not expose the WebCrypto API, thus getting undefined.
The way I did it was by proxying WebCrypto API calls to a hidden WebView, passing arguments through the React Native Javascript bridge using the postMessage function.
If this table is to be believed, both iOS and Android may now return implementation objects. Since this approach didn't work for me, I'm exploring the idea to replace the high level crypto calls with react-native-sodium instead.
Hope this helps.
from libsignal-protocol-javascript.
shouse
commented on June 27, 2024
OK, think I might have found a way to support this (and a bunch of other cool stuff on RN) via NodeJS-Mobile. This runs node on a bg process on both Android and iOS via Chakra core. Seemingly supporting most / all node.
Thoughts?
from libsignal-protocol-javascript.
quixote911
commented on June 27, 2024
create react native plugins that shim WebCrypto using native crypto primitives.
@tanx Did you get around to making that change? I'm in a similar position.
from libsignal-protocol-javascript.
johnsBeharry
commented on June 27, 2024
+1
from libsignal-protocol-javascript.
rmhrisk
commented on June 27, 2024
Two libraries we produced since this bug was opened:
https://www.npmjs.com/package/2key-ratchet
https://www.npmjs.com/package/@peculiar/webcrypto
Summary of how 2key-ratchet differs from the standard signal protocol is here https://github.com/PeculiarVentures/2key-ratchet/blob/master/DIFFERENCES.md
from libsignal-protocol-javascript.
AidenRourke
commented on June 27, 2024
I was able to get this thing working in React Native. This is what I did:
- Forked https://github.com/elsehow/signal-protocol/
- Changed
node_pollyfills.jsto use
var crypto = require('isomorphic-webcrypto');
module.exports = {
crypto: crypto,
};
- Changed
crypto.jsto use
var crypto = require('./node_polyfills.js').crypto;
- Changed
curve25519_concat.jsby removing all of the conditional environment set up and just having it use the web set up.
There were other miscellaneous changes I had to make but these were the most important ones.
https://github.com/AidenRourke/signal-protocol
from libsignal-protocol-javascript.
Related Issues (20)
- Ionic/Angular Support HOT 1
- Why is there no nodejs implementation? HOT 3
- Converse.js v4.2.0 unable send OMEMO message HOT 10
- Is this lib still maintained? HOT 1
- Error -1 previous counter HOT 1
- Documentation
- IS THIS REPO STILL MANAGED HOT 3
- Install time Error "KeyId" not defined HOT 3
- Babel import/require .etc HOT 1
- How should keys be exchanged? What should be exchanged? HOT 1
- SessionCipher::encrypt setting wrong registrationId? HOT 2
- Is there a more detailed document or a demo actually used? HOT 2
- Use ES6 arrow functions for cleaner code HOT 1
- expand readme HOT 3
- Encryption of Media Files HOT 4
- T
- Does not seem work in Node
- Keepalive? HOT 2
- Only checking against the SignalProtocolAddress name when calling isTrustedIdentity in SessionBuilder HOT 1
- Test fails
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libsignal-protocol-javascript.