search

itinance / react-native-sha256

sha256 natively for react-native
MIT License
98 stars 50 forks source link

Can we have a synchronous version? #5

Open mhkhung opened 6 years ago

mhkhung commented 6 years ago

Handy to use inside a redux reducer..

And may be SHA-512 as well as HMAC-SHA-256/512 as well that are often needed?

fungilation commented 6 years ago

Second that.

Also, SHA3 variants like from https://github.com/Caligatio/jsSHA?

dluksza commented 6 years ago

+1 for synchronous version

lll000111 commented 6 years ago

It is not possible to create a synchronous version!

In React Native, everything that has to cross the bridge between Javascript and a native module is asynchronous! Either callbacks or promises.

If you want a synchronous version use a pure Javascript SHA-256 package.

Note that browser crypto (in crypto.subtle.digest) also returns a promise! Doing crypto is CPU intensive, and anything in Javascript that is CPU bound is better off being done in a separate thread (worker, if it's Javascript). It is bad design to build a Javascript application on modern multithreaded n-CPU hardware that starts a CPU intensive task in the main Javascript thread! So you should embrace the asynchronous API for anything crypto.

fungilation commented 6 years ago

Agreed. But adding other sha3 variants which was the main issue with this issue (hah) would be nice.

lll000111 commented 6 years ago

If you don't want to wait, and I made the experience that if you see a package is only "loosely maintained" that it is best not to expect much (there's someone just like you on the other side,, with stuff to do other than implementing stuff for others), you can check out

https://github.com/itinance/react-native-fs/blob/master/android/src/main/java/com/rnfs/RNFSManager.java#L250

and the respective ios file to see how easy it is to add a few lines. Just fork the repo, implement it, then send a pull request :-)

I just to hate this advice when I was on the receiving end, but I think it's one thing when you get it from a busy big repo with many maintainers and one where doing a fork is hard because they keep develping it faster than you can maintain your fork, compared to packages like the one right here, where you are probably better off maintaining your own fork unless the original version is enough.