All Projects → emeraldsanto → React Native Encrypted Storage

emeraldsanto / React Native Encrypted Storage

Licence: mit
React Native wrapper around SharedPreferences and Keychain to provide a secure alternative to Async Storage

Programming Languages

typescript
32286 projects

Projects that are alternatives of or similar to React Native Encrypted Storage

Redux Persist Sensitive Storage
redux-persist storage engine for react-native-sensitive-info
Stars: ✭ 209 (+90%)
Mutual labels:  keychain, sharedpreferences
Secured Preference Store
A cryptography library and a SharedPreferences wrapper for Android that encrypts the content with 256 bit AES encryption. The Encryption key is securely stored in device's KeyStore.
Stars: ✭ 562 (+410.91%)
Mutual labels:  encryption, sharedpreferences
Ksprefs
🚀⚡ Kotlin SharedPreferences wrapper & cryptographic preferences android library.
Stars: ✭ 176 (+60%)
Mutual labels:  encryption, sharedpreferences
Secure Pref Manager
Secure Preference Manager for android. It uses various Encryption to protect your application's Shared Preferences.
Stars: ✭ 75 (-31.82%)
Mutual labels:  encryption, sharedpreferences
Hawk
✔️ Secure, simple key-value storage for Android
Stars: ✭ 3,827 (+3379.09%)
Mutual labels:  encryption, sharedpreferences
Sharedchamber
Android Secure SharedPreferences Using Facebook Conceal Encryption
Stars: ✭ 96 (-12.73%)
Mutual labels:  encryption, sharedpreferences
Etebase Js
Etebase TypeScript API for the web, node and react-native!
Stars: ✭ 100 (-9.09%)
Mutual labels:  encryption
Bouncer
Bouncer is a network TCP port redirector/forward proxy (like rinetd) with extra features like Reverse tunneling (like ssh -R), SSL tunneling (like stunnel), connection Failover, LoadBalancing and Clustering. In pure Java (BIO)
Stars: ✭ 103 (-6.36%)
Mutual labels:  encryption
0fc
Anonymous web chat server, built on top of Themis/WebThemis
Stars: ✭ 98 (-10.91%)
Mutual labels:  encryption
Wsend Gpg
Encrypted end to end file transfer
Stars: ✭ 97 (-11.82%)
Mutual labels:  encryption
Py7zr
7zip in python3 with ZStandard, PPMd, LZMA2, LZMA1, Delta, BCJ, BZip2, and Deflate compressions, and AES encryption.
Stars: ✭ 110 (+0%)
Mutual labels:  encryption
Ipfs Wormhole
Get things from one computer to another, safely. Over IPFS (which not even required to receive those things).
Stars: ✭ 107 (-2.73%)
Mutual labels:  encryption
Rust Security Framework
Bindings to the macOS Security.framework
Stars: ✭ 102 (-7.27%)
Mutual labels:  keychain
Contacts
A flutter project with Implementation of a Contacts app in 4 ways (API, Custom, Preferences and Sqflite).
Stars: ✭ 100 (-9.09%)
Mutual labels:  sharedpreferences
Finalcrypt
FinalCrypt - The World's Strongest Encryption
Stars: ✭ 104 (-5.45%)
Mutual labels:  encryption
Powershellarmoury
A PowerShell armoury for penetration testers or other random security guys
Stars: ✭ 99 (-10%)
Mutual labels:  encryption
Enigmakit
Enigma encryption in Swift
Stars: ✭ 108 (-1.82%)
Mutual labels:  encryption
Wg Install
Wireguard road warrior installer for Ubuntu, Debian, CentOS and Fedora
Stars: ✭ 99 (-10%)
Mutual labels:  encryption
Easycrypt
Android cryptography library with SecureRandom patches.
Stars: ✭ 102 (-7.27%)
Mutual labels:  encryption
Openssh Portable
Portable OpenSSH
Stars: ✭ 1,696 (+1441.82%)
Mutual labels:  keychain

React Native Encrypted Storage

React Native wrapper around SharedPreferences and Keychain to provide a secure alternative to Async Storage.

Why ?

Async Storage is great but it lacks security. This is less than ideal when storing sensitive data such as access tokens, payment information and so on. This module aims to solve this problem by providing a wrapper around Android's EncryptedSharedPreferences and iOS' Keychain, complete with support for TypeScript.

Version Requirements

  • Android API 21+ (5.0)
  • iOS 2.0

Installation

Via yarn

$ yarn add react-native-encrypted-storage

Via npm

$ npm install react-native-encrypted-storage

Linking

  • React Native 0.60+

Since version 0.60, React Native supports auto linking. This means no additional step is needed on your end.

  • React Native <= 0.59
$ react-native link react-native-encrypted-storage

Special note for iOS using cocoapods, run:

$ npx pod-install

Usage

This module exposes four (4) native functions to store, retrieve, remove and clear values. They can be used like so:

Import

import EncryptedStorage from 'react-native-encrypted-storage';

Storing a value

async function storeUserSession() {
    try {
        await EncryptedStorage.setItem(
            "user_session",
            JSON.stringify({
                age : 21,
                token : "ACCESS_TOKEN",
                username : "emeraldsanto",
                languages : ["fr", "en", "de"]
            })
        );

        // Congrats! You've just stored your first value!
    } catch (error) {
        // There was an error on the native side
    }
}

Retrieving a value

async function retrieveUserSession() {
    try {   
        const session = await EncryptedStorage.getItem("user_session");
    
        if (session !== undefined) {
            // Congrats! You've just retrieved your first value!
        }
    } catch (error) {
        // There was an error on the native side
    }
}

Removing a value

async function removeUserSession() {
    try {
        await EncryptedStorage.removeItem("user_session");
        // Congrats! You've just removed your first value!
    } catch (error) {
        // There was an error on the native side
    }
}

Clearing all previously saved values

async function clearStorage() {
    try {
        await EncryptedStorage.clear();
        // Congrats! You've just cleared the device storage!
    } catch (error) {
        // There was an error on the native side
    }
}

Error handling

Take the removeItem example, an error can occur when trying to remove a value which does not exist, or for any other reason. This module forwards the native iOS Security framework error codes to help with debugging.

async function removeUserSession() {
    try {
        await EncryptedStorage.removeItem("user_session");
    } catch (error) {
        // There was an error on the native side
        // You can find out more about this error by using the `error.code` property
        console.log(error.code); // ex: -25300 (errSecItemNotFound)
    }
}

Note regarding Keychain persistence

You'll notice that the iOS Keychain is not cleared when your app is uninstalled, this is the expected behaviour. However, if you do want to achieve a different behaviour, you can use the below snippet to clear the Keychain on the first launch of your app.

// AppDelegate.m

/**
 Deletes all Keychain items accessible by this app if this is the first time the user launches the app
 */
static void ClearKeychainIfNecessary() {
    // Checks wether or not this is the first time the app is run
    if ([[NSUserDefaults standardUserDefaults] boolForKey:@"HAS_RUN_BEFORE"] == NO) {
        // Set the appropriate value so we don't clear next time the app is launched
        [[NSUserDefaults standardUserDefaults] setBool:YES forKey:@"HAS_RUN_BEFORE"];

        NSArray *secItemClasses = @[
            (__bridge id)kSecClassGenericPassword,
            (__bridge id)kSecClassInternetPassword,
            (__bridge id)kSecClassCertificate,
            (__bridge id)kSecClassKey,
            (__bridge id)kSecClassIdentity
        ];

        // Maps through all Keychain classes and deletes all items that match
        for (id secItemClass in secItemClasses) {
            NSDictionary *spec = @{(__bridge id)kSecClass: secItemClass};
            SecItemDelete((__bridge CFDictionaryRef)spec);
        }
    }
}

@implementation AppDelegate

- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions
{
    // Add this line to call the above function
    ClearKeychainIfNecessary();

    RCTBridge *bridge = [[RCTBridge alloc] initWithDelegate:self launchOptions:launchOptions];
    RCTRootView *rootView = [[RCTRootView alloc] initWithBridge:bridge moduleName:@"APP_NAME" initialProperties:nil];

    rootView.backgroundColor = [UIColor colorWithRed:1.0f green:1.0f blue:1.0f alpha:1];

    self.window = [[UIWindow alloc] initWithFrame:[UIScreen mainScreen].bounds];
    UIViewController *rootViewController = [UIViewController new];
    rootViewController.view = rootView;

    self.window.rootViewController = rootViewController;
    [self.window makeKeyAndVisible];

    return YES;
}

// ...

@end

Limitations

There seems to be some confusion around the maximum size of items that can be stored, especially on iOS. According to this StackOverflow question, the actual Keychain limit is much lower than what it should theoretically be. This does not affect Android as the EncryptedSharedPreferences API relies on the phone's storage, via XML files.

License

MIT

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].