react-native-secure-element
v1.4.0
Published
The most secure way to store information on a device.
Downloads
29
Readme
React Native Secure Element provides functionality to use on-device and hardware-based secure encryption and decryption.
Both native modules are also usable without React Native via gradle and cocoa pods. Thus, they also benefit from being tested by E2E tests.
The Android side uses the android.security.keystore
API and requires a minimum SDK version of 23, due to availability of the hardware-backed security.
The iOS side uses the CommonCrypto and LocalAuthentication APIs. It saves the key pairs in the keychain or secure enclave if available.
See examples in src/examples.
// React Hooks example
import { useSecureElement } from 'react-native-secure-element';
const Example = () => {
const { encrypt } = useSecureElement();
const [encryptedBase64Text, setEncryptedBase64Text] = useState('');
useEffect(
async () => {
try {
const val = await encrypt('someKey', 'toEncrypt');
setEncryptedBase64Text(val);
} catch (e) {
console.warn(e);
setEncryptedBase64Text(e.message);
}
},
[]
)
<View>
<Text>{encryptedBase64Text}</Text>
</View>
}
Automated E2E (UI) Tests Preview
With Github Actions, each commit automatically triggers a full build cycle. This includes running End-to-End (E2E) or UI tests on an iOS Simulator and Android Emulator. This has the benefit of having only tested and not breaking code merged into the master branch.
Features
- Full TypeScript support
- Automatically deployed and tested (CI/CD) via Github Actions
- Extremely secure iOS encryption and decryption via secure enclave, keychain and elliptic curves. No third party dependencies
- Very secure Android encryption and decryption via Android KeyStore
- Natively (without React Native) available implementation
Why / Purpose
The purpose of this repository is to provide a secure way to decrypt and encrypt values. Such values could consist of sensitive user data or authentication secrets (TOTP, ...).
API
See types definition in src/typescript.
Installation
To install react-native-secure-element, do either
npm install --save react-native-secure-element
or
yarn add react-native-secure-element
Note that this requires a react-native version of at least 0.60.0, to use its auto linking feature.
Native Android Dependency
Via gradle/maven dependency:
implementation 'com.android.secureelement:android:+'
Native iOS Dependency
Via cocoapods dependency:
pod 'SecureElement'
TODO
Sorted by priority (higher = higher).
- User authentication functionality (without encryption)
- Signing certificates
- React Hooks
- Error handling/formatting