问题
Does realm have any react-native support for key generation/key storage for encrypting the realm db? I wanted to check with the team working on realm before writing any native modules for the same. If there is any node module support for react native, that would be helpful.
Thanks in advance.
回答1:
Realm does not provide any APIs for the generation or storage of encryption keys. I'm copying a comment I made in the past on this issue below just to provide my thoughts on some considerations that should be taken when dealing with encrypting Realms on React Native…
The react-native-keychain module only supports password strings, whereas Realm expects a 512-bit (64-byte) data blob as either an ArrayBuffer or ArrayBufferView (e.g. Uint8Array, et al).
If you're randomly generating a password, then I would suggest base64-encoding that data into a string before storing with react-native-keychain, then base64 decoding it when you get it out. I'd recommend checking out base64-js for dealing with raw data (atob/btoa only deals in strings).
On the other hand, if the user is providing a password, then you can store that directly in the keychain and use a 512-bit hash of that password as the encryption key. A SHA-512 hash would accomplish that, but typically with encryption you want to use a hashing algorithm that includes a salt and is fundamentally slow, thus making it much harder to brute force. The standard for doing this is PBKDF2, though newer and better hashing methods exist. I'd recommend checking out crypto-js or pbkdf2-js for this.
回答2:
To expand a little on this. You can use a site like https://asecuritysite.com/encryption/PBKDF2z to generate a 64 byte hash as both a hex string and a base64 string.
You can use the hex string in the Realm Browser GUI to unlock the realm file. You can use the base64 string with the base64-js library mentioned above. Just pass the base64 string into base64js.toByteArray() and that is the key you would use in new Realm({encryptionKey: key...})
来源:https://stackoverflow.com/questions/38059913/key-generation-storage-for-react-native-apps-to-encrypt-realm-db