Encrypting sensivite data in React Native and Expo

痞子三分冷 提交于 2020-02-29 17:52:11

问题


I`m working on mobile app with React Native and Expo, providing security solutions. Project owner want to store in app sensitive authorization keys, used to contact with REST server and access to secured data. He demand to have this keys at least encrypted, and hard to read from outside as much as possible.

I know about topis:

Save sensitive data in React Native

Is React Native's Async Storage secure?

and about KeyChain, but they dont cover encyption and expo issues.

So with is the best and common solution for making this data save as possible in React Native Expo app?


回答1:


Expo now has SecureStore, which stores encrypted data.

Details: https://docs.expo.io/versions/latest/sdk/securestore




回答2:


I am recently involved in a React Native project with security concerns like yours. Security is not an easy issue and I am not an expert, but this is what we did.

We used react-native-aes-encryption for encryption and hashing, react-native-rsa for generating public/private key pairs. In order to use these libraries properly, you better need to know basic cryptography concepts.

We used react-native-keychain to read/write data from keychain. Keychain is the way to go if you want to store some small sensitive data. It has been used in all Apple OS's in order to keep your passwords safe. That said this component is not working as seamless as expected on the Android side if you want to build your app for both platforms.

Other than that I have no idea about expo. I hope these libraries work for you as well.



来源:https://stackoverflow.com/questions/44650440/encrypting-sensivite-data-in-react-native-and-expo

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!