Nuclear Pumpkin Mocha

    react-native-secure-element
    TypeScript icon, indicating that this package has built-in type declarations

    1.4.0 • Public • Published

     

    Secure Element for React Native

     

    React Native Secure Element provides functionality to use on-device and hardware-based secure encryption and decryption.

    Both native modules are also usable without React Native via gradle and cocoa pods. Thus, they also benefit from being tested by E2E tests.

    The Android side uses the android.security.keystore API and requires a minimum SDK version of 23, due to availability of the hardware-backed security.

    The iOS side uses the CommonCrypto and LocalAuthentication APIs. It saves the key pairs in the keychain or secure enclave if available.

     

    npm GitHub Android iOS

    Icons made by Freepik from www.flaticon.com

    See examples in src/examples.

    // React Hooks example
    import { useSecureElement } from 'react-native-secure-element';
     
    const Example = () => {
      const { encrypt } = useSecureElement();
      const [encryptedBase64Text, setEncryptedBase64Text] = useState('');
     
      useEffect(
        async () => {
          try {
            const val = await encrypt('someKey', 'toEncrypt');
            setEncryptedBase64Text(val);
          } catch (e) {
            console.warn(e);
            setEncryptedBase64Text(e.message);
          }
        },
        []
      )
     
      <View>
        <Text>{encryptedBase64Text}</Text>
      </View>
    }

    Automated E2E (UI) Tests Preview

    With Github Actions, each commit automatically triggers a full build cycle. This includes running End-to-End (E2E) or UI tests on an iOS Simulator and Android Emulator. This has the benefit of having only tested and not breaking code merged into the master branch.

    E2E Tests

    Features

    • Full TypeScript support
    • Automatically deployed and tested (CI/CD) via Github Actions
    • Extremely secure iOS encryption and decryption via secure enclave, keychain and elliptic curves. No third party dependencies
    • Very secure Android encryption and decryption via Android KeyStore
    • Natively (without React Native) available implementation

    Why / Purpose

    The purpose of this repository is to provide a secure way to decrypt and encrypt values. Such values could consist of sensitive user data or authentication secrets (TOTP, ...).

    API

    See types definition in src/typescript.

     

    Installation

    To install react-native-secure-element, do either

    npm install --save react-native-secure-element

    or

    yarn add react-native-secure-element

    Note that this requires a react-native version of at least 0.60.0, to use its auto linking feature.

    Native Android Dependency

    Via gradle/maven dependency:

    implementation 'com.android.secureelement:android:+'

    Native iOS Dependency

    Via cocoapods dependency:

    pod 'SecureElement'

     


    TODO

    Sorted by priority (higher = higher).

    • User authentication functionality (without encryption)
    • Signing certificates
    • React Hooks
    • Error handling/formatting

    Keywords

    none

    Install

    npm i react-native-secure-element

    DownloadsWeekly Downloads

    0

    Version

    1.4.0

    License

    MIT

    Unpacked Size

    182 kB

    Total Files

    62

    Last publish

    Collaborators

    • reime005