Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Adding ability to encrypt storage data
See original GitHub issueDo you have near term plans to incorporate encryption onto the storage data? https://github.com/jas-/crypt.io
In this case, we could pass an additional attribute in the persistConfig to persist the data with encryption (The flag could either be the machine’s UUID or a user set passphrase)
var pass = window.prompt("Please enter password...", "a custom password");
var persistConfig = {
passphrase: pass
};
persistStore(store, config, callback);
Issue Analytics
- State:
- Created 7 years ago
- Reactions:4
- Comments:11 (2 by maintainers)
Top Results From Across the Web
How to Encrypt Cloud Storage in 2022: Better Safe Than Sorry
1. First, go to boxcryptor.com and click “sign up.” This will bring you to a page where you can sign in to an...
Read more >Device encryption in Windows - Microsoft Support
To see if you can use Windows device encryption · In the search box on the taskbar, type System Information, right-click System Information...
Read more >Data encryption options | Cloud Storage - Google Cloud
Data encryption options ... Cloud Storage always encrypts your data on the server side, before it is written to disk, at no additional...
Read more >Guide to Storage Encryption for End User Devices - HHS.gov
instead of adding another authenticator for users. ... It only discusses the encryption of data at rest (storage), and does not address the....
Read more >Data Set Encryption - IBM
With data set encryption, you are able to protect data residing on disk from being viewed by unauthorized users in the clear. Authorization...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’ve implemented the idea @rt2zz earlier and it’s working quite well (it passes security audits). For iOS we use a passphrase stored in the KeyChain on Android on KeyStore. With that passphrase we encrypt/decrypt data via redux-persist.
Two things to keep in mind
Planning to make this mechanism open-source, as it’s battle tested for some months now in different production apps.
Hi @rt2zz it’s an addition to https://github.com/maxdeviant/redux-persist-transform-encrypt as the secretKey comes from the KeyChain/KeyStore (auto-generated by the device), so it’s not stored in the JS bundle on device.
There is a setting for iOS, yes. To adjust that the keychain can be accessed in this case. I used this, but you can see what the settings is like: https://github.com/oblador/react-native-keychain/blob/master/RNKeychainManager/RNKeychainManager.m#L85
More info here: https://developer.apple.com/reference/security/ksecattraccessiblealways
I’ll inform you when this package is ready (need it for a project right now, so planning to make it open-source).