Encryption & Cryptography

Encrypting values with RSA
Encryption is a necessity when it comes to a mobile application that communicates with external API. Sending sensitive information like access token, public/private key or user information might be spoofed if sent via plaintext.
RSA Encryption
API Reference Crypto​
Using Crypto library, it is possible to generate a keypair locally and use it to fit the needs. 
​Recommended Online RSA Encryption Test Tool credited by devglan.com​
Example Client RSA Encryption
scripts/page1.ts
import Page1Design from 'generated/pages/page1';
import Crypto from 'sf-core/global/crypto';
import Data from 'sf-core/global/data';
import System from 'sf-core/device/system';
import Label from 'sf-core/ui/label';
import Button from 'sf-core/ui/button';
import FlexLayout from 'sf-core/ui/flexlayout';
import TextBox from 'sf-core/ui/textbox';
​
const ENCRYPT_KEY_SIZE = 1024;
const ENCRYPT_CIPHER_TYPE = 'RSA/ECB/PKCS1Padding';
const PUBLIC_KEY_DEVICE_KEY = 'publicKey'; //The key to save to the device database
const PRIVATE_KEY_DEVICE_KEY = 'privateKey'; //The key to save to the device database
​
export default class Page1 extends Page1Design {
    router: any;
    myLabel: Label;
    encryptButton: Button;
    decryptButton: Button;
    tbEncrypt: TextBox;
    private encryptedText = '';
    constructor() {
        super();
        this.onShow = onShow.bind(this, this.onShow.bind(this));
        this.onLoad = onLoad.bind(this, this.onLoad.bind(this));
        this.myLabel = new Label();
        this.encryptButton = new Button();
        this.decryptButton = new Button();
        this.tbEncrypt = new TextBox();
    }
​
    generateKeyPair() {
        let privateKey = Data.getStringVariable(PRIVATE_KEY_DEVICE_KEY);
        let publicKey = Data.getStringVariable(PUBLIC_KEY_DEVICE_KEY);
        if (!privateKey || !publicKey) {
            const didGenerate = Crypto.generateKeyPair({
                keySize: ENCRYPT_KEY_SIZE
            });
            if (!didGenerate) {
                return 'Could not generate keypair';
            }
            privateKey = Crypto.getBase64PrivateString();
            publicKey = Crypto.getBase64PublicString();
            Data.setStringVariable(PUBLIC_KEY_DEVICE_KEY, publicKey); // Public key doesn't need to be stored securely
            Data.setStringVariable(PRIVATE_KEY_DEVICE_KEY, privateKey); // Consider using secure data
        }
        else {
            // Set pre-stored keys if there is already one
            Crypto.setPrivateKey(privateKey);
            Crypto.setPublicKey(publicKey);
        }
        return {
            private: privateKey,
            public: System.OS === 'iOS' ? Crypto.ios.getExportedPublicKey() : publicKey,
        };
    }
​
    encrypt(text: string): string {
        const keyBody = {
            text: 'Smartface Inc.',
            secretText: text
        };
        return Crypto.encrypt({
            useServerKey: false,
            cipherType: ENCRYPT_CIPHER_TYPE,
            plainText: JSON.stringify(keyBody)
        });
    }
​
    decrypt(encryptedText: string): string {
        return Crypto.decrypt({
            encryptedText: encryptedText,
            useServerKey: false,
            cipherType: ENCRYPT_CIPHER_TYPE
        });
    }
​
    initLabel() {
        this.myLabel.text = 'Decrpyted text will go here';
        //@ts-ignore
        this.layout.addChild(this.myLabel, 'myLabel', '.sf-label');
    }
​
    initButtons() {
        const buttonWrapper = new FlexLayout();
        //@ts-ignore
        this.layout.addChild(buttonWrapper, 'buttonWrapper', '.sf-flexlayout', {
            heigth: 120
        });
        this.encryptButton.text = 'Encrypt';
        this.encryptButton.onPress = () => {
            this.encryptedText = this.encrypt(this.tbEncrypt.text || '');
        };
        this.decryptButton.text = 'Decrypt';
        this.decryptButton.onPress = () => {
            const decryptedObjectText = this.decrypt(this.encryptedText);
            const decrpytedObject = JSON.parse(decryptedObjectText);
            this.myLabel.text = decrpytedObject.secretText;
        };
        //@ts-ignore
        buttonWrapper.addChild(this.encryptButton, 'encryptButton', '.sf-button');
        //@ts-ignore
        buttonWrapper.addChild(this.decryptButton, 'decryptButton', '.sf-button');
    }
​
    initTextBox() {
        this.tbEncrypt.hint = 'Enter text to encrypt';
        //@ts-ignore
        this.layout.addChild(this.tbEncrypt, 'tbEncrypt', '.sf-textbox');
    }
}
​
function onShow(superOnShow) {
    superOnShow();
}
​
function onLoad(superOnLoad) {
    superOnLoad();
    this.generateKeyPair();
    this.initTextBox();
    this.initLabel();
    this.initButtons();
    this.layout.applyLayout();
}
This code will store your generated public and private key in the device, making it possible to send the key to a server.
Two-way RSA Encryption
To establish two-way RSA Encryption, use setServerPublicKey to register the public key of the server and set useServerKey parameter to true when encrypting & decrypting. Remaining procedure will be the same with client-only RSA Encryption.
Native Encryption
When storing sensitive information using Data on your device like in the example code, by default it is stored in plaintext to the device storage and can be retrieved by anyone who peeks into the application files. 
Please head into Secure Data (Keystore) documentation to securely encrypt your private key generated by device. There is no practical need to encrypt public key, since it is... intended to be public.
TUTORIALS - Previous
TypeScript Support
Next - SMARTFACE CLOUD DEVELOPMENT
Creating a New Project
Last updated 2 weeks ago