I'm working on a cordova based mobile application for iOS. I've user created data as JSON and images. I need to encrypt both. After googling I found that iOS itself supports data encryption but to utilize that we've to set passcode for your iphone. Is there anyway I can use the native iOS encryption for only my cordova app instead of applying to the complete mobile? If that's not possible what is best alternate way I can encrypt data and images in cordova?
iOS has a rather complete set of cryptographic functions in CommonCrypto, part of the Security framework.
You can use the AES encryption and the keychain to securely save the encryption key. There are many examples on SO. Additionally there are complete projects such as RNCryptor that can be used.
There is a cordova plugin that uses RNCryptor available here.
Related
I'm looking to build an iOS hybrid application that also utilizes an Apple Watch application. The watchOS app collects Altimeter data to be stored, and that's it. I was thinking of using this plugin since the watchOS portion is written in Swift. I haven't yet begun the iPhone app, it's just blank right now, but was thinking of making it a hybrid application using Cordova. I've been searching for the best way to share data between the applications, and I think SQLite may be the easiest.
This cordova plugin can be used to manipulate data in an SQLite database using JS. That could be used in the iPhone app. I guess my quesiton is - is this possible? If I create a database in swift using this library, will the Cordova plugin be able to access it? Does anyone have any better ideas for sharing data from a native watchkit app to a hybrid iPhone app?
That will not work. If you create a SQLite database in the watch application running on the watch which is a physically different device than the iPhone running your cordova app, how should the application running on the iPhone access the database?
The way to go to use a watch-kit application in combination with a cordova app is cordova-plugin-apple-watch. The plugin offers three different possibilities to communicate between the watch app and the iphone app:
Message passing
Local notifications and
User defaults
If the data should be accessible by both apps and it should be persistent (like a database) the way to go is probably user defaults. But if you just want to send data from your watch-app to your cordova-app (which will not be needed on the watch anymore) then message passing does also work (the cordova-app can then store the data wherever you want).
I have an existing iOS app that I'd like to start adding some React Native screens to. The app uses Firebase with persistence enabled so that it works offline. Is there a way to also use Firebase directly within React Native while maintaining offline functionality?
If the answer is "Yes", do iOS and React Native share the same local data store? This would be important, so that offline data changes on iOS screens would reflect data changes made from React Native screens and vice versa.
Thanks for sharing your insight on this!
Alternatively, you can use Firestack, which is a native library that works with both iOS and Android on react native.
Offline support is enabled along with storage, the real-time database, authentication, remote configuration (in development), etc.
(disclosure: I am one of the primary authors of Firestack)
Firebase's offline disk persistence is currently only available in its native iOS and Android SDKs. It is not yet available for JavaScript SDK.
The javascript SDK will persist new write requests when you are offline and will sync with the server once you go online. But if you were hoping to show a list with data that was previously fetched from firebase, then you are out of luck with Javascript.
One of the answers mentions Firestack, but it is no longer supported.
On a project I just ended up installing this package https://github.com/invertase/react-native-firebase. It is a bridge to the native ios & Android SDKs for firebase and if you use it you can also use persistence.
Tested and verified. All works great! :)
UPDATE:
It is now possible https://firebase.google.com/docs/database/web/offline-capabilities
OBSOLETE:
As of Firebase JavaScript SDK 3.1.0, offline persistance is still unavailable. It's recommended you use React Native's AsyncStorage.
All of the answers above are out of date!
As of JULY 2020 offline persistence is supported out of the box when you use react-native-firebase.
Read more here: https://rnfirebase.io/firestore/usage#offline-capabilities
I'd like to figure out if I'm using undocumented api's in my app. Are there certain hallmarks or patterns that I can look out i.e., if I use code in my project from a website?
Before submitting an app to Apple, you can use the Xcode tools to validate your code.
The Apple documentation says:
In the iOS 5 development tools, it is possible to extract APIs used by
an application and have them checked for use of private APIs. This
option is offered when you validate your application for app
submission.
Also, you could use Deploymate to detect unavailable API usage during development.
In researching how iOS devices (iPhone/iPad/iPodTouch) are protected via encrypted I came across many articles that mentioned if a device was "jailbroken" then the built in encryption of the iOS device was essential null and void. That by jailbreaking, the default encryption could be bypassed.
Assuming this is true is there anyway to enable the encryption features of an iOS device while maintaining a Jailbreak? There are a lot of tweaks I really make use of a lot (SBSettings) and I would hate to have to give them up in order to maintain security on iOS.
Jailbreaking removes the requirement for apps to be digitally signed. Anything will run now - so yeah you need to be careful what you load on there.
It's not an encryption issue thou.
I'm a real noob to encryption. After breaking my head over this for a couple of days i've decided to search for help on StackOverflow.
Currently I'm developing mobile applications for iOS, Android and Windows Phone. In the application i need to request data from a server with an encrypted url. Because the application has to be for iOS, Android and Windows Phone i need to use an encryption that works on each platform. I've decided to use AES encryption with a key and an iv.
I've gotten the AES encryption to work for Windows Phone, but am really stuck on iOS. I've searched the web for a good example but haven't found anything that explained the whole proces. Could anyone help me by giving me an example (with explanation) or a good URL?
Would really appreciate the help!
Edit:
I know I want to generate an AES key based on a key and an iv. With the aes key i want to encrypt my password. The exact question is how i would do that in code.
I have used openssl for encryption between devices and platforms. There is quite of bit of documentation available and I'm pretty sure it will work for what you need.
There are also several wrappers available on github too to make encrypt/decrypting a bit easier.
OpenSSL
I've ended up using AES. This Encryption type is available for Android, iOS and Windows Phone.
For iOS and Android there are plugins available on internet to make the work easier for you. Just search for {platformname} AES and you should get enough websites.