Keychain Access for React Native. Both setGenericPassword and setInternetCredentials are limited to strings only, so if you need to store objects etc, please use JSON.stringify/JSON.parse when you store/access it. On API levels that do not support Android keystore, Facebook Conceal is used to en/decrypt stored data. The encrypted data is then stored in SharedPreferences. Since Conceal itself stores its encryption key in SharedPreferences, it follows that if the device is rooted (or if an attacker can somehow access the filesystem), the key can be obtained and the stored data can be decrypted. Therefore, on such a device, the concealed encryption is only an obscurity. On API level 23+ the key is stored in the Android Keystore, which makes the key non-exportable and therefore makes the entire process more secure. Follow best practices and do not store user credentials on a device. Instead, use tokens or other forms of authentication and re-ask for user credentials.
Features
- This package supports macOS Catalyst
- Keychain/Keystore Access for React Native
- Automatic Security Level Upgrade
- Unit Testing with Jest
- Configure Android-specific behavior
- Data Structure Properties/Fields