-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Large strings cannot be stored in securestorage, and must be chunked. #9
Comments
This is definitely going to be an issue. I will rework this to use AES to allow large blobs soon. Thank you for rising this issue |
I was thinking of a much cruder solution:
|
I don't think chunking is the right solution, it would create a lot of overhead and would be must less efficient |
I'm not sure implementing one's own encryption would align with the name of the repo - encrypted by expo or by us, storing large amounts per key in securestore isn't possible. I may be misunderstanding. |
The usual solution for storing encrypted data on mobile is this (see other libraries implementing the same pattern):
I will create an extension to this package when I have time to allow for this pattern |
@Cretezy so should we just wait and ignore the warning for now or ? |
Depends on your case and environment. You should get an idea of how much stored breaks your intended audience's environments, and how much you're likely to store at most. If it's looking risky for you, consider helping @Cretezy out with his describe AES solution, or switching to a different storage solution and sacrificing the security. |
We eagerly await the new extension, @Cretezy! |
We couldn't wait anymore for the new extension, so we created our own package which works as @Cretezy told it should (so big credits for him on the idea). https://github.com/neverdull-agency/expo-unlimited-secure-store |
@istvan-szilagyi This is great! I'm sorry for being a little bogged down recently. If you'd like, create a PR with the information in the README. |
This commit creates a series of 3 cryptography utilities used to encrypt the data that will be stored by the application as part of its content. Everytime we want to store an information, the idea is to generate a random encryption key that will be stored part of the SecureStore while the encrypted information using this generated key will be stored in the regular FileSystem. This solution will allow us to not be blocked by the low capacity of the SecureStore allowed on iOS and Android. Part of this commit, we find the `generateEncryptionKey` utility creating a random encryption key having the requested amount of chars. We also have an `encrypt` utility randomly generating a key and using the generated key to encrypt the requested message. And finally we have a `decrypt` key using the provided key to decrypt a provided message. These utilities are based on the work made by @neverdull-agency to implement an unlimited secured expo storage, following the message by @Cretezy in the issue Cretezy/redux-persist-expo-securestore#9.
This commit creates a series of 3 cryptography utilities used to encrypt the data that will be stored by the application as part of its content. Everytime we want to store an information, the idea is to generate a random encryption key that will be stored part of the SecureStore while the encrypted information using this generated key will be stored in the regular FileSystem. This solution will allow us to not be blocked by the low capacity of the SecureStore allowed on iOS and Android. Part of this commit, we find the `generateEncryptionKey` utility creating a random encryption key having the requested amount of chars. We also have an `encrypt` utility randomly generating a key and using the generated key to encrypt the requested message. And finally we have a `decrypt` key using the provided key to decrypt a provided message. These utilities are based on the work made by @neverdull-agency to implement an unlimited secured expo storage, following the message by @Cretezy in the issue Cretezy/redux-persist-expo-securestore#9.
any update on this? |
Thank you @istvan-szilagyi ! I have switched to use your library. |
Guys, you don't need to use this package at all. Just go to the project's main repository and copy the two files |
@Ayush6543 that is exactly using this package, you're just cutting out the NPM step (and taking the responsibility of transpilation). Also that does absolutely nothing to fix the issue. |
What is transpilation? |
Install: Instead of Hope it will clear warning message! Will solve issue. |
…eStore is larger than 2048 bytes. An attempt to store such a value will throw an error in SDK 35." warning. Issue Cretezy#9
expo/expo#1765
https://docs.expo.io/versions/latest/sdk/securestore/
The text was updated successfully, but these errors were encountered: