react-native-keychain - npm Package Compare versions

Comparing version 9.1.0 to 9.2.0

lib/commonjs/enums.js

@@ -68,3 +68,17 @@ "use strict";
 /**
- * Enum representing storage types.
+ * Enum representing cryptographic storage types for sensitive data.
+ *
+ * Security Level Categories:
+ *
+ * 1. High Security (Biometric Authentication Required):
+ * - AES_GCM: For sensitive local data (passwords, personal info)
+ * - RSA: For asymmetric operations (signatures, key exchange)
+ *
+ * 2. Medium Security (No Authentication):
+ * - AES_GCM_NO_AUTH: For app-level secrets and cached data
+ *
+ * 3. Legacy/Deprecated:
+ * - AES_CBC: Outdated, use AES_GCM_NO_AUTH instead
+ * - FB: Archived Facebook Conceal implementation
+ *
  * @platform Android
@@ -74,3 +88,6 @@ */
   STORAGE_TYPE["FB"] = "FacebookConceal";
-  STORAGE_TYPE["AES"] = "KeystoreAESCBC";
+  STORAGE_TYPE["AES"] = "KeystoreAES";
+  STORAGE_TYPE["AES_CBC"] = "KeystoreAESCBC";
+  STORAGE_TYPE["AES_GCM_NO_AUTH"] = "KeystoreAESGCM_NoAuth";
+  STORAGE_TYPE["AES_GCM"] = "KeystoreAESGCM";
   STORAGE_TYPE["RSA"] = "KeystoreRSAECB";
@@ -77,0 +94,0 @@ return STORAGE_TYPE;

lib/commonjs/index.js

@@ -82,3 +82,3 @@ "use strict";
 function setGenericPassword(username, password, serviceOrOptions) {
-  const options = (0, _normalizeOptions.normalizeServiceOption)(serviceOrOptions);
+  const options = (0, _normalizeOptions.normalizeStorageOptions)((0, _normalizeOptions.normalizeServiceOption)(serviceOrOptions));
   return RNKeychainManager.setGenericPasswordForOptions(options, username, password);
@@ -194,3 +194,3 @@ }
 function setInternetCredentials(server, username, password, options) {
-  return RNKeychainManager.setInternetCredentialsForServer(server, username, password, options);
+  return RNKeychainManager.setInternetCredentialsForServer(server, username, password, options ? (0, _normalizeOptions.normalizeStorageOptions)(options) : {});
 }
@@ -197,0 +197,0 @@

lib/commonjs/normalizeOptions.js

@@ -10,2 +10,4 @@ "use strict";
 exports.normalizeServiceOption = normalizeServiceOption;
+exports.normalizeStorageOptions = normalizeStorageOptions;
+var _enums = require("./enums.js");
 // Default authentication prompt options
@@ -16,2 +18,13 @@ const AUTH_PROMPT_DEFAULTS = exports.AUTH_PROMPT_DEFAULTS = {
 };
+function normalizeStorageOptions(options) {
+  if (options.storage && options.storage === _enums.STORAGE_TYPE.AES) {
+    console.warn(`You passed 'AES' as a storage option to one of the react-native-keychain functions.
+            This way of passing storage is deprecated and will be removed in a future major.`);
+    return {
+      ...options,
+      storage: _enums.STORAGE_TYPE.AES_CBC
+    };
+  }
+  return options;
+}
 function normalizeServiceOption(serviceOrOptions) {
@@ -18,0 +31,0 @@ if (typeof serviceOrOptions === 'string') {

lib/module/enums.js

@@ -69,3 +69,17 @@ "use strict";
 /**
- * Enum representing storage types.
+ * Enum representing cryptographic storage types for sensitive data.
+ *
+ * Security Level Categories:
+ *
+ * 1. High Security (Biometric Authentication Required):
+ * - AES_GCM: For sensitive local data (passwords, personal info)
+ * - RSA: For asymmetric operations (signatures, key exchange)
+ *
+ * 2. Medium Security (No Authentication):
+ * - AES_GCM_NO_AUTH: For app-level secrets and cached data
+ *
+ * 3. Legacy/Deprecated:
+ * - AES_CBC: Outdated, use AES_GCM_NO_AUTH instead
+ * - FB: Archived Facebook Conceal implementation
+ *
  * @platform Android
@@ -75,3 +89,6 @@ */
   STORAGE_TYPE["FB"] = "FacebookConceal";
-  STORAGE_TYPE["AES"] = "KeystoreAESCBC";
+  STORAGE_TYPE["AES"] = "KeystoreAES";
+  STORAGE_TYPE["AES_CBC"] = "KeystoreAESCBC";
+  STORAGE_TYPE["AES_GCM_NO_AUTH"] = "KeystoreAESGCM_NoAuth";
+  STORAGE_TYPE["AES_GCM"] = "KeystoreAESGCM";
   STORAGE_TYPE["RSA"] = "KeystoreRSAECB";
@@ -78,0 +95,0 @@ return STORAGE_TYPE;

lib/module/index.js

@@ -5,3 +5,3 @@ "use strict";
 import { ACCESSIBLE, ACCESS_CONTROL, AUTHENTICATION_TYPE, SECURITY_LEVEL, SECURITY_RULES, STORAGE_TYPE, BIOMETRY_TYPE } from "./enums.js";
-import { normalizeOptions, normalizeServerOption, normalizeServiceOption } from "./normalizeOptions.js";
+import { normalizeOptions, normalizeServerOption, normalizeServiceOption, normalizeStorageOptions } from "./normalizeOptions.js";
 const {
@@ -26,3 +26,3 @@ RNKeychainManager
 export function setGenericPassword(username, password, serviceOrOptions) {
-  const options = normalizeServiceOption(serviceOrOptions);
+  const options = normalizeStorageOptions(normalizeServiceOption(serviceOrOptions));
   return RNKeychainManager.setGenericPasswordForOptions(options, username, password);
@@ -138,3 +138,3 @@ }
 export function setInternetCredentials(server, username, password, options) {
-  return RNKeychainManager.setInternetCredentialsForServer(server, username, password, options);
+  return RNKeychainManager.setInternetCredentialsForServer(server, username, password, options ? normalizeStorageOptions(options) : {});
 }
@@ -141,0 +141,0 @@

lib/module/normalizeOptions.js

 "use strict";
 
+import { STORAGE_TYPE } from "./enums.js";
 // Default authentication prompt options
@@ -8,2 +9,13 @@ export const AUTH_PROMPT_DEFAULTS = {
 };
+export function normalizeStorageOptions(options) {
+  if (options.storage && options.storage === STORAGE_TYPE.AES) {
+    console.warn(`You passed 'AES' as a storage option to one of the react-native-keychain functions.
+            This way of passing storage is deprecated and will be removed in a future major.`);
+    return {
+      ...options,
+      storage: STORAGE_TYPE.AES_CBC
+    };
+  }
+  return options;
+}
 export function normalizeServiceOption(serviceOrOptions) {
@@ -10,0 +22,0 @@ if (typeof serviceOrOptions === 'string') {

lib/typescript/enums.d.ts

@@ -90,3 +90,17 @@ /**
 /**
- * Enum representing storage types.
+ * Enum representing cryptographic storage types for sensitive data.
+ *
+ * Security Level Categories:
+ *
+ * 1. High Security (Biometric Authentication Required):
+ * - AES_GCM: For sensitive local data (passwords, personal info)
+ * - RSA: For asymmetric operations (signatures, key exchange)
+ *
+ * 2. Medium Security (No Authentication):
+ * - AES_GCM_NO_AUTH: For app-level secrets and cached data
+ *
+ * 3. Legacy/Deprecated:
+ * - AES_CBC: Outdated, use AES_GCM_NO_AUTH instead
+ * - FB: Archived Facebook Conceal implementation
+ *
  * @platform Android
@@ -99,5 +113,26 @@ */
     FB = "FacebookConceal",
-    /** Encryptions without human interaction. */
-    AES = "KeystoreAESCBC",
-    /** Encryption with biometrics. */
+    /** Encryptions without human interaction.
+     * @deprecated Use AES_GCM_NO_AUTH instead.
+     */
+    AES = "KeystoreAES",
+    /**
+     * AES encryption in CBC (Cipher Block Chaining) mode.
+     * Provides data confidentiality without authentication.
+     * @deprecated Use AES_GCM_NO_AUTH instead.
+     */
+    AES_CBC = "KeystoreAESCBC",
+    /**
+     * AES encryption in GCM (Galois/Counter Mode).
+     * Provides both data confidentiality and authentication.
+     */
+    AES_GCM_NO_AUTH = "KeystoreAESGCM_NoAuth",
+    /**
+     * AES-GCM encryption with biometric authentication.
+     * Requires user authentication for both encryption and decryption operations.
+     */
+    AES_GCM = "KeystoreAESGCM",
+    /**
+     * RSA encryption with biometric authentication.
+     * Uses asymmetric encryption and requires biometric authentication.
+     */
     RSA = "KeystoreRSAECB"
@@ -104,0 +139,0 @@ }

lib/typescript/normalizeOptions.d.ts

 import type { AuthenticationPrompt, BaseOptions, SetOptions } from './types';
 export declare const AUTH_PROMPT_DEFAULTS: AuthenticationPrompt;
+export declare function normalizeStorageOptions(options: SetOptions): SetOptions;
 export declare function normalizeServiceOption(serviceOrOptions?: string | BaseOptions): BaseOptions;
@@ -4,0 +5,0 @@ export declare function normalizeServerOption(serverOrOptions?: string | BaseOptions): BaseOptions;

package.json

 {
   "name": "react-native-keychain",
-  "version": "9.1.0",
+  "version": "9.2.0",
   "description": "Keychain Access for React Native",
@@ -5,0 +5,0 @@ "main": "./lib/commonjs/index.js",

README.md

@@ -14,2 +14,3 @@ <h1 align="center"><img
 - [Maintainers](#maintainers)
+- [Used By](#used-by)
 - [License](#license)
@@ -86,4 +87,12 @@
 
+## Used By
+
+This library is used by several projects, including:
+
+- [Rainbow Wallet](https://github.com/rainbow-me/rainbow)
+- [MetaMask Mobile](https://github.com/MetaMask/metamask-mobile)
+- [BlueWallet](https://github.com/bluewallet/bluewallet)
+
 ## License
 
 MIT © Joel Arvidsson 2016-2020

src/enums.ts

@@ -101,3 +101,17 @@ import { NativeModules } from 'react-native';
 /**
- * Enum representing storage types.
+ * Enum representing cryptographic storage types for sensitive data.
+ *
+ * Security Level Categories:
+ *
+ * 1. High Security (Biometric Authentication Required):
+ * - AES_GCM: For sensitive local data (passwords, personal info)
+ * - RSA: For asymmetric operations (signatures, key exchange)
+ *
+ * 2. Medium Security (No Authentication):
+ * - AES_GCM_NO_AUTH: For app-level secrets and cached data
+ *
+ * 3. Legacy/Deprecated:
+ * - AES_CBC: Outdated, use AES_GCM_NO_AUTH instead
+ * - FB: Archived Facebook Conceal implementation
+ *
  * @platform Android
@@ -110,5 +124,26 @@ */
   FB = 'FacebookConceal',
-  /** Encryptions without human interaction. */
-  AES = 'KeystoreAESCBC',
-  /** Encryption with biometrics. */
+  /** Encryptions without human interaction.
+   * @deprecated Use AES_GCM_NO_AUTH instead.
+   */
+  AES = 'KeystoreAES',
+  /**
+   * AES encryption in CBC (Cipher Block Chaining) mode.
+   * Provides data confidentiality without authentication.
+   * @deprecated Use AES_GCM_NO_AUTH instead.
+   */
+  AES_CBC = 'KeystoreAESCBC',
+  /**
+   * AES encryption in GCM (Galois/Counter Mode).
+   * Provides both data confidentiality and authentication.
+   */
+  AES_GCM_NO_AUTH = 'KeystoreAESGCM_NoAuth',
+  /**
+   * AES-GCM encryption with biometric authentication.
+   * Requires user authentication for both encryption and decryption operations.
+   */
+  AES_GCM = 'KeystoreAESGCM',
+  /**
+   * RSA encryption with biometric authentication.
+   * Uses asymmetric encryption and requires biometric authentication.
+   */
   RSA = 'KeystoreRSAECB',
@@ -115,0 +150,0 @@ }

src/index.ts

@@ -25,2 +25,3 @@ import { NativeModules, Platform } from 'react-native';
   normalizeServiceOption,
+  normalizeStorageOptions,
 } from './normalizeOptions';
@@ -49,3 +50,5 @@
 ): Promise<false | Result> {
-  const options = normalizeServiceOption(serviceOrOptions);
+  const options = normalizeStorageOptions(
+    normalizeServiceOption(serviceOrOptions)
+  );
   return RNKeychainManager.setGenericPasswordForOptions(
@@ -182,3 +185,3 @@ options,
     password,
-    options
+    options ? normalizeStorageOptions(options) : {}
   );
@@ -185,0 +188,0 @@ }

src/normalizeOptions.ts

@@ -0,1 +1,2 @@
+import { STORAGE_TYPE } from './enums';
 import type { AuthenticationPrompt, BaseOptions, SetOptions } from './types';
@@ -9,2 +10,13 @@
 
+export function normalizeStorageOptions(options: SetOptions): SetOptions {
+  if (options.storage && options.storage === STORAGE_TYPE.AES) {
+    console.warn(
+      `You passed 'AES' as a storage option to one of the react-native-keychain functions.
+            This way of passing storage is deprecated and will be removed in a future major.`
+    );
+    return { ...options, storage: STORAGE_TYPE.AES_CBC };
+  }
+  return options;
+}
+
 export function normalizeServiceOption(
@@ -11,0 +23,0 @@ serviceOrOptions?: string | BaseOptions

No alert changes

Improved metrics

Total package byte prevSize

274059

increased by7.87%

Number of package files

63

increased by3.28%

Lines of code

2212

increased by6.96%

Number of lines in readme file

97

increased by10.23%

No dependency changes