I am about to add encryption of data to my application. I have found a number of them but before embarking would like to know if anyone recommends a specific library that will function sweetly with Ionic.
This is also to work on a Jelly Bean android and also iOs as the minimum.
Are there any libraries to avoid in the Ionic context or any that really shine when in tandem with Ionic?
Please describe exactly what your threat concern is and how you expect encryption will address it. In general, if you do not trust the device owner, there isn’t really anything you can do, and any encryption you implement will be a Potemkin village.
Thanks for the response. I have not defined the specifics of the application they come from higher up, so analysis stage is passed and out of my hands I just need to build it.
All I need is to store a pin in an encrypted manner.
In the meantime I see that Ionic has included the Intel Security plugin which I was researching in the context of usin XDK before so I will be going with that.
I’ve been using Intel’s XDK (so much so that I wrote the Ionic Native port) and even though it hasn’t been touched in a long time, it’s pretty solid.
To give some context, I’ve used it to encrypt and store premium content users’ have to pay for. I found where these files get written to on Windows (which was another reason I needed to go with this option) and the contents are obscured.
I don’t know much about security myself, and haven’t tried to decrypt the contents by hand (which I assume would be your concern) so I don’t know how encrypted it is, but I recommend it.
Thanks for the response.
And that you very very much for your work porting it to Ionic I really think it will be a good solution for our needs.
I got it to work with writing but it fails when I try to read from the secure storage. I am getting a type script error that I don’t understand with reading. I put it in a post over here, any ideas?
@ehorodyski I fixed the issue I had. But I think the API docs are wrong.
The fix for me was that intelSec.storage.read returns a promise with the instanceID as a number.
And the getData function needs the instanceID as an argument sor getData(instanceID).
This is the code that works for me
readStorage(){
this.intelSec.storage.read({id: this.pinId})
.then((instanceID: number) => this.intelSec.data.getData(instanceID))
.then(
(data: string) => {
console.log("+++ have read the data and is:"+data);
}
)
.catch(
(error: any) => {
console.log("+++ the error code:"+error.code+" message:"+error.message);
}
)
}
My apologies, might be a typo in the docs. I’ll have to clean it up over the weekend – I have no time left this week to work on this. Or you can fork it and update the docs 
I think I fudged up assuming that .then(this.intelSecurity.data.getData) would automatically work. I have it changed in my source code as well:
/**
* This reads the data from an instance of encrypted storage (indicated by id).
* @param id {string} Storage resource identifier.
* @returns {Promise<string>} Returns a Promise that resolves to the data as plain-text, or falls back to using local storage.
*/
public read(id: string): Promise<string> {
return this._intelSecurity.storage.read({ id: id })
.then(n => this._intelSecurity.data.getData(n))
.catch(() => localStorage.getItem(id));
}
Thanks for bringing it up, I totally overlooked it!
Hello. I don’t think it is your problem as it is the same on the code snippet on the intel side.
https://software.intel.com/en-us/node/604518
I forked and created a pull request. I don’t have the permissions to merge.