I'm Trying to implement RSA Encryption in Ionic Project

  • I have installed and tried the node-rsa library

  • when added node-rsa into constructor I’m facing the below issue
    [ng] BREAKING CHANGE: webpack < 5 used to include polyfills for node.js core modules by default.
    [ng] This is no longer the case. Verify if you need this module and configure a polyfill for it.
    [ng] If you want to include a polyfill, you need to:
    [ng] - add a fallback ‘resolve.fallback: { “crypto”: require.resolve(“crypto-browserify”) }’
    [ng] - install ‘crypto-browserify’
    [ng] If you don’t want to include a polyfill, you can use an empty module like this:
    [ng] resolve.fallback: { “crypto”: false }
    [ng] ./node_modules/node-rsa/src/utils.js:6:12-29 - Error: Module not found: Error: Can’t resolve ‘crypto’ in ‘D:\ANDROID\PROJECTS\Ionic\School_Bus_App\node_modules\node-rsa\src’
    [ng] BREAKING CHANGE: webpack < 5 used to include polyfills for node.js core modules by default.
    [ng] This is no longer the case. Verify if you need this module and configure a polyfill for it.
    [ng] If you want to include a polyfill, you need to:
    [ng] - add a fallback ‘resolve.fallback: { “crypto”: require.resolve(“crypto-browserify”) }’
    [ng] - install ‘crypto-browserify’

  • I have shared my code below ,which so far I tried ,anyone suggest solution for this
    import { HttpClient } from “@angular/common/http”;

import { Injectable } from “@angular/core”;

import { AppVersion } from ‘@ionic-native/app-version/ngx’;

import { Device } from ‘@ionic-native/device/ngx’;

import { ToastController } from “@ionic/angular”;

import { Constants } from “./Constants”;

import * as NodeRSA from ‘node-rsa’;

@Injectable({

providedIn: 'root'

})

export class Filler {

constructor(private constants: Constants,

    private device: Device,

    private appVersion: AppVersion,

    private toastCtrl: ToastController,

    private http: HttpClient,

    private rsaKey: NodeRSA

) { }


apiKeyEncryption() {

    var date = this.currentTimeStamp();

    var versionRelease = this.device.version;

    if (versionRelease == null) {

        versionRelease = '10';

    }

    var versionCode = '1';

    var versionName = '1.0';

    var plainValue = this.constants.API_KEY + this.constants.API_KEY_DIVIDER1 + date + this.constants.API_KEY_DIVIDER1 +

        versionRelease + this.constants.API_KEY_DIVIDER1 + versionCode + this.constants.API_KEY_DIVIDER1

        + versionName + this.constants.API_KEY_DIVIDER2;

        this.http.get("assets/public_key.pem", { responseType: 'text' })

        .subscribe((result) => {

            this.rsaKey.importKey(result, 'pkcs8-public');

            this.encryptRSA(plainValue)

            return result;

        }, error => {

            console.log(error);

        }

        );

}

encryptRSA(encoded) {

    var result;

    if (!encoded) {

        return encoded;

    }

    try {

        this.rsaKey.setOptions({

            encryptionScheme: "pkcs1"

        });

        result = this.rsaKey.encrypt(encoded, "base64");

        console.log("RSA Encryption Value : " + result)

    } catch (err) {

        console.log("RSA Encryption Catch Key : " + err);

        result = "";

    }

    return result.toString();

}

}

Thanks…

Unless this is some sort of academic exercise, please rethink your design and use well-tested protocols. Rolling your own cryptographic protocols from scratch is extremely difficult, and is a virtually sure route to a false sense of security.

Googling “textbook RSA” should give you a sense of the icebergs your ship is sailing directly towards.

If you are concerned about a man-in-the-middle snooping on communication between your Ionic app and its backend, simply get a proper SSL certificate for your backend and use HTTPS to communicate with it. Problem solved, in a much safer way.