Module to generate and sign with crypto keys backed on device security hardware on react-native platform.
yarn add @pagopa/io-react-native-cryptoimport { generate } from '@pagopa/io-react-native-crypto';
// ...
try {
const result = await generate('PERSONAL_KEYTAG');
} catch (e) {
const {message, userInfo} = e as CryptoError;
}
// result is the JWK of the generated public keyimport { sign } from '@pagopa/io-react-native-crypto';
// ...
try {
const result = await sign('A valid message to sign', 'PERSONAL_KEYTAG');
} catch (e) {
const {message, userInfo} = e as CryptoError;
}
// result is the Base64 string representation of the signature.import { getPublicKey } from '@pagopa/io-react-native-crypto';
// ...
try {
const result = await getPublicKey('PERSONAL_KEYTAG');
} catch (e) {
const {message, userInfo} = e as CryptoError;
}
// result is the JWK of the generated public key, error if no key has been yet generatedChecks whether a key is stored in StrongBox or not (Android only, raises a UNSUPPORTED_DEVICE error on iOS)
import { isKeyStrongboxBacked } from '@pagopa/io-react-native-crypto';
// ...
try {
const isKeyStrongboxBacked = await isKeyStrongboxBacked('PERSONAL_KEYTAG');
if(isKeyStrongboxBacked) {
console.log('The key is stored in the StrongBox');
} else {
console.log('The key is stored in TEE');
}
} catch (e) {
const {message, userInfo} = e as CryptoError;
}
// result is the JWK of the generated public key, error if no key has been yet generatedimport { deleteKey } from '@pagopa/io-react-native-crypto';
// ...
try {
await deleteKey('PERSONAL_KEYTAG');
} catch (e) {
const {message, userInfo} = e as CryptoError;
}
// no result is provided, error if no key has been found for the specified keytag| TypeName | Description |
|---|---|
| ECKey | The JWK representation of an Elliptic Curve public key |
| RSAKey | The JWK representation of an RSA public key |
| PublicKey | Type of the returned public key, may be either a RSAKey or a ECKey |
| CryptoError | This type defines the error returned by the generation of a key or signing a message it is composed by an error code and by an additional information object |
| TypeName | Platform | Description |
|---|---|---|
| KEY_ALREADY_EXISTS | iOS/Android | The key you're trying to generate already exists |
| UNSUPPORTED_DEVICE | iOS/Android | Device doesn't support hardware backed keys or the requested method |
| WRONG_KEY_CONFIGURATION | iOS/Android | The key configuration has not been correctly defined |
| PUBLIC_KEY_NOT_FOUND | iOS/Android | The public key is missing for a specific keyTag |
| PUBLIC_KEY_DELETION_ERROR | iOS/Android | An error occurred while deleting the public key |
| API_LEVEL_NOT_SUPPORTED | Android | The current API Level doesn't support the hardware baked key generation |
| KEYSTORE_LOAD_FAILED | Android | It was not possible to load or store data on the Keystore |
| KEYCHAIN_LOAD_FAILED | iOS | It was not possible to load or store data on the Keychain |
| UNABLE_TO_SIGN | iOS/Android | It was not possible to sign the given string |
| INVALID_UTF8_ENCODING | iOS/Android | The encoded string doesn't respect the valid encoding format |
| INVALID_SIGN_ALGORITHM | Android | The sign algorithm was not valid |
| UNKNOWN_EXCEPTION | Android | Unexpected error |
| THREADING_ERROR | iOS | Unexpected error |
See the contributing guide to learn how to contribute to the repository and the development workflow.
MIT
Made with create-react-native-library