File encryption is a fundamental building block for enterprise mobile development. Due to the sensitivity of data collected by most enterprise apps, it is recommended that all persisted files are encrypted.
This recipe demonstrates how to use the Securely framework to both encrypt and decrypt files. Through the use of the File Crypto sample, we will provide step-by-step instructions on how to work with local encrypted files from within your Titanium app.
This recipe uses the Securely native module. This module and other code assets can be downloaded from the source provided by the book. Simply copy the modules folder into the root of your Titanium project. Please review the Getting ready section of Using secure properties recipe for instructions on module setup before continuing.
After installing the Securely module, you need to copy the PlainText.txt file into the Resources folder of your project. This file will be used by the recipe to create the initial encrypted file.
Once you have added the module folder and PlaintText.txt sample file into your project, you need to create your application namespace in the app.js file and use require to import the module into your code as the following code snippet demonstrates:
//Create our application namespace
var my = {
secure : require('bencoding.securely'),
isAndroid : Ti.Platform.osname === 'android'
};This recipe walks through how to use the Securely module along with Titanium's Ti.Filesystem namespace to encrypt and decrypt files. The test harness pictured in the following screenshot is used to demonstrate how to perform these crypto actions:
Now perform the following steps:
- The first step in creating the test harness is to create a
Ti.UI.Window, which is used to attach all UI elements.var win = Ti.UI.createWindow({ backgroundColor: '#fff', title: 'File Crypto Example', barColor:'#000',layout:'vertical',fullscreen:false }); - The next step in creating our test harness UI is to add a
Ti.UI.TextFieldnamedtxtPassword. This control is used to obtain the password used during the encryption and decryption operations.var txtPassword = Ti.UI.createTextField({ value:'foo123',hintText:'Enter Password', height:45, left:5, right:5, passwordMask:true }); win.add(txtPassword); - The next step in creating our test harness UI is to add a
Ti.UI.ButtonnamedbtnEncrypt. This control will be used to launch the file encryption process.var btnEncrypt = Ti.UI.createButton({ title:'Encrypt', top:25, height:45, left:5, right:5 }); win.add(btnEncrypt); - The final step in creating our test harness UI is to add a
Ti.UI.ButtonnamedbtnDecrypt. This control will be used to launch the file decryption process. Please note the encryption process launched when thebtnEncryptbutton is tapped must be run first.var btnDecrypt = Ti.UI.createButton({ title:'Decrypt', top:25, height:45, left:5, right:5 }); win.add(btnDecrypt);
The file encryption process is demonstrated using the click event of the btnEncrypt Ti.UI.Button. This section describes how to use the AESEncrypt method of Securely for file encryption using the AES encryption algorithm.
btnEncrypt.addEventListener('click',function(x){- The first step in the file encryption process is to create a callback method to receive the results from the
AESEncryptmethod. The followingonEncryptCompletedmethod demonstrates how to check for the different results provided during the callback process.function onEncryptCompleted(e){ if(e.success){ var test = Ti.Filesystem.getFile(e.to); Ti.API.info("Test file contents: " + (test.read()).text); }else{ alert('failed due to: ' + e.message); } }; - Next a new instance of the
FileCryptoobject of theSecurelyframework must be created.var fileCrypto = my.secure.createFileCrypto();
- Then
Ti.FileSystem.Fileobjects are created for the input and output files.var plainTextFile = Ti.Filesystem.getFile( Ti.Filesystem.resourcesDirectory, 'PlainText.txt'), futureEncrypted = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'encryptedFile.txt'),
- Finally the
AESEncryptmethod is called with the following parameters:password: Thepasswordparameter is the key used in the file encryption process. The same password must be provided later if you wish to decrypt the file.from: Thefromparameter provides anativePathreference to the file that will be encrypted. Please note the file itself is not encrypted, but simply used as the source to generate an encrypted file at the path provided in thetoparameter.to: Thetoparameter provides thenativePathreference to where the encrypted file should be generated. The application must be able to write to this file path or an IO exception will be generated.completed: Thecompletedparameter provides a reference to the callback method to be used upon completion of the execution of theAESEncryptmethod.fileCrypto.AESEncrypt({ password:txtPassword.value, from:plainTextFile.nativePath, to:futureEncrypted.nativePath, completed:onEncryptCompleted }); });
The file decryption process is demonstrated using the click event of the btnDecrypt Ti.UI.Button. The following section describes how to use AESDecrypt method of Securely for file decryption using the AES encryption algorithm. Please note that the same password used to encrypt the file must be provided in the decryption process.
btnDecrypt.addEventListener('click',function(x){- The first step in the file decryption process is to create a callback method to receive the results from the
AESDecryptmethod. The followingonDecryptCompletedmethod demonstrates how to check for the different results provided during the callback process:function onDecryptCompleted(e){ if(e.success){ var test = Ti.Filesystem.getFile(e.to); Ti.API.info("Test file contents: " + (test.read()).text); }else{ alert('failed due to: ' + e.message); } }; - Next the
Ti.FileSystem.Fileobjects are created for the input and output files.var encryptedFile = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'encryptedFile.txt'), futureDecrypted = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'decryptedFile.txt'),
- Then a new instance of the
FileCryptoobject ofSecurelymust be created.var fileCrypto = my.secure.createFileCrypto();
- Finally the
AESDecryptmethod is called with the following parameters:password: Thepasswordparameter is the key used in the file decryption process. This password must match the key provided during the file encryption process. If the passwords differ, an error will be provided to the callback method.from: Thefromparameter provides anativePathreference to the file that will be decrypted. Please note the file itself is not decrypted, but simply used as the source to generate a decrypted file at the path provided in thetoparameter.to: Thetoparameter provides thenativePathreference to where the decrypted file should be generated. The application must be able to write to this file path or an IO exception will be generated.completed: Thecompletedparameter provides a reference to the callback method to be used upon completion of the execution of theAESDecryptmethod.fileCrypto.AESDecrypt({ password:txtPassword.value, from:encryptedFile.nativePath, to:futureDecrypted.nativePath, completed:onDecryptCompleted }); });
- This recipe uses the
Securelymodule, for installation details please review the Getting ready section of the Using secure properties recipe Securelyuses theRNCryptorlibrary on iOS for file encryption. For documentation, licensing, and source, please visit https://github.com/rnapier/RNCryptor