File encryption is a fundamental building block for enterprise mobile development. Due to the sensitivity of data collected by most enterprise apps, it is recommended that all persisted files are encrypted.
This recipe demonstrates how to use the Securely
framework to both encrypt and decrypt files. Through the use of the File Crypto sample, we will provide step-by-step instructions on how to work with local encrypted files from within your Titanium app.
This recipe uses the Securely
native module. This module and other code assets can be downloaded from the source provided by the book. Simply copy the modules
folder into the root of your Titanium project. Please review the Getting ready section of Using secure properties recipe for instructions on module setup before continuing.
After installing the Securely
module, you need to copy the PlainText.txt
file into the Resources
folder of your project. This file will be used by the recipe to create the initial encrypted file.
Once you have added the module
folder and PlaintText.txt
sample file into your project, you need to create your application namespace in the app.js
file and use require
to import the module into your code as the following code snippet demonstrates:
//Create our application namespace var my = { secure : require('bencoding.securely'), isAndroid : Ti.Platform.osname === 'android' };
This recipe walks through how to use the Securely
module along with Titanium's Ti.Filesystem
namespace to encrypt and decrypt files. The test harness pictured in the following screenshot is used to demonstrate how to perform these crypto actions:
Now perform the following steps:
Ti.UI.Window
, which is used to attach all UI elements.var win = Ti.UI.createWindow({ backgroundColor: '#fff', title: 'File Crypto Example', barColor:'#000',layout:'vertical',fullscreen:false });
Ti.UI.TextField
named txtPassword
. This control is used to obtain the password used during the encryption and decryption operations.var txtPassword = Ti.UI.createTextField({ value:'foo123',hintText:'Enter Password', height:45, left:5, right:5, passwordMask:true }); win.add(txtPassword);
Ti.UI.Button
named btnEncrypt
. This control will be used to launch the file encryption process.var btnEncrypt = Ti.UI.createButton({ title:'Encrypt', top:25, height:45, left:5, right:5 }); win.add(btnEncrypt);
Ti.UI.Button
named btnDecrypt
. This control will be used to launch the file decryption process. Please note the encryption process launched when the btnEncrypt
button is tapped must be run first.var btnDecrypt = Ti.UI.createButton({ title:'Decrypt', top:25, height:45, left:5, right:5 }); win.add(btnDecrypt);
The file encryption process is demonstrated using the click
event of the btnEncrypt Ti.UI.Button
. This section describes how to use the AESEncrypt
method of Securely
for file encryption using the AES encryption algorithm.
btnEncrypt.addEventListener('click',function(x){
AESEncrypt
method. The following onEncryptCompleted
method demonstrates how to check for the different results provided during the callback process.function onEncryptCompleted(e){ if(e.success){ var test = Ti.Filesystem.getFile(e.to); Ti.API.info("Test file contents: " + (test.read()).text); }else{ alert('failed due to: ' + e.message); } };
FileCrypto
object of the Securely
framework must be created.var fileCrypto = my.secure.createFileCrypto();
Ti.FileSystem.File
objects are created for the input and output files.var plainTextFile = Ti.Filesystem.getFile( Ti.Filesystem.resourcesDirectory, 'PlainText.txt'), futureEncrypted = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'encryptedFile.txt'),
AESEncrypt
method is called with the following parameters:password
: The password
parameter is the key used in the file encryption process. The same password must be provided later if you wish to decrypt the file.from
: The from
parameter provides a nativePath
reference to the file that will be encrypted. Please note the file itself is not encrypted, but simply used as the source to generate an encrypted file at the path provided in the to
parameter.to
: The to
parameter provides the nativePath
reference to where the encrypted file should be generated. The application must be able to write to this file path or an IO exception will be generated.completed
: The completed
parameter provides a reference to the callback method to be used upon completion of the execution of the AESEncrypt
method.fileCrypto.AESEncrypt({ password:txtPassword.value, from:plainTextFile.nativePath, to:futureEncrypted.nativePath, completed:onEncryptCompleted }); });
The file decryption process is demonstrated using the click
event of the btnDecrypt Ti.UI.Button
. The following section describes how to use AESDecrypt
method of Securely
for file decryption using the AES encryption algorithm. Please note that the same password used to encrypt the file must be provided in the decryption process.
btnDecrypt.addEventListener('click',function(x){
AESDecrypt
method. The following onDecryptCompleted
method demonstrates how to check for the different results provided during the callback process:function onDecryptCompleted(e){ if(e.success){ var test = Ti.Filesystem.getFile(e.to); Ti.API.info("Test file contents: " + (test.read()).text); }else{ alert('failed due to: ' + e.message); } };
Ti.FileSystem.File
objects are created for the input and output files.var encryptedFile = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'encryptedFile.txt'), futureDecrypted = Ti.Filesystem.getFile( Ti.Filesystem.applicationDataDirectory, 'decryptedFile.txt'),
FileCrypto
object of Securely
must be created.var fileCrypto = my.secure.createFileCrypto();
AESDecrypt
method is called with the following parameters:password
: The password
parameter is the key used in the file decryption process. This password must match the key provided during the file encryption process. If the passwords differ, an error will be provided to the callback method.from
: The from
parameter provides a nativePath
reference to the file that will be decrypted. Please note the file itself is not decrypted, but simply used as the source to generate a decrypted file at the path provided in the to
parameter.to
: The to
parameter provides the nativePath
reference to where the decrypted file should be generated. The application must be able to write to this file path or an IO exception will be generated.completed
: The completed
parameter provides a reference to the callback method to be used upon completion of the execution of the AESDecrypt
method.fileCrypto.AESDecrypt({ password:txtPassword.value, from:encryptedFile.nativePath, to:futureDecrypted.nativePath, completed:onDecryptCompleted }); });
Securely
module, for installation details please review the Getting ready section of the Using secure properties recipeSecurely
uses the RNCryptor
library on iOS for file encryption. For documentation, licensing, and source, please visit https://github.com/rnapier/RNCryptor3.12.74.18