How to protect localstorage and websql data in a cordon-ion application

Question

How to protect localstorage and websql data in a cordon-ion application

Data stored in local storage or in the WebSql database is not protected. we can directly see all the WebSql and local storage data, since they are stored as plain text.

Is there a way to protect data?

+4

html5 local-storage ionic-framework web-sql hybrid-mobile-app

Bhavesh jariwala Jun 20 '15 at 12:30

source share

1 answer

Carlos Rojas · Accepted Answer · 2015-06-20T21:33:26+0000

yes, you can encrypt / decrypt your data using something like AES or another algorithm. Perhaps you can try to implement https://github.com/digitalbazaar/forge#md5

// generate a random key and IV
// Note: a key size of 16 bytes will use AES-128, 24 => AES-192, 32 => AES-256
var key = forge.random.getBytesSync(16);
var iv = forge.random.getBytesSync(16);

/* alternatively, generate a password-based 16-byte key
var salt = forge.random.getBytesSync(128);
var key = forge.pkcs5.pbkdf2('password', salt, numIterations, 16);
*/

// encrypt some bytes using CBC mode
// (other modes include: CFB, OFB, CTR, and GCM)
var cipher = forge.cipher.createCipher('AES-CBC', key);
cipher.start({iv: iv});
cipher.update(forge.util.createBuffer(someBytes));
cipher.finish();
var encrypted = cipher.output;
// outputs encrypted hex
console.log(encrypted.toHex());

// decrypt some bytes using CBC mode
// (other modes include: CFB, OFB, CTR, and GCM)
var decipher = forge.cipher.createDecipher('AES-CBC', key);
decipher.start({iv: iv});
decipher.update(encrypted);
decipher.finish();
// outputs decrypted hex
console.log(decipher.output.toHex());

Run code Hide result

How to protect localstorage and websql data in a cordon-ion application

More articles: