Catching up with msicc.net, Part III: encryption with Xamarin applications

in programming •  6 years ago 

This is the third post of my series to catch up with my already existing blog. In these days, encryption of sensitive data is more important than ever. Of course, there are quite a few samples floating around the web, but most of them have one common issue - they relied on user input and/or hardcoded values. This is a very bad practice (imo) if you want to make sure that sensitive data is as save as possible. 

Even though I am using this in Xamarin Forms apps, all the implementations are platform specific. This ensures that I am able to use the native features of all platforms and provides the highest possible security level.

Android

On Android, I am using the AndroidKeyStore to create and store encryption keys. I created a helper class that can be used in Xamarin Android apps as well as routed into the Xamarin Forms app (although I never needed that, personally):

Xamarin Android: asymmetric encryption without any user input or hardcoded values

iOS

For iPhone/iPad, I am using the iOS KeyChain to create and store encryption keys. Like on Android, I implemented the whole needed stuff in an helper class. There is some more work to do, you can see everything in this article:

How to perform asymmetric encryption without user input/hardcoded values with Xamarin iOS

UWP

The UWP implementation goes even further and does not issue any keys directly. Instead, everything is handled by the operating system. The only thing one has to decide if storage of keys happens on user or machine level. Read more here:

Using the built-in UWP data protection for data encryption

As always, I hope these posts are helpful for some of you out there. Until the next post, happy coding, everyone!


image credit

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!