Skip to content

Latest commit

 

History

History
123 lines (88 loc) · 10.8 KB

File metadata and controls

123 lines (88 loc) · 10.8 KB

Unreleased (6.0.0-rc.13)

Features

  • rotation: Add versioned key rotation via rotateKeys() and getKeyVersion() with lazy re-encryption on read. New useKeyRotation hook exposes the same flow declaratively.
  • security hardening: Defense-in-depth pass — non-breaking, applied transparently to new writes and via lazy upgrade on rotation:
    • HMAC-SHA256 integrity tag bound to every entry's metadata + ciphertext, surfaced on StorageMetadata.integrityTag. Tampering with SharedPreferences/Keychain attributes now raises IntegrityViolationError (E_INTEGRITY_VIOLATION) before any biometric prompt is shown.
    • AES-GCM AAD on Android binds ciphertext to service|key|v<version>, defeating cross-entry swap attacks.
    • setUnlockedDeviceRequired(true) on every Android Keystore key (API 28+), mirroring iOS's kSecAttrAccessibleWhenUnlocked semantics.
    • Plaintext byte buffers are zeroized after use on both platforms.
    • Constant-time HMAC comparison via MessageDigest.isEqual / manual UInt8 XOR fold.
    • Backwards compatible: entries written by earlier versions decode without verification and are upgraded on the next write or rotation.
  • errors: New typed error classes (SensitiveInfoError, NotFoundError, AuthenticationCanceledError, IntegrityViolationError, KeyInvalidatedError, RotationFailedError) with code discriminants and instanceof predicates. Importable from the react-native-sensitive-info/errors subpath.
  • tree-shaking: "sideEffects": false everywhere; the package now publishes three focused subpath entries (., /hooks, /errors). The default export has been removed — import only the helpers you use.
  • nitro 0.35: Regenerated against nitrogen@0.35.5 and react-native-nitro-modules@0.35.5.
  • tooling: Migrated linting/formatting from ESLint + Prettier to Biome 2. Single config at biome.json, faster CI runs.

Refactor (KISS · DRY · SRP)

  • Introduced useAsyncQuery (read-only hooks) and useMutation (mutation hooks) primitives. useHasSecret, useSecretItem, useSecureOperation, useKeyRotation, and useSecureStorage now compose the same lifecycle/abort/error-handling pipeline — no duplicated state machines.
  • useSecureStorage shrunk from ~230 LOC to ~180 LOC and reuses the shared abort + auth-cancel semantics; behaviour is unchanged.
  • Test fixtures consolidated in src/__tests__/__mocks__/fixtures.ts (buildTestItem, buildTestMetadata).
  • Removed redundant re-exports from src/internal/errors.ts.

Breaking changes

  • The default export is gone. Use named imports: import { setItem } from 'react-native-sensitive-info'.
  • React hooks are no longer re-exported from the package root — import them from react-native-sensitive-info/hooks.

Notes

  • iOS rotation updates the Keychain metadata via SecItemUpdate, preserving the original access-control attributes while bumping keyVersion.
  • Android rotation mints a fresh per-entry Keystore alias (SensitiveInfo_<hash>_v<version>) during lazy or eager re-encryption and deletes the stale alias after a successful rewrite.
  • Version state lives in a non-secret registry (SharedPreferences on Android, UserDefaults on iOS). Delete the app's data to reset.

6.0.0-rc.12 (2025-12-16)

Features

  • restructure app components and implement secure storage functionality (b84ec82)

Bug Fixes

  • add tokenRef for npm access verification in release-it configuration (9e39622)
  • update repository field format in package.json (eeadcb8)

6.0.0-rc.11 (2025-11-05)

Bug Fixes

  • ios: prompt simulator biometric auth before keychain fetch and probe security on main thread (240bc60)

6.0.0-rc.10 (2025-11-05)

Bug Fixes

  • ios: run SecItemCopyMatching on main thread and refine auth cancel handling (c6cbfe3)

6.0.0-rc.9 (2025-11-03)

Bug Fixes

  • auth: treat authentication cancellations as soft-failures and map native cancel codes (4454883)

6.0.0-rc.8 (2025-10-27)

6.0.0-rc.7 (2025-10-27)

6.0.0-rc.6 (2025-10-27)

6.0.0-rc.5 (2025-10-27)

6.0.0-rc.4 (2025-10-25)

6.0.0-rc.3 (2025-10-24)

Features

  • Add biometric authentication support for Android and iOS (0310140)
  • Add biometric security demo component and integrate biometric storage options (1f7e3ac)
  • Add SecurityCapabilitiesDemo component and integrate security capabilities checks (7f942a0)
  • Adding a hasItem method (#259) (1dc4825)
  • Enhance security options with biometric and strongbox support in storage functions (f554332)
  • Implement secure storage using EncryptedSharedPreferences for Android (5671fcd)

Bug Fixes

  • android: Error is null on invalidateEnrollment set to false (#258) (4f9af66)

6.0.0-alpha9 (2020-12-17)

Features

  • android: biometric api implementation (9b608cf)

Bug Fixes

  • android: Android 11 auth required check (#238) (89dab84)
  • android: handle UnrecoverableKeyException (79c8197)
  • android: key user not authenticated (#224) (bb9ef04)
  • android: normalize error codes (#225) (6937221)
  • android: remove unused code (595e955)
  • android: same callback logic between showModal options (#220) (7eef64a)
  • updated react dependency in podspec to enable build in Xcode 12 (for iOS >= 12) (#246) (a1b7e88)

5.5.0 (2019-07-31)

Reverts

  • Revert "Add config on android to controlled setInvalidatedByBiometricEnrollment property" (8a01182)

5.2.5 (2018-08-07)

5.2.4 (2018-07-27)

5.2.2 (2018-07-26)

Features

  • adding TypeScript typings (5a10dce)

5.2.1 (2018-06-14)

Features

  • add more methods (792de81)
  • handle exception by re-initialize key (2144bfc)

5.2.0 (2017-10-10)

5.1.0 (2017-05-25)

5.0.1 (2017-05-16)

3.0.1 (2016-06-20)

3.0.0 (2016-06-14)

2.2.0 (2016-06-11)

2.1.0 (2016-06-07)

Reverts

  • Revert "adding more items into .gitignore" (f4de6a4)