0

I am using JSONStore to store some data in my project but my problem is that I want to store a key that is used to unlock the data.

Does MobileFirst provide any way to

  • Securely store a key at client side or server side.
  • Is there any way that I can get the key from adapter or unlock the JSONStore by connecting to adapter.
Yoel Nunez
  • 2,108
  • 1
  • 13
  • 19
Rahul
  • 217
  • 1
  • 9

1 Answers1

1

I believe you want to encrypt the data inside of a JSONStore collection and at the same time you want to be able to decrypt the collection without requiring the user to enter a password.

Approach 1: Client side

If you want to accomplish that in iOS you could use Touch ID for that purpose. You could read up more on that by going to https://www.ibm.com/support/knowledgecenter/SSHS8R_7.1.0/com.ibm.worklight.dev.doc/devref/t_setting_up_touch_id_jsonstore.html

For Android there is no out-of-the box integration but staring in Android Marshmallow (6.0) there is an API for the fingerprint scanner which you could also use. https://developer.android.com/about/versions/marshmallow/android-6.0.html#fingerprint-authentication

Basically with the approach mentioned above you are creating a random password and storing it securely in the device. Then the device prompts the user with the authentication (fingerprint scanner or pin code) and then if it's successful you will get access to that random password.

Approach 2: Server side

In this approach you will use an adapter to hash a token/string sent from the client. For this to work you will need to use something that remains constant i.e., device id WL.Device.getID() https://www.ibm.com/support/knowledgecenter/SSHS8R_7.1.0/com.ibm.worklight.apiref.doc/html/refjavascript-client/html/WL.Device.html#getID

app.js

WL.Device.getID(function(response){
  var id = response.deviceID;

  var req = WLResourceRequest('/adapters/Util/hash', WLResourceRequest.POST);

  return req.sendFormParameters({
    pass: id 
  });
}).then(function(response){
  var passwordHash = response.responseJSON.hash;


  // open JSONStore collection with the passwordHash
});

In your adapter you can hash your password/device id then return it to the device to open the JSONStore collection. You can check the following post How can I hash a password in Java? if you want to hash passwords in your Java adapter

This approach is a bit tricky since you will need to authenticate the somehow to make sure you are only opening/decrypting JSONStore for the legitimate user.

Community
  • 1
  • 1
Yoel Nunez
  • 2,108
  • 1
  • 13
  • 19