1

I am building a react-native application that uses react-native-keychain to securely save the user's tokens. I know that keychain is for saving username/password combination but i thought it would do no harm to save my tokens instead. I'm currently implementing some checking mechanisms that will check if there is a valid refresh token availavable (meaning that the last user didnt log out when leaving the app, as usually happens in mobile apps) and will act accordingly. This seems to be performing poorly (too slow) and i have come to the conclusion that it is the fetching of the token that is holding the app back (Keychain.getGenericPassword()).

The question is: Since keychain seems to be the safest way to store credentials localy, is there a way to optimise its performance or is there an equally safe but generaly faster alternative?

ApoGrs
  • 13
  • 3

1 Answers1

1

"react-native-keychain" version: "6.2.0"

For anyone still trying to resolve this issue. I had the same issue where the delay for me was about 10s or more. I was able to reduce it to less than a second after going through these two issues 1, 2. I followed the steps mentioned in this comment.

  1. Use {storage: KeyChain.STORAGE_TYPE.AES} option when using the methods getGenericPassword and setGenericPassword

  2. Goto this file: node_modules\react-native-keychain\android\src\main\java\com\oblador\keychain\KeychainModuleBuilder.java and set the DEFAULT_USE_WARM_UP to false.

  3. Goto this file: node_modules\react-native-keychain\android\src\main\java\com\oblador\keychain\KeychainModule.java inside method getGenericPassword and change the following: Change these lines

    final String accessControl = getAccessControlOrDefault(options);   
final boolean useBiometry = getUseBiometry(accessControl);   
final CipherStorage current = getCipherStorageForCurrentAPILevel(useBiometry);

    to

    // final String accessControl = getAccessControlOrDefault(options);  
// final boolean useBiometry = getUseBiometry(accessControl);   
// final CipherStorage current = getCipherStorageForCurrentAPILevel(useBiometry);
final CipherStorage current = getSelectedStorage(options);

The issue seems to be because of a warming mechanism used with the RSA encryption. Please follow the above three links for further info.

atosh502
  • 76
  • 5
  • 14
  • Thanks for the answer. I will take a look at the links you posted but i have to say that steps 2 and 3 in the solution provided seem a bit temporary. As far as i know, making changes in node_modules only affects the local environment that i am developing, as I am not supposed to push that folder to github. So these changes wont carry over to my colleague's build or the released application. – ApoGrs Jan 06 '21 at 18:57
  • thanks helped on Android 10, I hope this can be helpful on Other Android too. from 5 to 10 – Muhammad Feb 11 '21 at 12:17