simple_secure_storage 0.1.1

Simple and secure storage for Flutter.

Simple Secure Storage

A simple and secure storage system for Flutter.

Motivations

I'm currently creating a TOTP app where secrets are encrypted using a master password and I need a secure place to store the encryption / decryption key.

I knew that Flutter already had a such package called flutter_secure_storage. The only problem is that it have 100+ open issues on Github, and that the author is currently inactive on Github.

That's why I've decided to create my own solution : Simple Secure Storage (SSS).

Features

• Very very simple and straightforward.
• Supports Android, iOS, macOS, Windows, Linux and web.
• Allows data to be cached (so that you can access it as fast as possible).
• Secure.
• Again, very simple.

Getting started

Minimum requirements

Simple Secure Storage uses :

• Keychain on Apple devices, which is supported since iOS 2.0 and macOS 10.6.
• EncryptedSharedPreferences on Android, which supports a minimum SDK version of, at least, 21.
• Crypt32 on Windows, which seems to be available since Windows XP. Note that, on Windows, everything is stored inside a file located at %APPDATA%/Local/appName/namespace.dat.
• libsecret on Linux. Therefore, you need a secret service (gnome_keyring is commonly installed).
• sembast_web and webcrypto on web.

Installation

Run the following command to add Simple Secure Storage to your Flutter project :

flutter pub add simple_secure_storage

Then, please make sure you follow the specific instructions for each platform you're targeting.

Android

Update the minimum SDK version in your android/app/build.gradle :

android {
    <!-- Other settings -->
    defaultConfig {
        minSdkVersion 18
        <!-- More settings -->
    }
    <!-- And more settings -->
}

Also, as stated on Android Developers,

WARNING: The preference file should not be backed up with Auto Backup. When restoring the file it is likely the key used to encrypt it will no longer be present. You should exclude all EncryptedSharedPreferences from backup using backup rules.

so either you completely disable auto backup, in your AndroidManifest.xml :

<application
     <!-- Some settings -->
    android:allowBackup="false"
    android:fullBackupContent="false">

or you only disable the backup of the encrypted shared preferences, which can be done using backup rules. Note that the sharedpref path is the namespace key you're passing to the initialize method of the plugin.

macOS

In Xcode, go to Project settings > Capabilities and enable Keychain Sharing (see this).

Linux

Run the following command to install libsecret-1-dev :

sudo apt install -y libsecret-1-dev

Code snippet

Here's a simple example to get started.

// Initialize the plugin before using.
// Typically done in your `main()` method.
if (kIsWeb) {
  // To secure your data on Flutter web, we have to encrypt it using a password and a salt.
  await SimpleSecureStorage.initialize(WebInitializationOptions(keyPassword: 'password', encryptionSalt: 'salt'));
} else {
  await SimpleSecureStorage.initialize(); // Feel free to use `InitializationOptions` if you want here too.
}

// Write a value.
await SimpleSecureStorage.write('key', 'value');

// Check if a value exists.
print(await SimpleSecureStorage.has('key')); // Will print "true".

// Read a value.
print(await SimpleSecureStorage.read('key')); // Will print "value".

// Remove a value.
await SimpleSecureStorage.delete('key');

// Clear everything.
await SimpleSecureStorage.clear();

In the previous snippet, everything is read "on demand". Although in most implementations your data is already cached in the memory on the platform side, you may want to access it without always having to use await. To do so, use the class CachedSimpleSecureStorage. It behaves exactly like the snippet above, except that you don't have to call await SimpleSecureStorage.initialize(), but await CachedSimpleSecureStorage.getInstance().

If you want a more complete example, feel free to check and run this one, which available on Github. Note that, using the example app on Darwin platforms (iOS & macOS), storage is not persistent because it's only configured to run locally in sandbox mode.

Contributions

You have a lot of options to contribute to this project ! You can :

• Fork it on Github.
• Submit a feature request or a bug report.
• Donate to the developer.