flutter_secure_storage 9.2.4
flutter_secure_storage: ^9.2.4 copied to clipboard
Metadata
Flutter Secure Storage provides API to store data in secure storage. Keychain is used in iOS, KeyStore based solution is used in Android.
flutter_secure_storage#
Note: usage of encryptedSharedPreference#
When using theencryptedSharedPreferences
parameter on Android, make sure to pass the option to theconstructor instead of the function like so:
AndroidOptions _getAndroidOptions() => const AndroidOptions( encryptedSharedPreferences: true, );final storage = FlutterSecureStorage(aOptions: _getAndroidOptions());
This will prevent errors due to mixed usage ofencryptedSharedPreferences
.For more info,see this issue.
Info#
A Flutter plugin to store data in secure storage:
- Keychain is used for iOS
- AES encryption is used for Android. AES secret key is encrypted with RSA and RSA key is stored inKeyStore
- With V5.0.0 we can useEncryptedSharedPreferences on Android by enabling it in the Android Options like so:
AndroidOptions _getAndroidOptions() => const AndroidOptions( encryptedSharedPreferences: true, );
For more information see the example app.
libsecret
is used for Linux.
Note KeyStore was introduced in Android 4.3 (API level 18). The plugin wouldn't work for earlier versions.
Getting Started#
import 'package:flutter_secure_storage/flutter_secure_storage.dart';// Create storagefinal storage = FlutterSecureStorage();// Read valueString value = await storage.read(key: key);// Read all valuesMap<String, String> allValues = await storage.readAll();// Delete valueawait storage.delete(key: key);// Delete allawait storage.deleteAll();// Write valueawait storage.write(key: key, value: value);
This allows us to be able to fetch secure values while the app is backgrounded, by specifying first_unlock or first_unlock_this_device. The default if not specified is unlocked.An example:
final options = IOSOptions(accessibility: KeychainAccessibility.first_unlock);await storage.write(key: key, value: value, iOptions: options);
Configure Android version#
In[project]/android/app/build.gradle
setminSdkVersion
to >= 18.
android { ... defaultConfig { ... minSdkVersion 18 ... }}
Note By default Android backups data on Google Drive. It can cause exception java.security.InvalidKeyException:Failed to unwrap key.You need to
- disable autobackup,details
- exclude sharedprefs
FlutterSecureStorage
used by the plugin,details
Configure Web Version#
Flutter Secure Storage uses an experimental implementation using WebCrypto. Use at your own risk at this time. Feedback welcome to improve it. The intent is that the browser is creating the private key, and as a result, the encrypted strings in local_storage are not portable to other browsers or other machines and will only work on the same domain.
It is VERY important that you have HTTP Strict Forward Secrecy enabled and the proper headers applied to your responses or you could be subject to a javascript hijack.
Please see:
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
- https://www.netsparker.com/blog/web-security/http-security-headers/
Configure Linux Version#
You needlibsecret-1-dev
andlibjsoncpp-dev
on your machine to build the project, andlibsecret-1-0
andlibjsoncpp1
to run the application (add it as a dependency after packaging your app). If you using snapcraft to build the project use the following
parts: uet-lms: source: . plugin: flutter flutter-target: lib/main.dart build-packages: - libsecret-1-dev - libjsoncpp-dev stage-packages: - libsecret-1-0 - libjsoncpp-dev
Configure Windows Version#
Note The current implementation does not support readAll and deleteAll and is subject to change.
Configure MacOS Version#
You also need to add Keychain Sharing as capability to your macOS runner. To achieve this, please add the following inboth yourmacos/Runner/DebugProfile.entitlements
andmacos/Runner/Release.entitlements
(you need to change both files).
<key>keychain-access-groups</key><array/>
Integration Tests#
Run the following command fromexample
directory
flutter drive --target=test_driver/app.dart
Publisher
Weekly Downloads
Metadata
Flutter Secure Storage provides API to store data in secure storage. Keychain is used in iOS, KeyStore based solution is used in Android.
Repository (GitHub)
View/report issues
Documentation
License
BSD-3-Clause (license)
Dependencies
flutter,flutter_secure_storage_linux,flutter_secure_storage_macos,flutter_secure_storage_platform_interface,flutter_secure_storage_web,flutter_secure_storage_windows,meta
More
← Metadata
Publisher
Weekly Downloads
Metadata
Flutter Secure Storage provides API to store data in secure storage. Keychain is used in iOS, KeyStore based solution is used in Android.
Repository (GitHub)
View/report issues
Documentation
License
BSD-3-Clause (license)
Dependencies
flutter,flutter_secure_storage_linux,flutter_secure_storage_macos,flutter_secure_storage_platform_interface,flutter_secure_storage_web,flutter_secure_storage_windows,meta