Intel Security
The App Security API enables the use of security properties and capabilities on the platform, using a new set of API defined for application developers. You are not required to be a security expert to make good use of the API. Key elements, such as encryption of data and establishments of capabilities, is abstracted and done by the API implementation, for you.
For example:
- Use the API to store (E.g. cache) data locally, using the device non-volatile storage. Data protection/encryption will be done for you by the API implementation
- Establish a connection with remote server (E.g. XHR) using a protected channel. SSL/TLS establishment and usage will be done for you by the API implementation
For more information please visit the API documentation.
Repo: https://github.com/AppSecurityApi/com-intel-security-cordova-plugin
Installation
- Install the Cordova and Ionic Native plugins:
$ ionic cordova plugin add com-intel-security-cordova-plugin $ npm install --save @ionic-native/intel-security@4 - Add this plugin to your app's module
Supported platforms
- Android
- iOS
- Windows
- Windows Phone 8
Usage
import { IntelSecurity } from '@ionic-native/intel-security';
...
constructor(private intelSecurity: IntelSecurity) { }
...
let storageID = 'id';
this.intelSecurity.data.createFromData({ data: 'Sample Data' })
.then((instanceID: Number) => this.intelSecurity.storage.write({ id: storageId, instanceID: instanceID }))
.catch((error: any) => console.log(error));
this.intelSecurity.storage.read({id: storageID })
.then((instanceID: number) => this.intelSecurity.data.getData(instanceID))
.then((data: string) => console.log(data)) // Resolves to 'Sample Data'
.catch((error: any) => console.log(error));
this.intelSecurity.storage.delete({ id: storageID })
.then(() => console.log('Deleted Successfully'))
.catch((error: any) => console.log(error));
Instance Members
storage
returns an IntelSecurityStorage object
data
Returns an IntelSecurityData object
IntelSecurityData
Instance Members
createFromData(options)
This creates a new instance of secure data using plain-text data.
| Param | Type | Details |
|---|---|---|
| options |
IntelSecurityDataOptions
|
Returns: Promise<any> Returns a Promise that resolves with the instanceID of the created data instance, or rejects with an error.
createFromSealedData(options, options.sealedData)
This creates a new instance of secure data (using sealed data)
| Param | Type | Details |
|---|---|---|
| options |
Object
|
|
| options.sealedData |
string
|
Sealed data in string format. |
Returns: Promise<any> Returns a Promise that resolves with the instanceID of the created data instance, or rejects with an error.
getData(instanceID)
This returns the plain-text data of the secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
Number
|
Secure data instance ID. |
Returns: Promise<string> Returns a Promise that resolves to the data as plain-text, or rejects with an error.
getSealedData(instanceID)
This returns the sealed chunk of a secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<any> Returns a Promise that resolves to the sealed data, or rejects with an error.
getTag(instanceID)
This returns the tag of the secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<string> Returns a Promise that resolves to the tag, or rejects with an error.
getPolicy(instanceID)
This returns the data policy of the secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<any> Returns a promise that resolves to the policy object, or rejects with an error.
getOwners(instanceID)
This returns an array of the data owners unique IDs.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<Array> Returns a promise that resolves to an array of owners’ unique IDs, or rejects with an error.
getCreator(instanceID)
This returns the data creator unique ID.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<Number> Returns a promsie that resolves to the creator’s unique ID, or rejects with an error.
getWebOwners(instanceID)
This returns an array of the trusted web domains of the secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<Array> Returns a promise that resolves to a list of web owners, or rejects with an error.
changeExtraKey(options, options.instanceID, options.extraKey)
This changes the extra key of a secure data instance. To successfully replace the extra key, the calling application must have sufficient access to the plain-text data.
| Param | Type | Details |
|---|---|---|
| options |
Object
|
|
| options.instanceID |
any
|
Secure data instance ID. |
| options.extraKey |
Number
|
Extra sealing secret for secure data instance. |
Returns: Promise<any> Returns a promise that resolves with no parameters, or rejects with an error.
destroy(instanceID)
This releases a secure data instance.
| Param | Type | Details |
|---|---|---|
| instanceID |
any
|
Secure data instance ID. |
Returns: Promise<any> Returns a promise that resovles with no parameters, or rejects with an error.
IntelSecurityStorage
Instance Members
delete(options, options.id, options.storageType)
This deletes a secure storage resource (indicated by id).
| Param | Type | Details |
|---|---|---|
| options |
Object
|
|
| options.id |
String
|
Storage resource identifier. |
| options.storageType |
Number
|
Storage type. |
Returns: Promise<any> Returns a Promise that resolves with no parameters, or rejects with an error.
read(options, options.id, options.storageType, options.extraKey)
This reads the data from secure storage (indicated by id) and creates a new secure data instance.
| Param | Type | Details |
|---|---|---|
| options |
Object
|
|
| options.id |
String
|
Storage resource identifier. |
| options.storageType |
Number
|
Storage type. |
| options.extraKey |
Number
|
Valid secure data instance ID. |
Returns: Promise<Number> Returns a Promise that resolves with the instance ID of the created secure data instance, or rejects with an error.
write(options, options.id, options.instanceID, options.storageType)
This writes the data contained in a secure data instance into secure storage.
| Param | Type | Details |
|---|---|---|
| options |
Object
|
|
| options.id |
String
|
Storage resource identifier. |
| options.instanceID |
Number
|
Valid secure data instance ID |
| options.storageType |
Number
|
Storage type. |
Returns: Promise<any> Returns a Promise that resolves with no parameters, or rejects with an error.
IntelSecurityDataOptions
| Param | Type | Details |
|---|---|---|
| data |
String
|
|
| tag |
String
|
Tag text. (optional) |
| extraKey |
Number
|
Valid secure data instance ID. (optional) |
| appAccessControl |
Number
|
Application access control policy. (optional) |
| deviceLocality |
Number
|
Device locality policy. (optional) |
| sensitivityLevel |
Number
|
Sensitivity level policy. (optional) |
| noStore |
Boolean
|
Disallow sealed blob access. (optional) |
| noRead |
Boolean
|
Disallow plain-text data access. (optional) |
| creator |
Number
|
Creator unique ID. (optional) |
| owners |
Number[]
|
Array of owners unique IDs. (optional) |
| webOwners |
String[]
|
List of trusted web domains. (optional) |