Encrypt/Decrypt Tags

[joepegler]

Are there any plans to add functionality to encrypt/decrypt tags as they are written/read? I have a version that does this here:

https://github.com/joepegler/phonegap-nfc-aes

I'm quite new to this sort of thing, but I'm writing a thesis on your excellent library and figured I'd look into including a couple of useful methods to keep payloads a secret. My version hasn't been optimized or anything like that, but if you do think it might be useful then let me know if you think it's a worthwhile avenue to explore and I'll try and make it a bit neater. I've effectively merged a JavaScript AES Encryption library into your 'phonegap-nfc.js' file, and used it to read and write tags with AES Encryption.

The two methods I've added are

nfc.addAesNdefListener(callback, [onSuccess], [onFailure], [myKey]);

and

nfc.aesWrite(message, [onSuccess], [onFailure], [myKey]);

where 'myKey' is a 16|24|32 length hexadecimal string of the users choice.

[don]

@joepegler This is interesting. Since you're encrypting and decrypting the payload, I'd rather see this as a separate javascript library on top of phonegap-nfc rather than integrating it into the phonegap-nfc plugin.

I think you can make library with generic AES encryption and decryption e.g. https://github.com/joepegler/phonegap-nfc-aes/blob/master/www/phonegap-nfc.js#L1-L226

Then create some helper functions to encrypt and decrypt payloads and give your application a nicer API.

aes.encryptPayload(ndefRecord)
aes.decryptPayload(ndefRecord)

Or perhaps

aes.ndefRecord(tnf, type, payload)

What are you doing for TNF and Type when encrypting data? Encrypting a TNF Well Known, RTD Text record is probably a bad idea since it will break compatibility with other apps. You could consider creating mime type messages 'binary/aes' (or something) to designate encrypted messages. Then you could easily filter for them with a mime type listener. Or create an external type like "joepegler.com:aes". Then you could create a helper function that handled the TNF and type for you.

aes.ndefRecord(payloadAsText)

Adding nfc.aesWrite could work since you have control when writing the data, but it's probably better to handle at the record level since the TNF and Type should reflect the encrypted payload.

nfc.addAesNdefListener makes less sense to me, since there's no way to restrict the NFC reads to only those containing AES encrypted messages. I think separating the processing of the payload from reading and writing makes more sense.

[JohnMcLear]

+1 separate plugin. Crypto could end up being the majority of this plugin if not.

----- Reply message ----- From: "Don Coleman" notifications@github.com To: "chariotsolutions/phonegap-nfc" phonegap-nfc@noreply.github.com Subject: [phonegap-nfc] Encrypt/Decrypt Tags (#137) Date: Wed, Aug 13, 2014 17:53

@joepeglerhttps://github.com/joepegler This is interesting. Since you're encrypting and decrypting the payload, I'd rather see this as a separate javascript library on top of phonegap-nfc rather than integrating it into the phonegap-nfc plugin.

I think you can make library with generic AES encryption and decryption e.g. https://github.com/joepegler/phonegap-nfc-aes/blob/master/www/phonegap-nfc.js#L1-L226

Then create some helper functions to encrypt and decrypt payloads and give your application a nicer API.

aes.encryptPayload(ndefRecord) aes.decryptPayload(ndefRecord)

Or perhaps

aes.ndefRecord(tnf, type, payload)

What are you doing for TNF and Type when encrypting data? Encrypting a TNF Well Known, RTD Text record is probably a bad idea since it will break compatibility with other apps. You could consider creating mime type messages 'binary/aes' (or something) to designate encrypted messages. Then you could easily filter for them with a mime type listener. Or create an external type like "joepegler.com:aes". Then you could create a helper function that handled the TNF and type for you.

aes.ndefRecord(payloadAsText)

Adding nfc.aesWrite could work since you have control when writing the data, but it's probably better to handle at the record level since the TNF and Type should reflect the encrypted payload.

nfc.addAesNdefListener makes less sense to me, since there's no way to restrict the NFC reads to only those containing AES encrypted messages. I think separating the processing of the payload from reading and writing makes more sense.

— Reply to this email directly or view it on GitHubhttps://github.com/chariotsolutions/phonegap-nfc/issues/137#issuecomment-52076529.

[don]

If you make AES encryption available as a library and have an example project for encrypting tag contents, send link and I will add to the documentation.

[joepegler]

Thankyou for the feedback. I'll work on it and get back to you.

Joe Pegler.

[yannicknya]

@joepegler , are you still working on your project aes encryption? I'm interested