hacker1024
commented
4 years ago Duplicate (partly) of #106
Closed ghost closed 3 years ago
hacker1024
commented
4 years ago Duplicate (partly) of #106
ghost
commented
4 years ago if flutter secure storage gets support for MacOS, Windows and Linux, the same source code can be used to build native apps for all respective platform. right now developers have to change secure storage to other alternative libraries in there service or API layer. which often breaks the application.
rekire
commented
4 years ago The Windows API Sample looks simple, great finding by the way. I'll check if I am able to create a pull request for it.
rekire
commented
4 years ago Today I got it managed to get a first interaction from the dart with the c++ code.
rekire
commented
4 years ago I don't think that that API is a good idea anymore. When I call the method I get this strange windows message. That is scary as hell lol.
rekire
commented
4 years ago Here is my WIP code if you want to try it yourself: https://github.com/rekire/flutter_secure_storage_windows Please notice the warnings.
JohnGalt1717
commented
3 years ago Combined with https://docs.microsoft.com/en-us/dotnet/standard/io/isolated-storage
Should get the windows side done. Depending on how secure you want it, you could get away with the later and not the former.
rekire
commented
3 years ago I found today Windows Hello, which is not absolut related, but might be a nice extension. You can use the API to get a secret (just a encrytion key I guess) via Biometrics or PIN (see the documentation, but to be honest I'm not sure if that is the best part of the documentation since this seems to be related to cloud projects)
It got the impression that this API required .net not sure if that is true. However I found this project which uses that API for a password manager which might be helpful: https://github.com/Angelelz/WinHelloUnlock
Might be related or interesting: https://github.com/authpass/biometric_storage (I did not check it yet)
rekire
commented
3 years ago @JohnGalt1717 I am not really sure, but did you check my experimental code? I guess that this requires ugly dialog from my screenshot above. I think that is not a transparent API as the user of this plugin would expect. Even my windows hello API idea does not match the "transparent" usage requirement.
JohnGalt1717
commented
3 years ago @rekire Looks like this is the only way then:
Which is available through project reunion outside of UWP.
rekire
commented
3 years ago Can you link that project reunion? I know the .net framework from the past (I guess 3.x times) and I remember that it is easy to call win32 from .net, but I don't know the other way around.
JohnGalt1717
commented
3 years ago https://docs.microsoft.com/en-us/windows/apps/project-reunion/get-started-with-project-reunion
Note the section on c++ code
JohnGalt1717
commented
3 years ago Alternatively you can create a in memory file system on Windows that is actually backed by the real file system, and use that to write encrypted data that will automatically stream encrypted onto the real file system and visa-versa. Obviously it would be better if Windows did it itself.
juliansteenbakker
commented
3 years ago macOS will be tracked in #106
For MacOs you can use keychain https://developer.apple.com/documentation/security/keychain_services
For windows you can use CryptProtectedData https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata