https://github.com/animo/expo-secure-environment
Expo Module for cryptographic operations using the devices Secure Environment behind biometric authentication.
https://github.com/animo/expo-secure-environment
android biometry cryptography expo ios react-native secure-environments typescript
Last synced: 4 months ago
JSON representation
Expo Module for cryptographic operations using the devices Secure Environment behind biometric authentication.
- Host: GitHub
- URL: https://github.com/animo/expo-secure-environment
- Owner: animo
- License: apache-2.0
- Created: 2024-07-25T10:45:30.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2025-11-11T09:19:36.000Z (7 months ago)
- Last Synced: 2025-11-11T11:19:56.555Z (7 months ago)
- Topics: android, biometry, cryptography, expo, ios, react-native, secure-environments, typescript
- Language: TypeScript
- Homepage:
- Size: 1.71 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-self-sovereign-identity - Expo Secure Environment - Expo Module for cryptographic operations using the devices Secure Environment behind biometric authentication. (🛠Tools & Technologies)
README
![Animo Logo]()
Expo - Secure Environment
Powered by Â
![Animo Logo]()
Getting Started
 |Â
Usage
 |Â
Contributing
 |Â
License
---
An [Expo Module](https://docs.expo.dev/modules/overview/) with support for cryptographic operations using the device's Secure Environment (HSM, SE, etc.) locked behing biometric authentication.
Currently supports Android API 30+ and the minimum supported version of iOS for Expo.
## Getting Started
First, install the module using your package manager.
```sh
npm install @animo-id/expo-secure-environment
```
Then prebuild the application so the Expo Module wrapper can be added as native dependency:
```sh
npx expo prebuild
```
You now have the Secure Environment module installed and configured.
## Usage
You can now import `@animo-id/expo-secure-environment` in your application.
### Supported cryptographic algorithms
**Key algorithm**: Secp256r1
**Signature algorithm**: ECDSA with SHA256
### Create a key pair
```typescript
import { generateKeypair } from "@animo-id/expo-secure-environment";
const myId = "keypair-id";
// Make sure it is backed by biometrics
generateKeypair(myId, true);
```
### Get the public bytes by the id
Returns the compressed form of a P-256 public key (and not the DER-encoded SubjectPublicKeyInfo):
```typescript
import {
generateKeypair,
getPublicBytesForKeyId,
} from "@animo-id/expo-secure-environment";
const myId = "keypair-id";
// Make sure it is backed by biometrics
generateKeypair(myId, true);
const publicBytes: Uint8Array = getPublicBytesForKeyId(myId);
```
### Sign data
Returns the raw signature (and not a DER-Encoded ECDA-Sig-Value):
```typescript
import {
generateKeypair,
sign
} from "@animo-id/expo-secure-environment";
const myId = "keypair-id";
// Make sure it is backed by biometrics
generateKeypair(myId, true);
// Make sure that when we sign we pass the third argument as true to indicate we would like to use biometrics
const signature = sign(myId, new Uint8Array(10).fill(7), true);
```
## Contributing
Is there something you'd like to fix or add? Great, we love community contributions! To get involved, please follow our [contribution guidelines](https://github.com/animo/.github/blob/main/CONTRIBUTING.md).
## License
This repository is licensed under the [Apache 2.0](./LICENSE) license.