feat: add ECCrypto native module with hardware-back key storage / secure enclave .

[hanwencheng]

This is the first PR for #222 According to Parity-Signer Secure Key Storage Proposal

To avoid the PR become too large, and also to be available to switch to another high priority issues, I would rather split this PR into multiple parts.

As development goes by, the react-native-ecc is not 100% fits to our use case, I have implement an ECCrypto module which both works in iOS (with Secure Enclave) and Android (with Hard-ware backed Keystore).

So in this PR the following parts are finished:

• iOS Encryption and decryption function.
• Android Encryption and decryption function.
• Integrate with iOS touchID.
• Integrate with Android Fingerprint.
• Add Integration Test for the encryption and decryption bridge

Rest parts are:

• Refactor Account to store the encrypted account data with secure storage
• Save the hashed pin in to system normal storage.

I am using Google Tink library on Android for simplify the code and workflow but currently the BiometricPrompt is not integrated yet, there is an issue discussing it.

Usage

import { ECCrypto } from 'NativeModules';

const encryptAndThenDecrypt = async () => {
  try {
    //Encrypt
    const cipherText = await ECCrypto.encrypt({
      data: 'I am a seed data',
      label: '0x5Cc5dc62be3c95C771C142C2e30358B398265deF' //any identical string, e.g. public address 
    });
    //Decrypt
    const clearText = await ECCrypto.decrypt({
      data: cipherText,
      label: '0x5Cc5dc62be3c95C771C142C2e30358B398265deF' //the same identical string
    });
    console.log('decrypt result is ', clearText);
  } catch(e) {
    console.log(e);
  }
};

------ORIGINAL DESCRIPTION BELOW------

React-native-ecc has implement secure enclave with ecc sign and verify function. We could use to replace react-native-secure-storage, I am currently creating an PR to add the encryption and decryption function to fulfill our goal.

On the Android system we will also need to store the encrypted data into Keystore so I will also implement the encryption and decryption function on Android based on React-native-ecc as well.

[Tbaut]

Thanks for the PR. I'm not entirely sure how to review this PR, or why it has the "grumble" label.

So the main roadmap would be:

• iOS Encryption and decryption function.
• Android Encryption and decryption function.
• Integrate with iOS touchID.
• Integrate with Android Fingerprint.
• Add Unit Test for the encryption and decryption function
• Refactor Account to store the encrypted account data with secure storage
• Save the hashed pin in to system normal storage.

This should rather live in an issue IMO. It can surely be split into several PRs, I see mainly 2, with the first 5 elements (up to the unit tests) and the last 2 elements with the integration. What do you think?

[hanwencheng]

The "grumble" label is because according to the previous talk with @sjeohp, and his PR on #416 , we have bunch of stuff to be merged.

For better review, I will create a test for the PR.

And I agree with you to move the tasks in to the issue.

[sjeohp-zz]

@hanwencheng I think we can merge with master separately and it won't be a problem. There is really no overlap at the moment.

[hanwencheng]

Test part is finished, will refresh this PR after the CI integration merged, then we will have a clear view of it.

[hanwencheng]

Integration test is added as here

[sjeohp-zz]

I'm not sure it makes sense to use a UI testing framework to test non-UI features. Surely encryption methods and such can be tested more easily without it...

[pmespresso]

@sjeohp I think as far as testing the encryption methods, the best we can do is just unit test the encrypt/decrypt methods in their respective OS.

The integration tests @hanwencheng added are indeed for UI testing but they give us a way to emulate that OS and hit it from the JS code so that we also have an idea of whether the bridging is working as expected.

Other than that I'm ok to merge this as is (after adding some unit tests) and we can actually do the wiring up in a separate PR.

[sjeohp-zz]

Happy to merge once the conflict is resolved