By default, IAPMiniProgram SDK stores data from local-storage JSAPIs (my.getStorage, my.getStorageSync, my.setStorage, and my.setStorageSync) in plaintext. To enhance local data security, the super app can customize the encryption and decryption process using the GRVSecureLocalStorageEncryptorProtocol protocol. This topic guides you through the steps and provides sample codes for local data encryption and decryption.

Procedures

Take the following two steps to customize the encryption and decryption process of local data:

Step 1: Implement GRVSecureLocalStorageEncryptorProtocol

Create an implementation of the GRVSecureLocalStorageEncryptorProtocol protocol. Within this implementation, customize the encryption and decryption logic with your desired algorithm using the encrypt: and decrypt:identifier: methods respectively. Refer to the following sample code for implementation:

@implementation _Your_Impl_GRVSecureLocalStorageEncryptorProtocol

- (NSString *)identifier {
    // Return an identifier that represents the encryptor
}

- (nonnull NSString *)encrypt:(nonnull NSString *)data { 
    // Implement the logic to encrypt data
}

- (NSString * _Nullable)decrypt:(nonnull NSString *)data identifier:(nonnull NSString *)identifier {
    // Implement the logic to decrypt data
}

@end

For more information about this protocol, refer to GRVSecureLocalStorageEncryptorProtocol. When writing the data encryption and decryption logic, you can also use the public instance methods provided by IAPSecurityGuardLite to implement the AES256 algorithm. Refer to the following sample code for the implementation:

import IAPSecurityGuardLite

class _Your_Impl_GRVSecureLocalStorageEncryptorProtocol: NSObject, GRVSecureLocalStorageEncryptorProtocol {

    var identifier: String = "_Your_Encryptor_Identifier_"

        func encrypt(_ data: String) -> String {
        guard let result = try? IAPSecurityGuardLiteService().encrypt(data) else {
            // Handle errors here
            return data
            }

        return result
        }

    func decrypt(_ data: String, identifier: String) -> String? {
        guard let result = try? IAPSecurityGuardLiteService().decrypt(data) else {
            // Handle errors here
            return nil
            }

        return result
        }

}

Step 2: Configure encryptorForLocalStorage

After the SDK initialization logic, configure the encryptorForLocalStorage property and register the implemented GRVSecureLocalStorageEncryptorProtocol protocol to the SDK with the following sample code:

GRVAppContainerLaunch.sharedInstance.extensionDelegate.encryptorForLocalStorage = _Your_Impl_GRVSecureLocalStorageEncryptorProtocol

Protocols

GRVSecureLocalStorageEncryptorProtocol

The GRVSecureLocalStorageEncryptorProtocol protocol is used to customize the encryption and decryption process of local data. The following code shows the definition of this protocol:

@protocol GRVSecureLocalStorageEncryptorProtocol <NSObject>

@required

@property (nonatomic, copy, readonly) NSString *identifier;

- (NSString *)encrypt:(NSString *)data;

- (NSString * _Nullable)decrypt:(NSString *)data identifier: (NSString *)identifier;

@end

As shown by the protocol definition, the GRVSecureLocalStorageEncryptorProtocol protocol provides the following property and methods:

• Refer to the following table for the property information:

• Refer to the following table for the method information:

encrypt:

The encrypt: method has the following input parameter:

decrypt:identifier:

The decrypt:identifier: method has the following input parameters: