I've got some question. I being using KeyStore for store sensitive data in my React Native Application.
Where do i need to store my AES Key? And where must i store the encrypted data(for example an token). What is the normal usecase? Can i store it simple on the internal storage?
Thanks for any help.
You should store the AES key in the keystore. On some devices this might go to secure hardware if it is supported, resulting in more secure option. However, keystore backed AES is supported starting with API 23. If you're targeting lower API, then I would suggest that you generate an RSA key that will be used for AES key wrapping. The AES key is then stored encrypted in shared preference and RSA in keystore. As for data, you can store the data in shared preference or database. It doesn't really matter.
However, note that as long as the key is not stored in secure hardware, there isn't much stopping the attacker from retrieving the key with enough effort and skills.