🏠 Overview 🧩 Components 🧩 Encryption Service

Encryption Service

Component Detail

Service Layer high complexity mobile
1
Dependencies
1
Dependents
2
Entities
0
Integrations

Description

Handles all client-side cryptographic operations for assignment dispatch using asymmetric encryption (ECDH key pairs). The service generates or retrieves the peer mentor's public key from the backend, encrypts sensitive fields (name, address, epikrise) before transmission, and decrypts received assignments using the device's private key stored in the secure enclave. The backend never sees plaintext sensitive data.

Feature: Encrypted Assignment Dispatch

encryption-service

Responsibilities

  • Generate and manage asymmetric key pairs (ECDH) per user, storing private keys in device secure enclave (Keychain/Keystore)
  • Encrypt assignment payload client-side before dispatch using recipient's public key
  • Decrypt received assignment payloads using local private key from secure enclave
  • Retrieve and cache peer mentor public keys from the backend key registry
  • Validate encryption integrity and handle key rotation scenarios

Interfaces

generateKeyPair()
getPublicKey(userId)
encryptPayload(plaintext, recipientPublicKey)
decryptPayload(ciphertext)
storePrivateKey(key)
retrievePrivateKey()
rotateKeys()
verifyEncryptionIntegrity(ciphertext)
exportPublicKeyToBackend()
deleteLocalKeys()

Relationships

Dependencies (1)

Components this component depends on

infrastructure Secure Delivery Adapter

Dependents (1)

Components that depend on this component

ui Assignment Detail Screen

Related Data Entities (2)

Data entities managed by this component

Assignment 21 fields core Assignments 27 fields core