I made an iOS & Android app in Flutter...

We need to do some client-side encryption to pass data securely for a face-id SDK integration we're using.

We have both public and private keys.

Currently I'm doing the encryption like this:

   final publicPem =
       await rootBundle.loadString('keys/public-key.pub');
   final publicKey = e_package.RSAKeyParser().parse(publicPem) as RSAPublicKey;

   final privPem =
       await rootBundle.loadString('keys/private-key.pem');
   final privKey =
       e_package.RSAKeyParser().parse(privPem) as RSAPrivateKey;

   final encrypter = e_package.Encrypter(
       e_package.RSA(publicKey: publicKey, privateKey: privKey));

   final encrypted = encrypter.encrypt(plainText);
   final decrypted = encrypter.decrypt(encrypted);

   print('DECRYPTED IS: ' +
   print('ENCRYPTED IS: ' + encrypted.base64);

The keys directory is added to the pubspec.yaml like so:

      - assets/
      - keys/

This is working... but is it safe to store my private key in the file keys/private-key.pem client side?

Is there a more secure way to store private keys? Or is this fine?

Thank you guys all in advance!