Secure contents in Documents directory

2020-02-09 05:19发布

问题:

Can anyone help me to make the contents of my Documents directory secure?

回答1:

Use:

- (BOOL)writeToFile:(NSString *)path options:(NSDataWritingOptions)mask error:(NSError **)errorPtr

with one of the file protection options:

NSDataWritingFileProtectionComplete (iOS 4.0)
NSDataWritingFileProtectionCompleteUnlessOpen (iOS 5.0)
NSDataWritingFileProtectionCompleteUntilFirstUserAuthentication (iOS 5.0)

See: Apple Documentation

NSDataWritingFileProtectionComplete

In this case, the file is stored in an encrypted format and may be read from or written to only while the device is unlocked. At all other times, attempts to read and write the file result in failure.

Note: Doing your own encryption raises the problem of key storage and the best answer there is to use the Keychain. Key handling is the biggest problem and the NSData methods handle that.



回答2:

We cannot secure the file in documents directory. We can store the file in temp folder of the device. This cannot be accessed by anyone



回答3:

use encryption and decryption for making and reading those files on iphone take an idea from here http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html



回答4:

Alan Quatermain provides a toolkit that has some helpful wrappers around the cryptography libraries to make encryption/decryption really straightforward.

Here's the link:

AlanQuatermain / aqtoolkit

Whatever you do, just make sure that you don't store the document on the device unencrypted, even for a short time. Always store it encrypted. Perform any encryption operation in memory.

Be sure that for any file operations you do not cache. So for example, any downloading, etc. you want to make sure that no data is written temporarily to disk.

Finally, for your encrypted documents, do not store the key on the device in any format. Do not store it on the keychain either.



回答5:

Try to encrypt content. take a look Strong Encryption for Cocoa / Cocoa Touch