Data Protection API in iPhone Not Encrypting

StackOverflow https://stackoverflow.com/questions/14453155

Frage

I need to secure my data in Documents Directory so I have used Apple Data Protection API. Apple Asset

  1. I Enabled Data Protection in Settings App. Settings->General->Passcode Lock On

  2. I Write the file Using the NSDataProtectionKey

    [data writeToFile:imagePath options:NSDataWritingFileProtectionComplete error:nil];

  3. File is written successfully

  4. I get the file attributes

     [[NSFileManager defaultManager] attributesOfItemAtPath:fullPath
                                                     error:NULL];

  5. It returns this the attributes like this as you can see the NSFileProtectionKey is NSFileProtectionComplete

    NSFileCreationDate = "2013-01-22 06:10:48 +0000";
NSFileExtensionHidden = 0;
NSFileGroupOwnerAccountID = 501;
NSFileGroupOwnerAccountName = mobile;
NSFileModificationDate = "2013-01-22 06:10:48 +0000";
NSFileOwnerAccountID = 501;
NSFileOwnerAccountName = mobile;
NSFilePosixPermissions = 420;
NSFileProtectionKey = NSFileProtectionComplete;
NSFileReferenceCount = 1;
NSFileSize = 8964;
NSFileSystemFileNumber = 335997;
NSFileSystemNumber = 16777218;
NSFileType = NSFileTypeRegular;

I am sure that I have written the file successfully and I read that file successfully. But when I open this device in iExplorer(A external iOS device reader app for mac) it shows me the file written without encrypted.

Without encrypted means I write a image file. But I am able to view that image(in documents Directory) in iExplorer. But my purpose is to encrypt that. Because I dont want users to see those files. I am aware other encryption AES Algorithms. But want to know why Data Protection API didn't work.

Note: I Use iPad2 iOS 6.0.1 and Logs recorded in device

War es hilfreich?

Lösung

But want to know why Data Protection API didn't work.

It did work, you just expected more than what it does.

The encryption iOS applies to the files is transparent to anything in the userland. The encryption is done at hardware level, so that nobody who steals the Flash memory of the device can access the data. However, if the screen is unlocked and the device is turned on, the OS handles these files just like every other file, and they don't appear to be "encrypted" from within the filesystem.

If you want to do this, you have to encode the file using some asymmetric encryption method, such as AES (OpenSSL or GnuTLS would do the job well).

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top