Reputation: 147
How to protect data in ApplicationSupport folder from unauthorized access in iOS?
I'm working on an app which will download JSONs from server , store them in /Library/Application Support/ folder and use them afterwards ....
but after running the app in my iPad , I can see all the files including JSONs from Application Support folder (Documents folder is also visible although) using a Mac OSX app named iExplorer ...
Is there any way to prevent accessing the Application Support folder from unauthorized people ?? (Because now anybody who has the app running in their device can access sensitive informations including JSONs) ... Can anybody help me ??
Sorry if this question is stupid as I'm a newbie to iOS App Development ! Any help regarding this would be greatly appreciated ....
P.S. I tried Data Protection API and it only works when your device is locked via passcode ... You can still access the data if you unlock your device with the passcode ..
Upvotes: 0
Views: 443
Answers (2)
Reputation: 299455
I assume that by "unauthorized user" you mean "the owner of the device." The owner of the device cannot be considered an unauthorized user for data you send to or store on their device. Zaph's answer provides some obfuscation, but does not protect the information from the device owner. Just like data protection, this type of encryption can be reversed by anyone who can read the keychain. These techniques are to protect the user from attackers, not you from your user.
There is no effective technique to protect you from your own user. There are various obfuscation techniques (such as encryption with a key stored on the device), but they're all circumventable. There are many posts discussing this in depth. A good starting point with links to more is Secure https encryption for iPhone app to webpage and http://robnapier.net/obfuscating-cocoa.
For most problems, a little obfuscation is probably fine. It won't stop dedicated attackers, but nothing you're likely to do will either, so something simple is fine. Just don't believe it's going to protect you from your own users. That's a much, much harder problem (see the links for more on that).
Upvotes: 1
Reputation: 112855
Encrypt the data so it is unusable by an attacker.
Prepare:
- Create a random key
- Save that key in the Keychain
Encrypt:
- Get that key from the Keychain
- Encrypt the file with AES using the key
- Save the file to the desired directory.
Decrypt:
- Get that key from the Keychain
- Read the file into memory.
- Decrypt the file with AES using the key
Use Common Crypto for the cryptographic functions.
Something to get started with, a 256-bit random key for AES:
func generate256BitKey() -> [UInt8] {
let keyLength = Int(kCCKeySizeAES256)
var key = [UInt8](count: keyLength, repeatedValue: 0)
SecRandomCopyBytes(kSecRandomDefault, keyLength, &key);
return key
}
Upvotes: 1
Related Questions
- How to protect iOS bundle files like plist ,image,sqlite,media files
- iOS: When I open my app from iMazing, how to hide and protect from read and protect from copy on the mac a specific folder?
- Encrypting or protecting files stored in iOS app's NSDocumentsDirectory
- How to Password protect iOS app file?
- How to protect .plist and other .xml files in my project?
- How can I protect my files in app's document directory from reading by external tools(iFunbox/iTools etc)
- Lock/Protect document directory of ios app
- How to protect my application data in Documents directory
- iOS secure directory for specific app
- Lock Down Application