Data Encryption with Core Data in iOS

I just need confirmation about this.

Is it possible to say that with iPhone 3GS and higher, any data written to the file system is encrypted using hardware encryption? By simply creating the XXX.sqlite file in the file system, the data stored in it is already encrypted.

Also for security, is NSFileProtectionComplete provided?

Thanks.

+6
source share
3 answers

No, this is not true. You will need to enable encryption in the sqlite file. Add the following after creating the persistentStoreCoordinator :

 // Make sure the database is encrypted when the device is locked NSDictionary *fileAttributes = [NSDictionary dictionaryWithObject:NSFileProtectionComplete forKey:NSFileProtectionKey]; if (![[NSFileManager defaultManager] setAttributes:fileAttributes ofItemAtPath:[storeURL path] error:&error]) { // Deal with the error } 
+7
source
 [_persistentStoreCoordinator addPersistentStoreWithType:NSSQLiteStoreType configuration:nil URL:storeURL options:@{ NSPersistentStoreFileProtectionKey : NSFileProtectionComplete } error:&error] 
+7
source

No, your guess is wrong.

From the documentation for the NSPersistentStoreCoordinator class:

The default value is NSFileProtectionCompleteUntilFirstUserAuthentication for all applications built on or after iOS version 5.0. The default value for all old applications is NSFileProtectionNone.

To enable NSFileProtectionComplete, you need to add NSPersistentStoreFileProtectionKey with NSFileProtectionComplete in the NSDictionary option when you call the addPersistentStoreWithType: configuration: URL: options: error: method.

Keep in mind that this file encryption is only allowed when the user has set a password.

+3
source

Source: https://habr.com/ru/post/910628/


All Articles