Is it possible on iOS to use the hardware encryption with the device key and an app specific passcode?
We would like to assign the app specific passcode (not the device passcode) to the hardware encryption unit on the iOS devices to encrypt certain files. This would make brute force atta开发者_运维技巧cs to those files harder since the unknown devicekey could be used to derive the actual encryption key.
Is that possible on iOS?
thanx
jom123
If you want to do encryption of your App's data, your best bet is to use the Common Crypto library provided with iOS. You don't have access to the "hardware encryption unit".
There's a sample you can download & run at http://developer.apple.com/library/ios/#samplecode/CryptoExercise/Introduction/Intro.html#//apple_ref/doc/uid/DTS40008019-Intro-DontLinkElementID_2 Take a look at "- (NSData *)doCipher:(NSData *)plainText key:(NSData *)symmetricKey context:(CCOperation)encryptOrDecrypt padding:(CCOptions *)pkcs7" inside SecKeyWrapper.m -- this is the "encrypt/decrypt" meat of the application. There is documentation on the library available here: http://developer.apple.com/library/ios/#documentation/System/Conceptual/ManPages_iPhoneOS/man3/Common%20Crypto.3cc.html
Be aware there are export restrictions with providing encryption in your application and you may need a CCATS form.
See : Working with Protected Files
精彩评论