iPhone and handling secure key delivery

We're writing an iPhone iOS4 app which contains an SQLite database which is encrypted and nee开发者_开发知识库ds a key to be read. The database contains data supplied to the developer, it does not contain any user data.

The problem we have is how to negotiate delivering a key and/or whether/where to keep the key on the device when it arrives. This would be done without any interaction from the user.

Is there a way to safely put a key in and request a key from the keychain at runtime so that if, for example, the app ends up on a jail broken device the key can not be extracted by an evil person?

I have doubts this can all be done securely but I'm not an expert here. For example, some where in the source code we would need to request the key from the keychain.

Thanking you kindly in advance for your thoughts.

When you say 'key' do you mean a key in string format? If so, then yes place it into the keychain. SHFFKeychainUtils provide an easy interface to storing string values into the iOS keychain.

The best way to do this is to request a key from the user at app start, and then use that NSString to encrypt the database (or store it into the keychain for a hassle-free launch).