we're writing iphone ios4 app contains sqlite database encrypted , needs key read. database contains data supplied developer, not contain user data.
the problem have how negotiate delivering key and/or whether/where keep key on device when arrives. done without interaction user.
is there way safely put key in , request key keychain @ runtime if, example, app ends on jail broken device key can not extracted evil person?
i have doubts can done securely i'm not expert here. example, in source code need request key keychain.
thanking kindly in advance thoughts.
when 'key' mean key in string format? if so, yes place keychain. shffkeychainutils provide easy interface storing string values ios keychain.
the best way request key user @ app start, , use nsstring encrypt database (or store keychain hassle-free launch).
Comments
Post a Comment