Re: Using NSValueTransformer for encryption
Re: Using NSValueTransformer for encryption
- Subject: Re: Using NSValueTransformer for encryption
- From: "Michael Varlik" <email@hidden>
- Date: Thu, 10 Jan 2008 21:29:28 +0100
-------- Original-Nachricht --------
> Datum: Thu, 10 Jan 2008 09:26:06 -0700
> Von: Keary Suska <email@hidden>
> An: "Cocoa-Dev (Apple)" <email@hidden>
> Betreff: Re: Using NSValueTransformer for encryption
> on 1/10/08 1:32 AM, email@hidden purportedly said:
>
> > I need to include encryption in my Core Data application. Consider
> > the following example: If I'd use the XML Store, I would encrypt
> > only the values, not the whole XML file. For encryption/decryption
> > I want to use a NSValueTransformer to perform the encryption/decryption
> > if it's needed. It can take the encrypted value from the store, decrypt
> > it and deliver the decrypted value to the UI (and vice versa). Do
> > you think it will be possible to perform encryption/decryption this
> > way? In the data model the values that will be encrypted would have been
> of
> > type "binary" on order to keep the encrypted values, haven't they?
>
> The main drawback to this approach is that the transformer can't easily
> know
> whether a value is encrypted or not, which isn't an issue if you don't
> want
> the values editable.
>
> I would recommend encrypting/decrypting on load/save for the most
> robustness.
>
> > I belive, that an advantage of this solution would be that there won't
> be any
> > decrypted values in the memory footprint of the application as long as
> there
> > are any values displayed. (I think you have to manually set the values
> of UI
> > elements displaying the decrypted values after closing the window which
> > contains these elements).
>
> I am not sure what you are saying here--if the data exists in your
> application at any moment whatsoever in an unencrypted form, it is (at
> that
> moment, at least) exposed in the application's memory space, and therefore
> discoverable by inspecting the memory space. Even if the value isn't
> currently displayed, depending on other issues such as the state of the
> autorelease pool or other garbage collection, the value may still exist in
> memory space and be discoverable.
Consider the following example: The user edits a text whose stringValue
shall be encrypted. After endEditing the value is passed to the managed
object which stores it. This is where the value transformer comes into play.
It takes the value from the text field, encrypts it and passes the encrypted
value to the managed object. After that, the string value of the text field
has to be set to an empty string which sould remove the unencrypted value from
memory. Decrypting a value from the managed object is just the other way around.
I hope this makes my idea a bit mor clear.
Best regards,
Michael
>
> Best,
>
> Keary Suska
> Esoteritech, Inc.
> "Demystifying technology for your home or business"
>
>
> _______________________________________________
>
> Cocoa-dev mailing list (email@hidden)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
--
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger?did=10
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden