• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: file encription/decriptoin iOS
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: file encription/decriptoin iOS

  • Subject: Re: file encription/decriptoin iOS
  • From: Jens Alfke <email@hidden>
  • Date: Tue, 27 Jun 2017 09:36:44 -0700
> On Jun 26, 2017, at 10:24 PM, Jens Alfke <email@hidden> wrote:
>
> There’s some use in a scenario like this, and it could be a nice feature to
> add to apps … if there were a convenient and trustworthy file encryption API
> available. But there doesn’t seem to be.

I just remembered libsodium <libsodium.org <http://libsodium.org/>>, which is
an open source crypto library with some very reputable authors like Jeremy
Bernstein. Its philosophy is to provide very high-level APIs that focus on a
specific task, like “I want to encrypt a file”, which are implemented using
appropriate algorithms. This ensures that you’re a lot less likely to make a
mistake and break things. The drawback is that it tends to use less-common
algorithms; they have good reasons for their choices, but it makes
interoperability difficult unless you use libsodium on both ends.

The appropriate function for encrypting a file looks like
crypto_secretbox_easy():

https://download.libsodium.org/doc/secret-key_cryptography/authenticated_encryption.html

<https://download.libsodium.org/doc/secret-key_cryptography/authenticated_encryption.html>

If you want to make the user type a passphrase, libsodium has some
key-derivation functions to convert the passphrase to a key.

If you want to randomly generate a key and store it in the Keychain, you’ll
unfortunately have to deal with Apple’s Keychain APIs, but I think there is
some reasonable sample code for storing a key. (Caution: Do not under any
circumstances try to store the key as a SecKey! The API implies that you can do
so, but trying to get this to work on iOS nearly drove me into a nervous
breakdown a few years ago. Instead, just turn it into a hex or base64 string
and store it as though it were a password.)

—Jens
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >file encription/decriptoin iOS (From: email@hidden)
 >Re: file encription/decriptoin iOS (From: Alastair Houghton <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Alex Zavatone <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jens Alfke <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Sandor Szatmari <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jens Alfke <email@hidden>)

  • Prev by Date: Re: file encription/decriptoin iOS
  • Next by Date: Re: Focus ring of NSComboBox and text field visible through overlaid views
  • Previous by thread: Re: file encription/decriptoin iOS
  • Next by thread: Re: file encription/decriptoin iOS
  • Index(es):
    • Date
    • Thread