Jens, Thanks for your reply.
I have an application on OS X, not IOS, that contains some sensitive data that I want to withhold from those not licensed to use it. I wish to use RSA encryption/decryption in block mode (I think). I want to encrypt both the public and the private key and I think I want to use (at least) 128 bit techniques although 64 bit would probably do. I intend to store the encrypted information in an NSDictionary as NSData and keep it in the application bundle. I plan to re-encrypt the keys after each use. I have code that does the archiving but I need the encryption/decryption methods. I have tried packages that are available on the internet (AquaPrime, SSCrypto) but they are difficult to manage and require a lot of busy work to keep up to date. On Jun 6, 2012, at 1:12 PM, Jens Alfke wrote: > > On Jun 6, 2012, at 9:51 AM, Charlie Dickman wrote: > >> Can someone direct me to some documentation on how to do data encryption in >> Cocoa/Objective C/C? > > That's a pretty broad question! What type of encryption — symmetric or > asymmetric (aka public key)? Any particular algorithm? Are you implementing > the decryption as well or is that done by an existing implementation? How is > the data going to be stored/transmitted and what strength of security do you > need? > > Maybe it's best if you describe at a high level what you need to accomplish. > > I could point you to documentation, but you're not going to like it :/ In > general this is in the Security framework, although some stuff is in > CommonCrypto. The APIs are complicated, badly designed, and have changed over > time; and the documentation is quite inadequate. I have found this to be the > single most frustrating area to work on in Mac OS or (especially) iOS, worse > even than audio. Be warned: Here Be Dragons. > > I do have a framework called MYCrypto* I wrote a few years ago that tries to > put a friendly face on this stuff. It's still useable, but in 10.7 Apple > decided to suddenly deprecate the standard APIs I was using in favor of newer > APIs that I still haven't completely figured out :-p so MYCrypto needs either > the 10.6 SDK or deprecation warnings disabled. > > Also, if you are going to do anything serious with security (i.e. anything > that people other than you are going to rely on), you really need to learn > some fundamentals. I highly recommend the book "Practical Cryptography" by > Fergusen & Schneier. It's very easy to get things wrong if you don't know > what you're doing, and unlike typical bugs that will be triggered or not by > random chance, with security you have very smart and motivated people > actively trying to find and exploit your bugs. > > —Jens > > * https://github.com/snej/MYCrypto Charlie Dickman 3tothe...@comcast.net _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
