{"id":5070,"date":"2014-03-30T18:34:49","date_gmt":"2014-03-30T18:34:49","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2014\/03\/30\/xcode-hide-protect-resource-files-in-final-ios-app-collection-of-common-programming-errors\/"},"modified":"2014-03-30T18:34:49","modified_gmt":"2014-03-30T18:34:49","slug":"xcode-hide-protect-resource-files-in-final-ios-app-collection-of-common-programming-errors","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2014\/03\/30\/xcode-hide-protect-resource-files-in-final-ios-app-collection-of-common-programming-errors\/","title":{"rendered":"Xcode: hide \/ protect resource files in final iOS app?-Collection of common programming errors"},"content":{"rendered":"<p>There&#8217;s many ways to protect your data, depending on how good you want the protection to be. For very minimal protection against only casual hackers, you could use a string <strong>obfuscation<\/strong> algorithm to obfuscate and de-obfuscate the HTML content as <code>NSString<\/code>s. Here&#8217;s an example of doing that. I haven&#8217;t used that particular code, but I&#8217;m also not really recommending <em>obfuscation<\/em> as a technique, unless the data really isn&#8217;t very sensitive.<\/p>\n<p>The better solution is to <strong>encrypt<\/strong> the HTML content, although that&#8217;s more work, and may involve some export control issues, depending on where you are, and where you&#8217;re distributing your app.<\/p>\n<p>For encryption, you have lots of options.<\/p>\n<p><strong>1)<\/strong> Here is an open source implementation that provides a secure version of something like <code>NSUserDefaults<\/code>. I don&#8217;t see an equivalent to <code>registerDefaults:<\/code> in that code, though, so it&#8217;s possible that the <strong>first<\/strong> time your app runs, you may have to download the content from the web. But, then you could encrypt and store it in <code>PDKeychainBindings<\/code> as a string value. On subsequent runs, you could then extract stored HTML <em>&#8220;files&#8221;<\/em> like this:<\/p>\n<pre><code>NSString* webPageContent = \n    [[PDKeychainBindings sharedKeychainBindings] valueForKey: @\"index.html\"];\n<\/code><\/pre>\n<p><strong>2)<\/strong> Here&#8217;s another open source project that provides AES encryption wrappers. You would write some non-production code before releasing your app to encrypt the HTML content into encrypted data files that would be bundle resources. When your app runs, it opens the files and decrypts them into <code>NSString<\/code> objects which can be given to your <code>UIWebView<\/code> via <code>loadHTMLString: baseURL:<\/code>.<\/p>\n<p><strong>3)<\/strong> Finally, here&#8217;s another example of using the underlying <strong>CommonCrypto<\/strong> APIs to protect bundle resources. This example uses a custom build step to automatically encrypt resources in a particular folder, which would save you some time if your protected HTML content is going to change reasonably often.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There&#8217;s many ways to protect your data, depending on how good you want the protection to be. For very minimal protection against only casual hackers, you could use a string obfuscation algorithm to obfuscate and de-obfuscate the HTML content as NSStrings. Here&#8217;s an example of doing that. I haven&#8217;t used that particular code, but I&#8217;m [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5070","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5070","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=5070"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5070\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=5070"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=5070"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=5070"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}