1

I want to transfer my NSObject "RND_PatientData" which is encrypted from my application to another person using the application using AirDrop. At present my data is saved using this code:

 - (RND_PatientData *)data {
if (_data != nil) return _data;

NSString *dataPath = [_docPath stringByAppendingPathComponent:kDataFile];
NSData *codedData = [[NSData alloc] initWithContentsOfFile:dataPath];
if (codedData == nil) return nil;
NSString *deviceName = [[UIDevice currentDevice] name];


NSData *decryptedData = [RNDecryptor decryptData:codedData withSettings:kRNCryptorAES256Settings password:deviceName error:nil];


NSKeyedUnarchiver *unarchiver = [[NSKeyedUnarchiver alloc] initForReadingWithData:decryptedData];
_data = [unarchiver decodeObjectForKey:kDataKey];
[unarchiver finishDecoding];
return _data;
}

 - (void)saveData {

if (_data == nil) return;

[self createDataPath];

NSString *dataPath = [_docPath stringByAppendingPathComponent:kDataFile];
NSMutableData *data = [[NSMutableData alloc] init];
NSKeyedArchiver *archiver = [[NSKeyedArchiver alloc] initForWritingWithMutableData:data];
[archiver encodeObject:_data forKey:kDataKey];
[archiver finishEncoding];
NSError *error;
NSString *deviceName = [[UIDevice currentDevice] name];

NSData *encryptedData = [RNEncryptor encryptData:data
                                    withSettings:kRNCryptorAES256Settings
                                        password:deviceName
                                           error:&error];

[encryptedData writeToFile:dataPath atomically:YES];

This data is also encrypted using the device UDID and the RNDecryptor library before being saved. Now, I would like the perosn to be able to transfer the data via AirDrop. Is it better to decrypt the data on the sender phone and then transfer it unencrypted and encrypt it on the receiver phone using the same framework or to transfer it encrypted and decrypt it using the sender device UDID?

I load my current data as a NSMutableArray :

   _patients = [RND_PatientDB loadDocs];

The method goes as follow:

   + (NSMutableArray *)loadDocs {

// Get private docs dir
NSString *documentsDirectory = [RND_PatientDB getPrivateDocsDir];
NSLog(@"Loading patients from %@", documentsDirectory);

// Get contents of documents directory
NSError *error;
NSArray *files = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:documentsDirectory error:&error];
if (files == nil) {
    NSLog(@"Error reading contents of documents directory: %@", [error localizedDescription]);
    return nil;
}
// Create Patients for each file
NSMutableArray *retval = [NSMutableArray arrayWithCapacity:files.count];
for (NSString *file in files) {
    if ([file.pathExtension compare:@"patients" options:NSCaseInsensitiveSearch] == NSOrderedSame) {
        NSString *fullPath = [documentsDirectory stringByAppendingPathComponent:file];
        RND_Patient *doc = [[RND_Patient alloc] initWithDocPath:fullPath];
        [retval addObject:doc];
    }
}

return retval;

  }
  + (NSString *)nextPatientDocPath {

// Get private docs dir
NSString *documentsDirectory = [RND_PatientDB getPrivateDocsDir];

// Get contents of documents directory
NSError *error;
NSArray *files = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:documentsDirectory error:&error];
if (files == nil) {
    NSLog(@"Error reading contents of documents directory: %@", [error localizedDescription]);
    return nil;
}
// Search for an available name
int maxNumber = 0;
for (NSString *file in files) {
    if ([file.pathExtension compare:@"patients" options:NSCaseInsensitiveSearch] == NSOrderedSame) {
        NSString *fileName = [file stringByDeletingPathExtension];
        maxNumber = MAX(maxNumber, fileName.intValue);
    }
}
// Get available name
NSString *availableName = [NSString stringWithFormat:@"%d.patients", maxNumber+1];
return [documentsDirectory stringByAppendingPathComponent:availableName];

}

I've tried following instructions here to send NSArray via AirDrop, but I cannot understand how the certificate works. Anyone has ressources I can use to learn more about this procedure? Also am I doing it the right way or is there an easier method to send my NSMutableArray of _patients comprised of RND_PATIENT NSObject to another person using my application?

Paulw11
  • 108,386
  • 14
  • 159
  • 186
Robert Avram
  • 37
  • 6
  • 2
    You seem to be using the device name - which can be changed at any time in settings and is also freely available - as the encryption password. This is a bad idea. If you want to encrypt data on the device you are much better off using the data protection capabilities that are built in to iOS. Encrypting before transferring is only of use if you can exchange keys in some secure manner. If you are simply sending a symmetrical key over the same link that you don't trust then there is no security. – Paulw11 Oct 24 '14 at 22:49
  • @Paulw11 - Thank you I switched it for UDID now which is better. – Robert Avram Oct 26 '14 at 19:44
  • Do you mean `identifierForVendor`? UDID is no,longer available – Paulw11 Oct 26 '14 at 19:46
  • @Paulw11 : Yes - I used IDentifierforVendor. Any problem with this way of encoding data? – Robert Avram Oct 27 '14 at 07:17
  • As long as you are aware that it can change if your app is removed and reinstalled – Paulw11 Oct 27 '14 at 07:59

0 Answers0