1

I have an app that I have enabled for Data Protection both on the developer portal AND in the project capabilities section of my target. I have created new provisioning profiles and synchronised them to my Account in Xcode. Yet, still when I build my project and download files I can view them using IExplorer (a tool for browsing the file system on iOS devices). Am I missing something? I understand that the files are inaccessible when the device is locked and has a passcode. I was under the impression that this is all now handled automatically using Xcode 5.1 so there are no Entitlements.plist files or any coding to handle this when my files get written.

UPDATE

        [[NSFileManager defaultManager] createFileAtPath:self.filePath contents:nil attributes:[Utils defaultFileProtectionAttributesDictionary]];

        @synchronized(self.fileHandle)
        {
            self.fileHandle = [NSFileHandle fileHandleForWritingAtPath:self.filePath];
        }

This code is being used to create and write my files as they download. I'm wondering if NSFileHandle has its own internal file creation methods. This is the Utils code :

+ (NSDataWritingOptions)defaultFileProtection
{
    NSDataWritingOptions result = 0;
    if (&NSFileProtectionCompleteUnlessOpen != nil)
        result = NSDataWritingFileProtectionCompleteUnlessOpen;
    return result;
}

+ (NSString*)attributeStringForFileProtection:(NSDataWritingOptions)protection
{
    NSString* result = nil;
    switch (protection & NSDataWritingFileProtectionMask) {
        case NSDataWritingFileProtectionNone:
            result = NSFileProtectionNone;
            break;

        case NSDataWritingFileProtectionComplete:
            result = NSFileProtectionComplete;
            break;

        case NSDataWritingFileProtectionCompleteUnlessOpen:
            result = NSFileProtectionCompleteUnlessOpen;
            break;

        case NSDataWritingFileProtectionCompleteUntilFirstUserAuthentication:
            result = NSFileProtectionCompleteUntilFirstUserAuthentication;
            break;

        default:
            break;
    }
    return result;
}


+ (NSDictionary*)defaultFileProtectionAttributesDictionary
{
    static NSDictionary* sDict = nil;

    NSDataWritingOptions defaultProtection = [self defaultFileProtection];
    NSString* attributeString = [self attributeStringForFileProtection:defaultProtection];

    if (attributeString && !sDict)
        sDict = @{NSFileProtectionKey: attributeString};

    return sDict;
}

If I debug this I can see that it uses NSFileProtectionCompleteUnlessOpen as its preferred protection technique. But, does it? Or does NSFileHandle just scrap all that work?

UPDATE UPDATE

Appears you do need to create the file for NSFileHandle to handle. So I am still stuck. Why does the Data Protection not seem to work?

No Idea For Name
  • 11,411
  • 10
  • 42
  • 70
Lee Probert
  • 10,308
  • 8
  • 43
  • 70

2 Answers2

0

This is now resolved. It required that the provisioning profiles be regenerated and synchronised back to Xcode. Took a few attempts to get this to work. It is also worth noting that I had to enable Data Protection within my target Capabilities in Xcode AND also from the Apple Developer Portal's App ID edit. I then had to make sure I completely regenerated all of my provisioning profiles.

Also, IExplorer is a bit deceptive : it will show you the file structure but I was unable to preview or copy the files off the device once it was locked and a passcode was applied to the iPad.

Lee Probert
  • 10,308
  • 8
  • 43
  • 70
-1

As I understand it Data protection will only work if the user set a passcode on his device http://support.apple.com/kb/HT4175?viewlocale=en_US&locale=en_US

Jorge Cohen
  • 1,512
  • 10
  • 34