gpt4 book ai didi

ios - 使用 iOS 'Protected Unless Open' 加密关闭文件时会发生什么?

转载 作者:可可西里 更新时间:2023-11-01 03:57:16 24 4
gpt4 key购买 nike

Apple 的文档说明如下:

Protected Unless Open. Files are encrypted. A closed file is inaccessible when the device is locked. After the device is unlocked, your app can open and use the file. If the user has a file open and locks the device (for example, by pressing the sleep button), your app can continue to access the file.

Enabling Store Technologies

还有:

Complete unless already open. The file is encrypted. A closed file is inaccessible while the device is locked. After the user unlocks the device, your app can open the file and use it. If the user locks the device while the file is open, though, your app can continue to access it. Specify the NSDataWritingFileProtectionCompleteUnlessOpen option (NSData) or the NSFileProtectionCompleteUnlessOpen attribute (NSFileManager).

Protecting Data Using On-Disk Encryption

这似乎是一个不错的选择,让我可以完成文件上的所有剩余工作,然后自己关闭它。文档没有说的是当我关闭文件时文件会发生什么。例如:

  1. 用户打开应用并在应用内打开文件
  2. 用户锁定设备(文件未 protected ,因为它是打开的)
  3. 应用对文件执行剩余操作
  4. 应用关闭文件

现在,文件已经关闭,是否受到保护?还是可以重开?

最佳答案

它使用公钥来确保在设备解锁之前无法打开文件。

Protected Unless Open
(NSFileProtectionCompleteUnlessOpen): Some files may need to be written while the device is locked. A good example of this is a mail attachment downloading in the background. This behavior is achieved by using asymmetric elliptic curve cryptography (ECDH over Curve25519). Along with the usual per-file key, Data Protection generates a file public/private key pair. A shared secret is computed using the file’s private key and the Protected Unless Open class public key, whose corresponding private key is protected with the user’s passcode and the device UID. The per-file key is wrapped with the hash of this shared secret and stored in the file’s metadata along with the file’s public key; the corresponding private key is then wiped from memory. As soon as the file is closed, the per-file key is also wiped from memory. To open the file again, the shared secret is re-created using the Protected Unless Open class’s private key and the file’s ephemeral public key; its hash is used to unwrap the per-file key, which is then used to decrypt the file.

来自 http://images.apple.com/iphone/business/docs/iOS_Security_Oct12.pdf (第 10 页)

关于ios - 使用 iOS 'Protected Unless Open' 加密关闭文件时会发生什么?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16194440/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com