问题
I have encrypted files downloaded and available for offline view in a folder, I would like to know:
how to open them in the appropriate reader as these are ms office docs and prezi format
I suppose they will have to be unencrypted so that reader can read them but in this case how to ensure security?
which folder to use to avoid iCloud sync, I already read this Disable iCloud sync
Does iOS protects documents of the application by encryption based on app key as I read it or am I wrong?
回答1:
Speaking extemporaneously, as thoughts occur, Sven is right about UIDocumentInteractionController and that objects are identified by URL.
However, it's possible you don't need to unencrypt your files on disk for this to work. You can probably write your own little URL protocol (subclass NSURLProtocol and implement methods appropriately; you should end up checking that URLs are within the invented scheme you've created — e.g. myApplicationEncrypted:// — then posting data packets to a NSURLProtocolClient) and register it with the device via NSURLProtocol +registerClass.
You'll obviously need to decrypt between disk and protocol client. So you'll be passing unencrypted data on — you'll need to make a trust judgment on UIDocumentInteractionController.
The document interaction controller is documented to work within your app, so there shouldn't be sandbox concerns.
回答2:
You can send your documents to other apps using an UIDocumentInteractionController object. You initialize it with a file URL pointing to your document and then use one of it’s methods to present it.
This takes care of displaying a preview (if possible) and letting the user select the application the document should be opened in.
The document has to be decrypted for this to work. You then cannot make any guarantees about the security of your file - once it is handed over to another application it is out of your control.
If your app doesn’t explicitly opt-in to use iCloud sync your data will not be synced with iCloud. What will be sent to iCloud are backups of the whole device though (if enabled). There are ways to disable this for single files as you already read in the question you linked.
The iOS file protection is based on a device key, not on a per app key. This also is not necessary because apps are protected from each other by the sandbox, unless your phone is jailbroken. On a jailbroken phone there are no security guarantees.
来源:https://stackoverflow.com/questions/11930503/opening-and-storing-encrypted-documents-offline-in-ios