views:

473

answers:

4

Hi All,

I am new to Iphone development , I want to create an application in which I have to upload some data on php server using my Iphone application. For this I have an file on the Iphone whose content I have to upload on php server. For this I have converted the content of the file in NSData and now I want to encrypt this nsdata object and then pass it to the php server and on php server firstly I have to decrypt the nsdata object then I have to upload it on the server.

But I am not able to find any way by which I can encrypt some data in Iphone app and then decrypt it in php.

And also I want to compress the encrypted data before transferring it to php and then uncompress that data on php.

The complete flow of my application is

           IPhone

NSData --> Encrypted NsData --> Compressed Encrypted Data

           php

Compressed Encrypted Data --> uncompressed encrypted data --> decrypted (original) NSData.

Can some one help me how can I develop such application?

Thanks in advance.

Gaurav

A: 

The best way would probably be to encrypt NSData with a public key crypto system, distribute a public key with the application, encrypt, then only your PHP application would be able to decrypt with the private key.

In PHP, you can use OpenSSL to implement public/private key encryption.

$key = openssl_pkey_get_private('file:///path/to/my/secure/privatekey', $my_secure_passphrase);
openssl_private_decrypt($nsdata, $decrypted_data, $key);

openssl_private_decrypt() is incredibly useful in that only it can decrypt the NSData from your phones as long as only you possess the private key. I'm not sure what the iPhone has in the way of encryption, but I'm positive there's a way to encrypt using a public key.

Xorlev
A: 

You might want to give a look to AES encryption support in CommonCrypto .

I'd suggest writing a category for NSData that handles the encryption. Given that you need to be able to interoperate between different systems, be sure to understand the concepts of "salt" and "initial value vector (IV)".

As Xorlev said, the best security is obtained by using a public key crypto.

Take care about how openssl stores the salt, it's before the encrypted data. something like:

the string "Salted__" followed by the 8 bytes salt and the encrypted data.

If you don't need strong security, just do symmetric crypto.

dwery
+2  A: 

I wrote an article about this in my blog: http://www.em-motion.mobi/?p=139

Marcelo Emmerich
A: 

hi

I am also in that same situation . But I am not using PHP, Using java server. Can you help me to implement this . Can you give me a good solution?