tags:

views:

473

answers:

4
+1  Q: 

Encrypt nsdata in iphone and decrypt it in php

Hi All,

I am new to Iphone development , I want to create an application in which I have to upload some data on php server using my Iphone application. For this I have an file on the Iphone whose content I have to upload on php server. For this I have converted the content of the file in NSData and now I want to encrypt this nsdata object and then pass it to the php server and on php server firstly I have to decrypt the nsdata object then I have to upload it on the server.

But I am not able to find any way by which I can encrypt some data in Iphone app and then decrypt it in php.

And also I want to compress the encrypted data before transferring it to php and then uncompress that data on php.

The complete flow of my application is 

           IPhone

NSData --> Encrypted NsData --> Compressed Encrypted Data

           php

Compressed Encrypted Data --> uncompressed encrypted data --> decrypted (original) NSData.

Can some one help me how can I develop such application?

Thanks in advance.

Gaurav

A: 

The best way would probably be to encrypt NSData with a public key crypto system, distribute a public key with the application, encrypt, then only your PHP application would be able to decrypt with the private key.

In PHP, you can use OpenSSL to implement public/private key encryption.

$key = openssl_pkey_get_private('file:///path/to/my/secure/privatekey', $my_secure_passphrase);
openssl_private_decrypt($nsdata, $decrypted_data, $key);

openssl_private_decrypt() is incredibly useful in that only it can decrypt the NSData from your phones as long as only you possess the private key. I'm not sure what the iPhone has in the way of encryption, but I'm positive there's a way to encrypt using a public key.

Xorlev  2010-02-20 08:02:43
A: 

You might want to give a look to AES encryption support in CommonCrypto .

I'd suggest writing a category for NSData that handles the encryption. Given that you need to be able to interoperate between different systems, be sure to understand the concepts of "salt" and "initial value vector (IV)".

As Xorlev said, the best security is obtained by using a public key crypto.

Take care about how openssl stores the salt, it's before the encrypted data. something like:

the string "Salted__" followed by the 8 bytes salt and the encrypted data.

If you don't need strong security, just do symmetric crypto.

dwery  2010-02-20 13:18:51
+2  A: 

I wrote an article about this in my blog: http://www.em-motion.mobi/?p=139

Marcelo Emmerich  2010-05-09 14:55:57
A: 

hi

I am also in that same situation . But I am not using PHP, Using java server. Can you help me to implement this . Can you give me a good solution?

 2010-10-22 06:40:52

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases