iOS inter-app communication - ios

I am wondering what is considered the most secure way of two apps exchanging data within Cocoa Touch env.
I am very much new in iOS development and swift development and I am just looking to explore another part of the OS capabilities.
I read about App Groups sharing a location (directory) where files can be exchanged but also about URL schemas between apps to share data.
Are there any other ways of inter-app data exchange? And which is considered the most secure one?

It depends on what you consider secure, but the iOS Keychain may fit your needs. The iOS Keychain is password protected and can be accessed by other applications that you authorize.
Take a look at the official Keychain Services Programming Guide and this article explain how it works.

Related

How to establish bidirectional communication between two iOS apps

I have to establish bidirectional communication between my iOS apps. The data that have to be exchanged were text and json. Is it possible with the file sharing feature of app extension? If so, is there a sample that is available to guide through the steps? What are the pre-requisites to create the group id for app group?
You won't be able to speak to another bundle, this is more of an Android behaviour.
Your only way is to use an intermediate server, and that could be a complete book.
What I suggest, is having your files/data stored online, and build both your apps to be able to read and write on that server.

iCloud for web application

Has Apple provided public API for web applications?
I want to build an application which will be similar to dropbox.
I want the user to be able to manage files and edit them from their devices (iphone/ipad/mac) and from website (any browser based) too.
Is this possible now to see the list of files using iCloud API?
Thanks.
As I just stumbled across this thread while searching for a solution for iCloud contacts in my web-app, I just wanted to add that nowadays CloudKit JS seems promising for this use case. It's a bit unfortunate it needs an app on its side, but it's still better than nothing :)
Can I use iCloud API in web application?
No, Apple only provides APIs that can be used within native apps on iOS or OS X devices. There's no documented API that could be used for a browser-based interface to a user's iCloud account (some API apparently exists, since Apple uses it, but third parties do not have access).

Low Level Network Traffic Access on iOS Device

I'm looking for a way to develop an iOS in which I can access all network traffic, (I mean System-Wide) and route it through my app. Something like a proxy server but notice that I want to force the route and access all the traffic not only web requests (Something like what VPN Connections do).
I think that may go a bit beyond Apple limitations regarding App Store Guidelines. Any VPN API accessible for doing that ? Any practical suggestion or description on undocumented and private APIs is really appreciated.
P.S: This article may help understanding what I'm looking for;
To be able to do VPN functionalities you have to create a vpnplugin, the problem is that it's a pseudo-Private API, I'm saying "pseudo" because there are companies that had access to the documentation and there are apps on the App Store that uses it (OpenVPN connect for example). You can try reverse engineering some of those app plugins (it's the folder with the .vpnplugin extension).
By the way, someone already did that and published the vpn plugin API to github: https://github.com/Smartype/iOS_VPNPlugIn/blob/master/iOSVPNPlugIn.h
Network Extension of iOS9 will allow custom VPN tunnel implementations and NEPacketTunnelProvider is probably what you are looking for.
Check out the WWDC video.
https://developer.apple.com/videos/wwdc/2015/?id=717
You need to send an email to apple to get access to this function.
https://github.com/shadowsocks/shadowsocks-iOS/issues/124

Application-specific file encryption in iOS

I need to develop some simple demonstration of an application reading a file over HTTPS and saving it to the local memory (internal or external) of an iOS device (e.g., an iPhone), in a way that it is only accessible to it. So, application-specific file encryption is required.
The "Advanced App Tricks" page of the Apple iOS Developer Library, in the "Protecting Data Using On-Disk Encryption" section, seems to imply that a file encrypted on disk, via either Default (i.e., iOS filesystem) or "Complete" Data Protection, would be accessible by all applications, after the user types the device's lock code.
If that is the case, could someone please suggest the best way of implementing file encryption per-application on an iOS device, with a password request when a user tries to open the file? Any sample code would also be very helpful.
Also, does "software encryption" apply to iOS anymore? Both Default and Data Protection encryption seem to be hardware-based.
Thanks!
Application files are not accessible between Apps. Each App is individually sandboxed.
In all cases the document is talking about the access available to "Your App"/ It is never accessible to another App. But see below. Sone of the protection options help cover what and when "Your App" has access to the file when in the background.
JailBroken iOS devices will have greater file system access so adding "Data Protection" will protect from this vector.
See the document session on The iOS Environment and particularly the section "The App Sandbox" iOS Environment
Hardware encryption: There are a few things that hardware encryption provide. 1. Speed. 2. The encryption method can not be changed, that is as with software encryption there is no code that could be compromised. 3. The key can not be accessed. The key is in some manner placed/created in the hardware and the hardware will does not allow read access (there are occasionally very secure export capabilities). The device is asked to perform crypto functions on data and returns data. Examples of this are smart cards, HSMs, TPMs and TPM Equivalents, the iPhone has a TPM Equivalent and that is used for the Keychain. By chance my wife and I were discussing this very topic yesterday. :-)
As far as I know, for encryption of bulk data, iOS does use special hardware instructions to aid AES encryption for speed but that would not be considered hardware encryption due to the key being available in software. There is a little guessing here due to the lack of information about the Apple A-series ARM chips, it is true of the Intel chips in Macs.

encrypting/ decrypting strings to text

I am creating an app that would allow people to share sensitive info with each other via the iphone sms app. I want to make use of the security framework that apple provides, using keys that the people sharing that data know before hand to encrypt and decrypt strings. I don't have much knowledge about the whole keychain system on iOS devices or security protocols in general so does anyone know any good resources for learning about this stuff?
Try
http://useyourloaf.com/blog/2010/3/29/simple-iphone-keychain-access.html
http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code
http://dev-metal.blogspot.com/2010/08/howto-use-keychain-in-iphone-sdk-to.html

Resources