I'm refactoring an order processing app to include CoreData so it can cache large amounts of data, and some of the data includes some identity sensitive stuff I'd rather encrypt than not. This app will be used in a location that is a big target for hackers. So I decided before I get too far, I'd better use something like EncryptedCoreData to secure the database.
Following directions from this article proved to be more difficult than the author implied, at least for a beginner to CoreData such as myself.
I did get the pod installed and set up a bridging header so I can access it in my Swift project, but have no idea where the code he is referencing should go, or what URL to use, etc.
The accepted answer for a similar question here makes enough sense to me that I reproduced it, but it's not updated for Swift 4 and I'm getting two errors:
lazy var persistentContainer: NSPersistentContainer = {
let container = NSPersistentContainer(name: "DataModel")
let containerOptions : NSDictionary = [
EncryptedStorePassphraseKey : "someKey",
EncryptedStore.optionFileManager() : EncryptedStoreFileManager.default()// Error: Use of unresolved identifier 'EncryptedStoreFileManager'
]
let desc = try! EncryptedStore.makeDescription(options: containerOptions as! [AnyHashable : Any], configuration: nil)// Error: Type 'EncryptedStore' has no member 'makeDescription'; did you mean 'debugDescription'?
container.persistentStoreDescriptions = [desc]
container.loadPersistentStores(completionHandler:
{ (storeDescription, error) in
if let error = error as NSError?
{
// Replace this implementation with code to handle the error appropriately.
/*
Typical reasons for an error here include:
* The parent directory does not exist, cannot be created, or disallows writing.
* The persistent store is not accessible, due to permissions or data protection when the device is locked.
* The device is out of space.
* The store could not be migrated to the current model version.
Check the error message to determine what the actual problem was.
*/
fatalError("Unresolved error \(error), \(error.userInfo)")
}
}
)
return container
}()
I can resolve "Error: Use of unresolved identifier 'EncryptedStoreFileManager'" easily enough by commenting out this portion of the code - I suspect it is no longer necessary. The second error is harder though - EncryptedStoreDescription is not a class that I can see, so I can't access an initializer, and EncryptedStore no longer has a method for creating a description.
What am I missing?
EDIT: The following attempted solution did not work.
I figured out the following UNTESTED implementation, I'm hoping I'll have some success. Will update if I run into trouble.
lazy var persistentContainer: NSPersistentContainer = {
let container = NSPersistentContainer(name: "DataModel")
container.loadPersistentStores(completionHandler:
{ (storeDescription, error) in
if let error = error as NSError?
{
// Replace this implementation with code to handle the error appropriately.
// fatalError() causes the application to generate a crash log and terminate. You should not use this function in a shipping application, although it may be useful during development.
/*
Typical reasons for an error here include:
* The parent directory does not exist, cannot be created, or disallows writing.
* The persistent store is not accessible, due to permissions or data protection when the device is locked.
* The device is out of space.
* The store could not be migrated to the current model version.
Check the error message to determine what the actual problem was.
*/
fatalError("Unresolved error \(error), \(error.userInfo)")
}
}
)
do
{
let containerOptions : NSDictionary = [
EncryptedStorePassphraseKey : "someKey"
]
guard let appSupportDirURL = FileManager.default.urls(for:.applicationSupportDirectory, in:.userDomainMask).last else
{
throw RuntimeError("appSupportDirURL was nil")
}
try FileManager.default.createDirectory(at: appSupportDirURL, withIntermediateDirectories: true, attributes: nil)
try container.persistentStoreCoordinator.addPersistentStore(ofType: EncryptedStoreType, configurationName: nil, at: appSupportDirURL, options: containerOptions as? [AnyHashable : Any])
}
catch
{
print("WARNING!! : "+error.localizedDescription)
}
return container
}()
EDIT: Although it compiles, I run into this error with this implementation:
2019-03-06 17:01:36.771430-0700 Yah-El[1060:1310006] [error] error: -addPersistentStoreWithType:EncryptedStore configuration:(null) URL:file:///var/mobile/Containers/Data/Application/AF6374B3-9127-4E2E-9CAF-D9C89D050D51/Documents/ options:{
EncryptedStorePassphrase = someKey;
} ... returned error Error Domain=NSSQLiteErrorDomain Code=14 "(null)" UserInfo={EncryptedStoreErrorMessage=unable to open database file} with userInfo dictionary {
EncryptedStoreErrorMessage = "unable to open database file";
}
CoreData: error: -addPersistentStoreWithType:EncryptedStore configuration:(null) URL:file:///var/mobile/Containers/Data/Application/AF6374B3-9127-4E2E-9CAF-D9C89D050D51/Documents/ options:{
EncryptedStorePassphrase = someKey;
} ... returned error Error Domain=NSSQLiteErrorDomain Code=14 "(null)" UserInfo={EncryptedStoreErrorMessage=unable to open database file} with userInfo dictionary {
EncryptedStoreErrorMessage = "unable to open database file";
}
WARNING!! : The operation couldn’t be completed. (NSSQLiteErrorDomain error 14.)
With your second approach you were quite close, but instead of passing
appSupportDirURL(a folder!) toaddPersistentStore(), pass a database file:But instead of handling paths I think it's more convenient to just set
persistentStoreDescriptions: