I'm need to wipe an NSString (It is an existing SKD that I will probably wont be able to change method signatures in as clients are working with it already.
For Security reasons that emerged right now we Need to wipe the bytes in the NSStrings we have.
I found the code below that suppose to give me a pointer to the CFString underlying pointer and from there I supposably can use memset to wipe the data.
(unsigned char*) CFStringGetCStringPtr((CFStringRef) password, CFStringGetSystemEncoding());
- I am not setting a specific encoding for the the NSString.
- Is there a way to get the NSString encoding?
I've tried the code below and it didn't work:
unsigned char *charPin = (unsigned char*) CFStringGetCStringPtr((CFStringRef) pin, CFStringGetSystemEncoding());
if (charPin == NULL) {
for (int i = 0; i < kCFStringEncodingShiftJIS_X0213_00; ++i) {
charPin = (unsigned char*) CFStringGetCStringPtr((CFStringRef) pin, (CFStringEncodings)i);
if (charPin != NULL) {
break;
}
}
}
memset(charPin, 0, [pin length]);
pin = nil;
kCFStringEncodingShiftJIS_X0213_00 is the last member of the CFStringEncodings enum
charPin is still NULL after looking for all the possible encodings and this is kind of impossible, Unless i'm missing something.
Any ideas or comments?
Please don't say that I need to change the NSString to something else...
10x