What are the new "iOS data protection APIs"?

Question

If you Google "iphone data protection apis" you'll see a zillion hits based on press releases.

If you check out http://support.apple.com/kb/HT4175 you can see Apple making the indication directly.

Where are/what are these APIs? I've used the old crypto APIs before iOS4, so they're not those. These APIs are supposed to give MDM (Mobile Device Management)-type capability for 3rd-party apps.

TIA!

Answer 1

There are some FileProtection options you can set when writing an NSData to disk:

• NSDataWritingFileProtectionComplete
• NSDataWritingFileProtectionNone)

as well as an extended attribute, NSFileProtectionKey, you can set on pre-existing files on disk via NSFileManager:

• NSFileProtectionComplete
• NSFileProtectionNone

The app delegate is also informed of when your application is (not) going to be able to access protected data:

• -applicationProtectedDataDidBecomeAvailable:
• -applicationProtectedDataWillBecomeUnavailable:

All the gory details of encrypting and securing the data are handled by the hardware and OS on your behalf. It's fire-and-forget protection that kicks in whenever the device locks.