I am trying to encrypt NSString of both NSString and NSData in Objective-C, and so I started searching.
I started from here , but unfortunately it hit my head.
Then I found myself in this post , and it was very easy to follow, so I went and tried to figure out the implementation . Having studied the implementation, I saw the second answer on this post and saw that it had more adaptive implementations that led me to configure it . According to the gist readme, he "took down this Gist due to concerns about the security of the encryption/decryption" . This makes me think that implementation security from above also has security flaws.
From the same principle, he mentioned another alternative that I could use for encryption. After looking at the code, I noticed that it generates NSData using "a header, encryption salt, HMAC salt, IV, ciphertext, and HMAC" . I know how to handle this in order to decode the same library again, but how would I pass this to the server, given that I do not quite understand what I am sending to it?
At the heart of all this, I am above my head. Given what I said above, and knowing that I donβt have time to take on a lot of training for this, if only if it is absolutely necessary, what is the best way to handle this encoding / decoding process, given the private key with the ultimate goal ship it to a server that is not developed by me? (How's it for a run in a sentence!)
source share