Integration of Quixxi Security Framework to your app

  1. Create a XCode project
  2. Right click on the project and choose -> Add Files to Project Name
  3. Redirect to the QuixxiAppSecurity.framework that you have and click open
  4. Now we need to add the framework to the project. For that, click on the Project, choose targets of your project and choose General Tab. Under General 
  5.  Tab look for the embedded Binaries, click the (+) Plus button and choose the QuixxiAppSecurity.framework.
  6. Search for Other C Flags in build settings for your target and add -DSQLITE_HAS_CODEC (if you have differing Debug and Release flags, add it for both configurations)
  7. Drag the QuixxiActivation.framework and keys.txt file.
  8. Choose the Generic iOS Device, clean and build the project.
    Now your application is secured and ready for market release

Utility API

        In addition to features, Quixxi Security provides utility APIs for usage in application development.
        You can also check out our API Reference for more detailed information about our SDK.

Quixxi App Protector

    This will detect that device has jailbroken and application is running in debug mode.

  1. Open the Appdelegate.h and add the following line
<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">#import QuixxiAppSecurity/QuixxiAppProtector.h</span></span>


For jailbroken

        Open the Appdelegate.m and add the following lines under didFinishLaunchingWithOptions method.


<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">//To check the device is jail broken
[[QuixxiAppProtectorsharedInstance] disableAppInJailBrokenDevices];</span></span>


For debugger detection

        Open the Appdelegate.m and add the following lines under didFinishLaunchingWithOptions method

<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">//To check the device is in Debugging
[[QuixxiAppProtectorsharedInstance] disableAppInDebuggingMode];</span></span>


        The above codes will check for the device is Jailbroken and Debugging is connected.

        Quixxi Data Protector - Core Data

        Quixxi Data ProtectorforCore Data makes the core data store makes the data to be stored in the encrypted mode. After the setup,         there is no change, the usage is exactly same as working on Core Data. All the data that is present in the database will be encrypted.


<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">#import QuixxiAppSecurity/QuixxiDataProtector.h</span></span>


<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">(NSManagedObjectContext *)managedObjectContext. 
Replace the following line 
NSPersistentStoreCoordinator *coordinator = [self persistentStoreCoordinator];
with
Type 1:
NSString *password = [[NSUserDefaultsstandardUserDefaults] valueForKey:@"YourSecurePassword"];
[[QuixxiDataProtectorsharedInstance] setPassword:password];
NSPersistentStoreCoordinator *coordinator = [[QuixxiDataProtectorsharedInstance] initializePersistentStoreCoordinator:[selfmanagedObjectModel]];
Type 2: Custom Database Name, Cache Size
NSString *password = [[NSUserDefaultsstandardUserDefaults] valueForKey:@"YourSecurePassword"];
NSPersistentStoreCoordinator *coordinator = [[QuixxiDataProtectorsharedInstance] initializePersistentStoreCoordinator:[selfmanagedObjectModel] forDatabaseName:@"SampleDB.sqlite"setCacheSize:1220];</span></span>


    The above line will allow the core data store to be used in encrypted store. After the above setup, the usage of the core data will be same as usual


<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">hexdump –C database.sqlite</span></span>


The above commands output will show the encrypted database.

<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">1. Open the Appdelegate.h and add the following line
2. Look for the method
3. To test if the database is encrypted or not, choose open XCode -> choose Windows -> Devices
4. Choose the connected device and select the App -> Choose (+) and select -> Download Container. Choose the specific folder and save.
5. Open the sqlite database from the App Container.
6. Open the Command line and Give the following command.</span></span>


Quixxi Data Protector - SQLite

        QuixxiData Protectormakes the application to use the Encrypted SQLite Database. So all the data will be encrypted into cipher text with a password key. All the data that present in the database will be encrypted


#import QuixxiAppSecurity/QuixxiDataProtector.h


        The above line will be allows the core data store to be used in encrypted store. After the above setup the usage of the core data will be same as usual.


constchar* key = [@"SECRETPASSWORD"UTF8String];
sqlite3_key(_contactDB, key, (int)strlen(key));


<span style="font-size: 16px;"><span style="font-family: 'Times New Roman',Times,serif;">Example:
(void) loadDatabase :(NSString *) databaseName{
NSString *docsDir;
// Get the documents directory
docsDir = [NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES) firstObject];
_databasePath = [[NSStringalloc] initWithString: [docsDirstringByAppendingPathComponent:databaseName]];
NSFileManager *filemgr = [NSFileManagerdefaultManager];
//check for the db location
if ([filemgrfileExistsAtPath: _databasePath ] == NO)
    {
constchar *dbpath = [_databasePathUTF8String];
if (sqlite3_open(dbpath, &amp;_contactDB) == SQLITE_OK)
        {
//*** Add thes lines for the encrypted DB ***//
constchar* key = [@"SECRETPASSWORD"UTF8String];
sqlite3_key(_contactDB, key, (int)strlen(key));
//*** end encrypted DB ***//
char *errMsg;
constchar *sql_stmt = "CREATE TABLE IF NOT EXISTS CONTACTS (ID INTEGER PRIMARY KEY AUTOINCREMENT, NAME TEXT, ADDRESS TEXT, PHONE TEXT)";
NSLog(@"DB Openned!");
if (sqlite3_exec(_contactDB, sql_stmt, NULL, NULL, &amp;errMsg) != SQLITE_OK)
_status.text = @"Failed to create table";
        } else {
_status.text = @"Failed to open/create database";
        }
    }
}</span></span>


hexdump –C database.sqlite


The above commands output will show the encrypted database.

  1. Open the Appdelegate.h and add the following line
  2. Add the following two lines after open the database
  3. To test the database encrypted or not. Choose Open XCode choose Windows -> Devices
  4. Choose the Connected device and select the App -> Choose (+) and select -> Download Container. Choose the specific folder and save.
  5. Open the sqlite database from the App Container.
  6. Open the Command line and Give the following command.


Content for Storing Protected Code and Decrypting it at Runtime

Generate and save decryptionkey at runtime

  1. Create web API’s to save decryption key by passing values like identifierForVendor (to Identify each device Uniquely), AppID(Application ID to Identify each application uniquely), public key for particular device.
  2. Create a set of public and private key in device send them to server using secure channel.
  3. Send DecryptionKey as payload for this webrequest.
  4. Encrypt payload using publickey for security.

Store Encryption Key securely

  1. Save generated private key in KeychainAccess, use bundle id as key and private key as value
  2. Decrypt the EncryptionKey using private key
  3. Store Encryption in keychain access.
  4. KeychainAccess cannot be accessed in phone.
  5. For additional security encrypt the private key using some strong encryption algorithms and save it in KeychainAccess.

Decrypt protected code only when needed

  1. Get PrivateKey for from KeychainAccess using bundleId of application.
  2. Decrypt DecryptionKey using privatekey.
  3. Decrypt Protected code using DecryptionKey. Load protected code into memory and remove if any temporary files used.