Welcome to No-Code Mobile Integration     Advanced App Shielding     How Appdome Can Encrypt Specific Strings in Your iOS App

How Appdome Can Encrypt Specific Strings in Your iOS App

Introduction

Appdome is a no-code mobile integration platform as a service (iPaaS), supporting a wide variety of implementations for Android and iOS apps.

This Knowledge Base article explains how anybody can encrypt strings and resources of mobile apps using ONEShield by Appdome.

We hope you find it useful and enjoy using Appdome!

Overview

Developers using Appdome can inform the Appdome AppFusion process which specific strings to encrypt within their Fused iOS app!

Below you will see the steps you can take with Appdome to Encrypt Specific Strings in your iOS Apps.

Usage

Developers can specify strings for Appdome to encrypt in their code, for example:

var billingAddress = Address(
        street1: "1 Infinite Loop",
        street2:"",
        city: "Cupertino",
        state: "CA",
        zip: "95014"
)

When Fusing an app, Appdome will secure strings if the following modifications are made to the app code using SecString(“SecString:…”):

var billingAddress = Address(
        street1: SecString("SecString:1 Infinite Loop"),
        street2: "",
        city: SecString("SecString:Cupertino"),
        state: SecString("SecString:CA"),
        zip: SecString("SecString:95014")
)

The purpose of the prefix

"SecString:"

is to allow the Appdome AppFusion process to locate the strings and encrypt them, while the

SecString()

function envelope makes sure that the string’s contents are available at runtime to the application.

Encryption

Following fusion, the strings’ contents will be completely encrypted in the binary with no way to decipher them.

For example, here we have a credit-card number and CVV we want to encrypt.

var paymentMethod = PaymentMethod(
        creditCardNumber: SecString("SecString:1234-123456-1234"),
        expirationDate: Date(),
        cvv: SecString("SecString:999"))

Before fusion the strings will be in the clear:

000000010003AC50 aSecstring12341 DCB "SecString:1234-123456-1234",0
000000010003AC6B aSecstring999   DCB "SecString:999",0

After fusion, an attacker won’t be able to recognize this as a string:

000000010003AC50 DCB "f",0xB0,0xC7,0x3D,0xF4,0x5E,0x56,0x2C
000000010003AC50 DCB "E",0xA3," ",0x1E,"l0",5,"|"
000000010003AC50 DCB 0xC4,0x41,0xDD,0xEB,0xB,"?",0xE7,0x24,0xE0
000000010003AC50 DCB 0xCD,0x8C,3,0x83,0xB3,"SZ7O"
000000010003AC50 DCB 0xA7,6,0xC8,0xD0,0

Required modifications

It goes without saying that we want the written program to function correctly without it being fused (for testing etc…), therefore we need to add some boilerplate code to the Xcode project so all the syntax with

SecString("SecString:...")

will remain inert.

The following code needs to be added to the Xcode project (preferably in its root folder):

  1. OCSecString.m: 
    #import <Foundation/Foundation.h>
@interface OCSecString : NSString
@property (nonatomic, strong) NSString *stringHolder;
@end

@implementation OCSecString
- (instancetype)initWithCharactersNoCopy: (unichar *)characters
  length: (NSUInteger)length
  freeWhenDone: (BOOL)freeBuffer
{
    self = [super init];
    if (self) {
        if (characters[0] == 'S' &&
            characters[1] == 'e' &&
            characters[2] == 'c' &&
            characters[3] == 'S' &&
            characters[4] == 't' &&
            characters[5] == 'r' &&
            characters[6] == 'i' &&
            characters[7] == 'n' &&
            characters[8] == 'g' &&
            characters[9] == ':') {
            self.stringHolder = [[NSString alloc]
            initWithCharactersNoCopy:characters
            length:length
            freeWhenDone:freeBuffer];
        }
        else
        {
            NSException *ex = [
                NSException
                exceptionWithName:@"SecString format error"
                reason:@"No "SecString:" prefix found"
                userInfo:nil
            ];
            @throw ex;
        }
    }
    return self;
}

- (NSUInteger)length
{
    return self.stringHolder.length - 10;
}

- (unichar)characterAtIndex:(NSUInteger)index
{
    return [self.stringHolder characterAtIndex:index + 10];
}
@end
  2. OSecString.h: 
    #ifndef SecString_h
#define SecString_h
#import <Foundation/Foundation.h>
@interface OCSecString : NSString
@end
#endif /* SecString_h */
  3. <Project-Name>-Bridging-Header.h where <Project-Name> is the name of the project: 
    #include "SecString.h"
  4. SecString.swift: 
    import Foundation
func SecString(_ s:String) -> String {
    return OCSecString(s) as String
}

extension OCSecString {
    public convenience init(_ s:String) {
        self.init(string:s)
    }
}

That’s it, you’re ready to go!

To zoom out on this topic, visit the Mobile App Security page on our website.

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Last updated byGil Hartman

Content

Accelerating App Lifecycles
Sharing Fusion Sets with Other Teams
Sharing Fused Builds with Other Teams
Adding Context to Apps
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Adjusting App Configuration On Appdome
Customize Mobile App Branding and More Without Coding
App Publisher Service
Viewing Published Apps in the App Library Dashboard - ISV Resource
Become a Publisher on Appdome App Library
Collaborate on App Development Using Appdome's App Library
Updating Apps Listed in Appdome Library - ISV Resource
Appdome REST API
Automating Mobile App Downloads Using Appdome REST API
Automate Local Mobile App Signing using the Appdome REST API
Automate Mobile App Branding and Customization using the Appdome REST API
Automate Uploading Apps using the Appdome REST API
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Fetching State of Your Teams With Appdome Get My Teams API
Automate Mobile Apps Integration using the Appdome REST API
Appdome REST API
Automate Mobile App Signing using the Appdome REST API
Automating App Deployments Using Appdome Deployment REST API
Getting Your Team's Audit Log using Appdome REST API
Automatic App Distribution
Automatically Deploying Mobile Apps From Appdome
Automatically Distribute Apps to Google Play Store
Automatically Distribute Apps to Apple App Store
Fusing with Appdome-GO
Using Entitlements to Collaborate on Mobile Integration Projects
What Is the Appdome-GO Workflow Summary
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Appdome-GO Build to Publish API
My Profile
Analytics and Logs Available On the Appdome Platform
Sharing Templates Using Appdome-GO
Locking your Fusion set to prevent changes
Using Appdome-GO to Automate Mobile App Integration
What Is Appdome-GO
Collaborate using Appdome for Teams
Fusion on Appdome Platform
Appdome REST API
Automate Uploading Apps using the Appdome REST API
Validating Integrity of Mobile Apps Prior to Integrating Features, SDKs and APIs
Using Mobile Integration Templates with Apps
Using Appdome to Validate App Signing
Signing Apps
How to Sign Fused Apps On Appdome
Signing iOS Apps on Appdome
Signing Android Apps on Appdome
Creating an iOS Distribution Certificate and P12 File for Signing iOS Apps
Signing iOS Apps Locally
Jabber Requirements for Third Party Integration
Enabling Apple WatchKit Support During Signing
How To Sign Android Apps Locally
Extracting a SHA-1 Fingerprint from the Google Play Signing Certificate
Advanced App Shielding
OneShield
No-Code Control-Flow Relocation in Mobile Apps
Obfuscating Mobile Apps
Add Mobile App Binary Code Obfuscation Fast
Encrypting In-App Preferences in a Mobile App
Encrypting Strings and Resources of a Mobile Application
Add Tamper Prevention to any Mobile App Fast
Verifying the Integrity of a Mobile Application
How Appdome Can Encrypt Specific Strings in Your iOS App
IntroductionOverviewUsageEncryptionRequired modifications
Add Debug Prevention to any Mobile App Fast
Obfuscating Non-Native Mobile Apps Without Re-Writing Code
Protecting a Mobile Application from Reverse Engineering
Protecting and Hardening Mobile Apps With Code Obfuscation, Anti-Tampering, Anti-Debugging, and More...
How to Strip Debug Information from a mobile app
App Makers and App Publishers
Updating Apps Listed in Appdome Library - ISV Resource
Become a Publisher on Appdome App Library
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Collaborate on App Development Using Appdome's App Library
Viewing Published Apps in the App Library Dashboard - ISV Resource
Integrating Commercial ISV Apps
Using Appdome to Fuse Mobile Services to Commercial ISV Apps
Enterprise Access and Connectivity
Access
Add Microsoft Azure AD Application Proxy Accessibility to Any Mobile App Fast
Adding MicroVPN to Mobile Applications - No Coding Required
Add SCEP with Microsoft Intune to Mobile Apps for Authenticating Secure Connections
How to Change a Mobile App's User Agent - No Coding Required
Add Private Server Certificates and Authorities to Any App
F5 APM with Azure AD
Add MiTM Prevention and MicroVPN to Any Mobile App Fast
Enable Android and iOS Apps with Secure Access to Corporate Resources
Supporting Proxy PAC inside Mobile Apps
Enterprise Mobility
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Appdome Mobility Suite
Add Ability to Prohibit Camera to Any Mobile App Fast
Add Ability to Prohibit Microphone to Any Mobile App Fast
Protect Mobile Privacy and Data using Appdome
Add Ability to Prohibit Location to Any Mobile App Fast
Add Ability to Prevent App Screen Sharing to Any Mobile App Fast
Add Appdome Adaptive App Routing to Any Mobile App Fast
Webview Consolidation for High Performance EMM Tunneling
Add Any EMM Dynamic Container to Any Mobile App Fast
Customize and Extend EMM and MAM SDK Implementations
How to Extend EMM Copy-Paste Prevention to Trusted Mobile Apps
Enable ONE-AppConfig Capabilities for your Apps
Mobile Permission Control
What is EMM Authenticated Tunnel
Add Ability to Prohibit Local Contacts to Any Mobile App Fast
Add Ability to Prohibit Local Calendar to Any Mobile App Fast
Add Ability to Use In-App Calls Only to Any Mobile App Fast
Add Ability to Use In-App Messages Only to Any Mobile App Fast
Integrate Apps with AirWatch
No-Code Integration of AirWatch SDK Into Mobile Apps
Deploying Mobile Apps Fused with the AirWatch SDK
ONE-AppConfig Integration Setup with AirWatch
Integrate Apps with BlackBerry Dynamics (Good) SDK
Add BlackBerry Dynamics Authenticated Tunnel to Any Mobile App Fast
No-Code Integration of BlackBerry Dynamics SDK and BlackBerry Launcher Into Mobile Apps
Deploy Mobile Apps Integrated with the BlackBerry SDK to BlackBerry Control (Good Control)
ONE-AppConfig Integration Setup with BlackBerry
BlackBerry Dynamics Entitlement ID and Version Best Practices
Integrating Mattermost with BlackBerry Dynamics Without Coding
Deploy Mobile Apps integrated with BlackBerry SDK to BlackBerry UEM
Enabling Data Leakage Prevention (DLP) with BlackBerry Dynamics SDK
How to Add Fused Apps to BlackBerry Launcher
Integration of BlackBerry Dynamics SDK into Mobile Apps
Integrate an App with Custom EMM Policies and Populate Policies Settings in AppConfig
Integrate Apps with IBM Maas360 SDK
Deploy Mobile Apps Integrated with the IBM MaaS360 SDK
Automatically Distribute Enterprise Apps to Maas360 Store
No-Code Integration of IBM MaaS360 SDK Into Mobile Apps
Integrate Apps with Microsoft Intune SDK
Deploy Mobile Apps Integrated with the Microsoft Intune SDK
No-Code Integration of Microsoft Intune App SDK Into Mobile Apps
Add Microsoft Intune and MicroVPN Into Mobile Apps
Automatically Distribute Enterprise Apps to Intune Store
No-Code Integration of Microsoft's Secure Browser, Email and Document Sharing Into Mobile Apps
Integrate Apps with MobileIron SDK
Automatically Distribute Enterprise Apps to MobileIron Store
ONE-AppConfig Integration Setup with MobileIron Core and Cloud
Verifying that a Certificate Is Trusted by MobileIron Sentry
Use Appdome to Integrate a Mobile App with the Mobilelron AppConnect SDK
Deploy Mobile Apps Integrated with the MobileIron SDK
Use BoostEMM connect additional and new EMM services
Using Secure Document Sharing between Trusted Mobile Apps
Improved Enterprise Mobility Experiences with BoostEMM™
No-Code Integration of Microsoft's Secure Browser, Email and Document Sharing Into Mobile Apps
Using Secure Email in Mobile Apps
Using Secure Browsers in Mobile Apps
How Appdome Works
Using Appdome-GO Lifecycle API to Build Apps through CURL Commands
Appdome Account Basics
Appdome Licences
Upgrading Your Appdome Account
The Appdome IDEAL Account
The Appdome EXTEND Account
The Appdome COMPLETE Account
Determining Your Best Appdome Account
Getting Support from Appdome Mobile Integration Platform
Getting Started with Appdome
Essentials of Mobile App Integration with SDKs
Fusion Automates Integrating Mobile SDKs to Mobile Apps
Adding Mobile SDKs to the Appdome Platform
Free Trial for No-Code Mobile SDK Integration
Using Appdome to Integrate Mobile SDKs to any Mobile App
Minimal Requirements and Mobile OS Version Support Policies
Support Policy for Mobile OS, SDK, and Published App Versions
Compatibility and Guidelines to Integrate Services to Mobile Apps
Minimum requirements to use with Appdome
Start Here for the Essentials of Appdome
What is the Appdome platform?
Does Appdome Have An On-Premise iPaaS Service?
Appdome Mobile Integration Workflow
How to Upload My App to Appdome's Mobile Integration Platform
What is Appdome's My Apps?
How to Fuse Services to Apps on Appdome - End to End
What Is the Appdome Platform?
Appdome's Cloud Infrastructure Overview - Security & Disaster Recovery
Technology Overview
Appdome iPaaS Platform Security
Appdome's Mobile App Security Suite
App Wrapping vs. Fusing with Appdome
Does Appdome Add Libraries to My App?
Does Appdome Make Changes To Mobile Apps?
What is the Fusion Adapter?
When Should I Fuse Mobile Services to My App?
IPA files – Under the Hood
APK Files - Under the Hood
Mobile App Security
Prevent Key-Logging
Add the Appdome Security Suite to Mobile Apps
How to Integrate Enhanced Jailbreak and Root Detection Without Coding
Mobile Permission Control
Using FIPS 140-2 Cryptographic Modules in a Mobile App
Adding 'Detect Unknown Sources' to protect mobile apps from harmful content
Jailbreak and Root Protection For My App
Add Ability to Prevent App Screen Sharing to Any Mobile App Fast
Appdome App Integrity and Structure Scan
Add Ability to Use In-App Calls Only to Any Mobile App Fast
Add Ability to Use In-App Messages Only to Any Mobile App Fast
Data Loss Prevention
Mobile Data at Rest Exceptions and Comments
Implementing Mobile Data at Rest Encryption on Appdome
Implementing Smart Offline Handoff to your app on Appdome fast
Protect Mobile Privacy and Data using Appdome
How to add Copy/Paste Prevention to a mobile app
Implementing Smart Media Sharing on Appdome Fast
Use an External Seed for Data at Rest Encryption in Mobile Apps
Logs and Events
Configuring Appdome Security Alerts
Secure Communication
Adding URL Whitelisting to a Mobile App
Enforce TLS Cipher-Suites
Protect Against Mobile MiTM Attacks and Malicious Proxies
MitM Attack Protection using Appdome Trusted Session
Enforce TLS Version
Enforce Certificate Roles
Mobile Authentication
Appdome for Single Sign-On
Propagating Single-Sign-On Cookies To All Domains
Adding Multiple Authentication Profiles to a Single App
Blocking Malicious Redirect Requests During SSO Authentication
Adding Modern Authentication (OAuth2) to Mobile Apps
Enabling Mobile Apps to Share Authentication State
Add SSO to Any Mobile App Without Coding
Conditional Cookies
Add ADFS SSO to Any Mobile App Fast
Integrate Apps with F5 APM Single Sign-On
Add F5 APM SSO to Mobile Apps Fast
How to Configure an OAuth 2.0 Server in F5 Big-IP
Integrate Apps with Microsoft Single Sign-On
Add Microsoft ADAL to Any Mobile App Without Coding
How to Register Apps in Microsoft Azure Active Directory
Adding NTLM to Mobile Apps for Authentication to Microsoft Active Directory
Add Microsoft Azure AD SSO to Any Mobile App Fast
Integrate Apps with Okta Single Sign-On
How to Register Applications in Okta Identity Cloud Single Sign-On
Add Okta SSO to Any Mobile App Fast
Integrate Apps with ping Single Sign-On
Add Ping SSO to Any Mobile App Without Code
How to Register Apps in Ping Federate
Mobile Identity 
Using Appdome to add MFA to a Mobile App by Fusing Gemalto Mobile PKI SDK to the App
Integrating Your App with Appdome DEV-Events™ and OneLogin MFA Service
Adding PingID MFA to Your Application
Add Nexmo Verify 2FA to your application
Unlock Any Mobile App with FaceID, Fingerprint, and Pincode
Adding OneLogin MFA to Your App
Integrating your application with Appdome DEV-Events™ and Nexmo Verify 2FA service
Mobile Threat
Matching Swift Versions when Fusing F5 Anti-bot SDK
Integrate Any Mobile App with the F5 Anti-Bot SDK
Troubleshooting and Tips
Tips
What is a UDID and How Can I Obtain My iOS Device’s UDID?
Set Up a Simple Webpage to Deploy iOS Apps
Downloading Mobile Apps From Appdome
Extracting Root CA certificates from Websites
How to Obtain iOS Device Logs
Gathering Android Device Logs using ADB
Testing Fused Apps with An Android ARM Emulator
"Sideload" Apps Using MacOS
Sideload a Fused Android App from Command Line Through ADB
How to Complete Mobile Integration Projects After You Fuse Mobile Apps
Troubleshooting
Custom App Compromise Notification & Troubleshooting When an App Exits
Common Play Store Deployment Error Codes
Modifying Apps with Frameworks that Don't Allow Bundle ID Changes
Data at Rest Encryption is "ON" but there are unencrypted files inside my app’s sandbox
Extracting Extended App Logs from Your Device
Making sure that your iOS device is registered to your Development Provisioning Profile
©2018 Appdome, Inc. All rights reserved. This Website requires the use of technical cookies and, with your consent, profiling, and third-party analytics to improve your experience. If you continue to use our Website, or by clicking any items of our Website, you agree to this.
Scroll Up