IQrypt SDK for iOS can be embedded into your iOS app and let's you encrypt data at the client side before being sent to a cloud database(like MongoDB, CouchDB, etc).

This quick-start provides just enough information to get you started using the IQrypt iOS framework within XCode using Swift programming language (the framework is compatible with Objective-C too).

Downloading the framework

You will have to download IQrypt SDK which contains also iOS framework from here.

Add the reference and import the framework

After you have downloaded the IQrypt.framework, locate it in Finder and drag and drop it into your XCode project.

Add Required import statements

You will need the following import statements:

import IQrypt;

License Key

Before doing any operations, IQrypt requires a license key:

IQryptConfigurator.setLicense("your license key");

*You can get a free trial license key from here.

Encryption settings

Before starting encrypt/decrypt data, IQrypt requires to set the encryption cipher and the encryption key. You can set it like this:

 IQryptConfigurator.setEncryptionChiper(.AES256, encryptionKey: "my_super_secret");

*On production apps get the encryption key from a safe location- see Vault (do not embed it into the code).

Cipher is an enum type and has following values: Cipher.AES128, Cipher.AES256, Cipher.Camellia128 and Cipher.Camellia256.

With IQrypt you can encrypt database fields values/documents with different encryption schemes: OPE, DET, RND.

  • RND - randomized encryption (not searchable)
  • DET - deterministic encryption (allows EQUAL/NOT EQUAL queries, ex: WHERE field="encrypted_value")
  • OPE - order preserving encryption (allows Equality and Range queries, ex: WHERE field>"encrypted_value")

IQrypt may encrypt any Type that can be serialized to JSON but also primitive types like Int, Double, NSDate, String, etc. To start encrypt values you will need to get an IEncryptor reference. IEncryptor protocol has the following definition:

@objc public protocol IEncryptor
{
    func encrypt(obj:AnyObject) -> String
    func decrypt(encryptedStr:String, templateObj:AnyObject?) -> AnyObject?;
    func decryptBytes(encBytes:NSData)-> NSData;
    func encryptBytes(bytes:NSData)->NSData

}

So basically you can encrypt everything to a String or, if you want to encrypt files, for instance, you can use encryptBytes method.

RND encryption scheme

You can use RND encryption scheme to encrypt a full JSON document or a file, or just a document's field value. Example:

let encryptor = EncryptorFactory.getEncryptor(EncryptionType.RND);

let sensitiveInfo = "This info is sensitive";

//encrypt the string with RND encryption scheme having as cipher AES256 and encryption key material "my_super_secret"
let encryptedValue:String = encryptor.encrypt(sensitiveInfo);

Using RND encryption scheme, making successive calls and encrypt same plain text with same encryption key, it will always return different encrypted string, example:

let encryptor = EncryptorFactory.getEncryptor(EncryptionType.RND);

let sensitiveInfo = "This info is sensitive";

let encryptedValue = encryptor.encrypt(sensitiveInfo);

let encryptedValue2 = encryptor.encrypt(sensitiveInfo);

if(encryptedValue == encryptedValue2 )//this will never be true
{
    //will never reach this part
}


DET encryption scheme

DET encryption scheme is recommended to encrypt fields values by which you will need to make equality/non equality queries. If you encrypt a value with this scheme, the encrypted string will always be the same if it is used same Cipher and same encryption key example:

let encryptor = EncryptorFactory.getEncryptor(EncryptionType.DET);

let SSN = "003-62-5913";

let encryptedValue = encryptor.encrypt(SSN);

let encryptedValue2 = encryptor.encrypt(SSN);

if(encryptedValue == encryptedValue2 )//both values are equal
{
    //will always reach this part
}

OPE encryption scheme

OPE encryption scheme is recommended to encrypt fields values by which you will need to make equality/non equality but also range queries. With this encryption scheme you will be able to encrypt only: Int, Double and NSDate so far.

let encryptor = EncryptorFactory.getEncryptor(EncryptionType.OPE);

let i = 10;
let j = 11;

let encryptedI = encryptor.encrypt(i);
let encryptedJ = encryptor.encrypt(j);

let iIsLessThanJ = encryptedI < encryptedJ;

//iIsLessThanJ will be true.