Secure Contents in Documents Directory

Secure contents in Documents directory

Use:

- (BOOL)writeToFile:(NSString *)path options:(NSDataWritingOptions)mask error:(NSError **)errorPtr

with one of the file protection options:

NSDataWritingFileProtectionComplete (iOS 4.0)
NSDataWritingFileProtectionCompleteUnlessOpen (iOS 5.0)
NSDataWritingFileProtectionCompleteUntilFirstUserAuthentication (iOS 5.0)

See: Apple Documentation

NSDataWritingFileProtectionComplete

In this case, the file is stored in an encrypted
format and may be read from or written to only while the device is
unlocked. At all other times, attempts to read and write the file
result in failure.

Note: Doing your own encryption raises the problem of key storage and the best answer there is to use the Keychain. Key handling is the biggest problem and the NSData methods handle that.

Is the PathProvider documents directory a secure location?

Yes, NSDocumentDirectory on iOS and AppData on Android are secure locations.

This line from the example gives you the correct path for storing files which can only be accessed by your app:

String dir = (await PathProvider.getApplicationDocumentsDirectory()).path;


On Android dir resolves/data/data/com.yourcompany.AppName/. On iOS devices the folder is /var/mobile/Containers/Data/APP_ID/Documents.

Check the Android Security Tips , the section on Internal Storage:

By default, files that you create on internal storage are accessible
only to your app. Android implements this protection, and it's
sufficient for most applications.

The exception here is that when your app runs on a rooted Android device, the app data folder is not secure any more, see https://stackoverflow.com/a/8184699.

Related Topics