I am developing a highly secured iOS application with sensitive data. I'm trying to use an AES256 encryption system to secure Data.
I followed the tutorial here https://code.tutsplus.com/tutorials/securing-ios-data-at-rest-encryption--cms-28786
Xcode 11 (Swift 5) tells me "Overlapping accesses to 'salt', but modification requires exclusive access; consider copying to a local variable"
Could you please tell how can I solve this issue please ?
Thank you.
Here's my code :
var key = Data(repeating:0, count:kCCKeySizeAES256)
var salt = Data(count: 8)
salt.withUnsafeMutableBytes {
(saltBytes: UnsafeMutablePointer<UInt8>) in//-> Void in
let saltStatus = SecRandomCopyBytes(kSecRandomDefault, salt.count, saltBytes)
if saltStatus == errSecSuccess
{
let passwordData = password.data(using:String.Encoding.utf8)!
key.withUnsafeMutableBytes { (keyBytes : UnsafeMutablePointer<UInt8>) in
let derivationStatus = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, passwordData.count, saltBytes, salt.count, CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA512), 14271, keyBytes, key.count)
if derivationStatus != Int32(kCCSuccess)
{
setupSuccess = false
}
}
}
else
{
setupSuccess = false
}
}
Finally, I resolved my issue modifying my code like this :
salt.withUnsafeMutableBytes { (saltBuffer: UnsafeMutableRawBufferPointer) in
let saltBytes = saltBuffer.bindMemory(to: UInt8.self)
let saltStatus = SecRandomCopyBytes(kSecRandomDefault, saltBytes.count, saltBytes.baseAddress!)
if saltStatus == errSecSuccess {
let passwordData = password.data(using: .utf8)!
key.withUnsafeMutableBytes { (keyBuffer: UnsafeMutableRawBufferPointer) in
let keyBytes = keyBuffer.bindMemory(to: UInt8.self)
let derivationStatus = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2), password, passwordData.count, saltBytes.baseAddress!, saltBytes.count, CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA512), 14271, keyBytes.baseAddress!, keyBytes.count)
if derivationStatus != Int32(kCCSuccess) {
setupSuccess = false
}
}
} else {
setupSuccess = false
}
}