I'm looking to encrypt user data in an app, and the NSFileProtection mechanism looks perfect for this.
This SO Question / Answer thread pointed me at the WWDC 2011 Video Securing iOS Apps which gave the 'too good to be true' tip of setting Data Protection across the app via entitlements (see from 33 minutes in).
So, I tried this for my iOS 5.x+ app, and ran into the problem where it complains about Invalid Entitlements.
I've configured Data Protection for the specific app via the iOS Provisioning Portal, and updated my app Provisioning, so in theory I should all be set, but I still get the error.
If I remove the specific FileProtectionComplete setting from the Entitlement, the app runs without the Invalid Entitlement error.
In investigating this, I also saw the some folk are getting their apps rejected (at the point they upload the binary) as this isn't supported (or deprecated?). Please note that I'm specifically asking about Data Protection, and not Passbook.
At this stage, I'm thinking, maybe it really is, 'too good to be true'. So, I'm about to give up on this magic entitlements flag, and instead use the programmatic method, of adding NSFileProtectionComplete as a write option.
However, before I do that, can anyone confirm they've been able to successfully add Data Protection just by using the Entitlements flag? Thanks.