当前位置：文江博客话题详情

已编译的 iOS 应用程序 (IPA) 中的内容加密

发布于 2024-11-10 18:00:50 字数 79 浏览 4 评论 0原文

由于 IPA 结构只是一个包含编译代码和代码的压缩文件。图像等媒体内容音频，如何保护内容不被他人提取和窃取？我可以在 IPA 中添加任何加密吗？

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

喜爱皱眉﹌ 2024-11-17 18:00:50

这个答案提到应用程序在进入用户设备时已经加密： Apple 是否会修改提交到 App Store 的应用程序上的 iOS 应用程序可执行文件？

抱歉，那是仅应用程序二进制文件。其他媒体未加密，并且没有办法加密 .ipa。您可以尝试加密系统上的图像和其他媒体，提供一堆应用程序代码来在应用程序运行时解密这些资源，然后您的解密代码将成为加密的应用程序二进制文件的一部分。但您不能提交加密的 IPA，它需要是从 Xcode 直接输出的文件。

针对您的评论，我过去使用的是 CommonCrypto。您可以使用此加密库作为起点。

上述简单用法示例：

NSError *error;
NSMutableData *encryptedData = [NSMutableData dataWithContentsOfFile:pathToEncryptedFile];
NSData *decryptedData = [RNDecryptor decryptData:encryptedData
                                withPassword:@"SuperSecretDecryptionKey"
                                       error:&error];
UIImage *decryptedImage = [UIImage imageWithData:decryptedData];

此处重要说明：如果有人要在越狱的 iPhone 上运行 .app 上的 strings 实用程序，或者即使在 iPhone 上，他们可以通过 USB 访问文件系统，他们也会获得应用程序中声明的所有字符串的列表。这包括“SuperSecretDecryptionKey”。因此，您可能想要使用整数、浮点或其他常量来即时生成字符串解密密钥，或者确保用于解密的字符串与正常的系统字符串完全相同，以便没有人怀疑它是真正的钥匙。在这种情况下，通过隐匿性实现安全性是有利的。

要加密/解密 *.strings 文件，您应该以某种方式加密键和值字符串（可能是一种为您提供十六进制返回值或任何字母数字字符的方式），并且当您想要访问给定的值，例如 LicenceNumber，执行以下操作：

NSError *error;
NSData *unencryptedKey = [@"LicenceNumber"
                               dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedKey = [RNEncryptor encryptData:unencryptedKey
                                withSettings:kRNCryptorAES256Settings
                                      password:@"SuperSecretEncryptionKey"
                                         error:&error]
NSData *encryptedValue = [[NSBundle mainBundle]
                                 localizedStringForKey:[NSString
                                  stringWithUTF8String:[encryptedKey bytes]]
                                 value:@"No licence"
                                 table:@"EncryptedStringsFile"];
NSData *decryptedValue = [RNDecryptor decryptData:encryptedValue
                                withPassword:@"SuperSecretDecryptionKey"
                                       error:&error];

This answer mentions that the application is already encrypted by the time it gets onto your users' devices: Does Apple modify iOS application executables on apps submitted to the App Store?

Sorry, that's only the application binary. The other media are not encrypted, and no, there's no way to encrypt the .ipa. You could try encrypting your images and other media on your system, providing a bunch of application code to decrypt those resources when the app runs, and then your decryption code will become a part of the encrypted application binary. You can't submit an encrypted IPA though, it needs to be the file directly output from Xcode.

In response to your comment, the one I've used in the past is CommonCrypto. You can use this crypto library as a starting point.

Simple usage example of the above:

NSError *error;
NSMutableData *encryptedData = [NSMutableData dataWithContentsOfFile:pathToEncryptedFile];
NSData *decryptedData = [RNDecryptor decryptData:encryptedData
                                withPassword:@"SuperSecretDecryptionKey"
                                       error:&error];
UIImage *decryptedImage = [UIImage imageWithData:decryptedData];

IMPORTANT NOTE HERE: IF someone was to run the strings utility on your .app on a jailbroken iphone, or even on an iPhone they have filesystem access to via USB, they will get a list of all strings declared in your app. This includes "SuperSecretDecryptionKey". So you may want to use an integer, floating-point or other constant to do on-the-fly generation of a string decryption key, or make sure that the string you use to decrypt things is exactly the same as a normal system string so no-one suspects it as the true key. Security through obscurity, in this case, is advantageous.

To encrypt/decrypt *.strings files, you should encrypt the key and value strings in some manner (maybe one which gives you hexadecimal back, or any alphanumeric characters), and when you want to access a given value, say LicenceNumber, do this:

NSError *error;
NSData *unencryptedKey = [@"LicenceNumber"
                               dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedKey = [RNEncryptor encryptData:unencryptedKey
                                withSettings:kRNCryptorAES256Settings
                                      password:@"SuperSecretEncryptionKey"
                                         error:&error]
NSData *encryptedValue = [[NSBundle mainBundle]
                                 localizedStringForKey:[NSString
                                  stringWithUTF8String:[encryptedKey bytes]]
                                 value:@"No licence"
                                 table:@"EncryptedStringsFile"];
NSData *decryptedValue = [RNDecryptor decryptData:encryptedValue
                                withPassword:@"SuperSecretDecryptionKey"
                                       error:&error];

回复收藏 0 原文

~没有更多了~