发送设备安全令牌为的APN [英] Sending Device Token Safely for APNs

问题描述

对于需要推送通知iOS应用程序，它必须首先要求用户是否允许这样做。在此之后，将产生一个装置的令牌和与此，远程服务器可以通过该标记的用户通信。

For iOS applications that require push notifications, it must first request the user for permission to do so. After that, a device token is generated and with this, the remote server may communicate to the user through this token.

我在这里读类似的问题，我不觉得这是不够。下面的图片是一个受信任的证书，它可以让我查看该设备上发生的所有流量。

I have read a similar question here and I do not feel it is enough. The picture below is a trusted certificate, it allows me to view all traffic that happens on this device.

使用 Fiddler2 还有的 CertMaker ，我可以嗅出HTTPS流量，这意味着客户端大概可以知道他们在哪些发送的数据，到哪里。

With Fiddler2 as well as CertMaker, I can sniff HTTPS traffic, which means the client can probably know what data they are sending, and to where.

我的问题是，明知SSL未从保护我的客户看不到什么固定送我到远程服务器，我应该简单地用我的应用程序中发现了一个秘密密钥encypt？

My question is, knowing that SSL is not secure from protecting my clients from seeing what I send to the remote server, should I simply encypt with a secret key found within my application?

如加密（device_token，secretkey_a0a0a0a）（pretend这是Objective-C的）？

Such as encrypt("device_token","secretkey_a0a0a0a") (pretend this is Objective-C)?

不能只是​​有人找到我的应用程序中的关键？我也读<一个href=\"http://stackoverflow.com/questions/6305808/is-it-possible-to-trace-back-a-string-inside-an-ipa-binary\">this的问题，似乎有可能取回秘密密钥

Couldn't someone just find that key within my application? I also read this question, and it seems that it would be possible to get back the secret key.

我对这个计划是这样的：

My plan for this goes like this:

1. 在iPhone应用程序，生成一个名为随机字符串激活。


2. 加密（不乱码），令牌由随机字符串和的密钥，我才知道。 （secretkey_a0a0a0）


3. 发送加密的字符串与生成的随机生成的字符串一起（活动）。


4. 在服务器端，我检查，如果我可以使用有效和我的秘密密钥解密有效令牌。


5. 我保存在我的数据库中的令牌，如果它是有效的。

1. Within the iOS application, Generate a random string named activate.
2. Encrypt (not hash), the token by the random string and a secret key that I only know. (secretkey_a0a0a0)
3. Send the encrypted string along with the generated randomly generated string (active).
4. Within serverside, I check if I can decrypt a valid token from using the active and my secret key.
5. I save the token in my database if it is valid.

这prevents人随机进入令牌是的，但是， secretkey_a0a0a0 是一个字符串文字。这是非常可能的应用程序二进制文件本身中得到这个。

This prevents people from random entering tokens yes, however, secretkey_a0a0a0 is a string literal. It's very possible to get this within the application binary itself.

我的问题是，如何保护这些密钥？答案还可以，我怎么能prevent人发送无效令牌到我的服务器上。

My question is, how do I protect this secret key? The answer can also be, how can I prevent people from sending invalid tokens to my server as well.

我听说过加密，但并不只适用于资源文件？

I have heard of encryption, but doesn't that only apply to resource files?

我应该如何处理这个？

推荐答案

如果你这样做了SSL的钢钉（ AFNetworking 已实施此），您将无法（在合理的时间内）嗅探客户端和服务器之间的HTTPS流量，如果你没有服务器私钥。

If you do SSL-Pinning ( AFNetworking has this implemented ) you won't be able to (in a reasonable timeframe) sniff the https traffic between the client and server if you don't have the servers private key.

这篇关于发送设备安全令牌为的APN的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！