在Cocoa / Objective C中保护xml plists [英] Securing xml plists in Cocoa / Objective C

问题描述

我正在写一个应用程序，从启动时从捆绑包中的xml plist读取信息。 plist中的信息已经编译通过许多天的工作，我想确保它不能轻松地从另一方在分发后从应用程序包中提取。有没有什么方法来保护或加密您的应用程序包中包含的xml plist？

I am writing an application which reads information from am xml plist in the bundle upon startup. The information in the plist has been compiled through many days of work and I would like to ensure that it cannot be extracted easily from the app bundle by another party after distribution. Is there any way to secure or encrypt xml plists that one includes within your app bundle?

任何帮助都非常感谢。

推荐答案

在plist中没有内置的加密函数。许多人将压缩视为加密。

There is no built-in encryption function in plist. Many people treats the compression as encryption.

这里是我会做的，

1. 编写一个加密密钥。


2. 使用 SecKeyEncrypt（）编写一个小程序以将plist加密成二进制文件。 / li>
   
3. 将二进制文件放入包中。


4. 在应用程序中，将键隐藏在某处。


5. 当您启动应用程序时，从包中读取二进制文件，使用解密它， SecKeyDecrypt（）使用键并将cleartext存储在内存中。


6. 明码是plist，从内存中加载plist。

1. Make up an encryption key.
2. write a tiny program to encrypt the plist into a binary file using SecKeyEncrypt().
3. Put the binary file in the bundle.
4. In the app, hide the key somewhere. For example, store them as pieces so it's not easy to find from a dump.
5. When you startup the app, read the binary file from bundle, decrypt it using SecKeyDecrypt() using the key and store the cleartext in memory.
6. The cleartext is the plist and load the plist from the memory.

认为模糊处理，因为密钥在您的捆绑包中可用，但它将足以阻止大多数随意黑客。

This is still considered obfuscating because key is available in your bundle but it will be hard enough to deter most casual hackers.

这篇关于在Cocoa / Objective C中保护xml plists的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！