如何在我的iOS应用程序中保护数字内容（PDF）？ [英] How to protect Digital Content (PDF) inside my iOS app?

问题描述

这个问题主要是关于保护iOS应用内的内容。我打算制作一个应用程序，可以根据用户请求下载大量内容（主要是PDF文件）。下载这些PDF后，它们将存储在本地以便于离线访问。

This question is mainly about protecting the content inside my iOS app. I intend to make an app that will download a lot of content (mainly PDF files) on user request. Once these PDFs are downloaded, they will be stored locally for easy offline access.

现在，我不希望任何人获取.ipa文件并设法提取PDF文件。
如果这是不可能的，即使他们提取PDF，他们也无法查看或运行它们吗？

Now, I don't want anyone to get hold of the .ipa file and manage to extract the PDF files. If this is not possible, is it possible that even if they extract the PDFs, they canNOT view it or run them?

我不知道如何处理这个（事情。任何建议都表示赞赏。

I am not sure how to handle this. Any suggestions are appreciated.

另一种方法是，我可以提供受密码保护的文件供用户下载。将关联的密码存储在sqlite数据库中。然后，当用户从APP内部打开PDF时，应用程序将从数据库中找到密码并打开它，而不会提示用户输入密码。这可能吗？怎么样？

An alternative is, I may provide password protected files to the user to download. Store the associated password in a sqlite database. Then when the user opens the PDF from inside the APP, the app will find the password from the database and open it without any prompt to the user to enter the password. Is this possible? How?

谢谢和问候

推荐答案

让我们假设你以某种方式在将PDF放入下载服务器之前对其进行加密，应用程序会在将其显示给用户之前对其进行解扰。

Let's assume that you somehow scramble your PDF before putting it on your download server and the app descrambles it before showing it to the user.

在应用程序中，您可以执行以下操作：

In the app you can then perform the following:

1. 将加扰的PDF文件加载到 NSData 对象中。


2. 创建 NSMutableData 对象，并使用您选择的任何算法将PDF数据解扰为该缓冲区。


3. 现在您有了内存中可用的PDF文档，但磁盘上只有一个加扰版本。如果你需要创建一个 CGPDFDocumentRef ，你可以先使用你的解扰 NSMutableData 对象创建一个数据提供者。 - 通过简单的演员免费桥接到 CFData

1. Load the scrambled PDF file into an NSData object.
2. Make an NSMutableData object and descramble your PDF data into that buffer using whatever algorithm you have chosen.
3. Now you have a usable PDF document in memory but only a scrambled version on disk. If you need to create a CGPDFDocumentRef you can do that by first creating a dataprovider using your descrambled NSMutableData object which is toll-free bridged to CFData by a simple cast

类似

NSMutableData *data = descrambled PDF;
CFDataRef myPDFData = (CFDataRef)data;
CGDataProviderRef provider = CGDataProviderCreateWithCFData(myPDFData);
CGPDFDocumentRef pdf = CGPDFDocumentCreateWithProvider(provider);

（该片段的信用额度为这个答案。）

(Credit for that snippet goes to this answer.)

由于应用程序必须能够解密PDF并且用户可以同时访问应用程序和加扰PDF文件你做的任何事情，以防止他们提取它将基本上是默默无闻的安全性。因此，我不打算使用复杂的加密算法。你可以做一些像XOR一样简单的事情，在你的应用程序二进制文件中隐藏一个秘密字符串。

Since the app must be able to descramble the PDF and user has access to both the app and the scrambled PDF file anything you do to prevent them from extracting it will basically amount to security by obscurity. Therefore I wouldn't bother with a complex encryption algorithm. You can probably just do something simple like XOR the data with a secret string hidden in your app binary.

击败这种方法需要攻击者反汇编你的二进制文件，如果有人确定你无法获胜，正如当前视频游戏DRM的悲惨状态所证明的那样。

Defeating this approach will require an attacker to disassemble your binary, and if someone is that determined you can't win, as evidenced by the sad state of current video game DRM.

顺便说一句：根据默默无闻的精神，您可能还想为已下载的PDF文件命名，而不是 valuabledocument.pdf 。但实际安全并非如此。

By the way: In the spirit of obscurity you might also want to name your scrambled downloaded PDFs something less obvious than valuabledocument.pdf. But real security it ain't.

编辑以说明XOR'ing数据：

将你的乱码 NSData 送到这样的......

Feed your scrambled NSData to something like this...

// Fill this out with whatever you want. Use the same string
// and algorithm to scramble the files on the server.
static unsigned char secretString[SECRET_STRING_LENGTH];

- (NSData *)scrambleOrDescrambleData:(NSData*)input
{
    unsigned char *outputBytes = malloc(input.length);
    memcpy(outputBytes, input.bytes, input.length);
    for (int i = 0; i < input.length; i++)
    {
        outputBytes[i] = outputBytes[i] ^ secretString[i % SECRET_STRING_LENGTH];
    }

    NSData *outputData = [[NSData alloc] initWithBytes:outputBytes length:input.length];
    free(outputBytes);

    return outputData;
}

关于XOR的一个方便的事情就是做两次会让你恢复原来的价值数据，所以加扰和解扰是相同的代码。

The handy thing about XOR is that doing it twice will give you back your original data, so scrambling and descrambling is the same code.

我在这里避免使用术语加密，因为这实际上只是模糊了数据以使其不受偶然观察者的影响。

I am avoiding the term encryption here, because this is really just obfuscating the data to keep it from casual observers.

这篇关于如何在我的iOS应用程序中保护数字内容（PDF）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！