如何将 NSSecureCoding 与 id 对象一起使用 [英] How to use NSSecureCoding with id objects
问题描述
我正在创建一个链表并使用容器对对象、下一个和上一个属性进行分组.像 Foundation 集合一样,我希望它实现 NSSecureCoding.声明如下:
I'm creating a linked list and using containers to group the object, next, and previous properties. Like Foundation collections, I'd like it to implement NSSecureCoding. Here's the declaration:
@interface ListContainer : NSObject <NSCopying, NSSecureCoding>
@property (readonly, nonatomic) id object;
@property (nonatomic) ListContainer * next;
@property (nonatomic) ListContainer * previous;
@end
在实现 - initWithCoder: 方法时,我不知道该对象使用什么类:
When implementing the - initWithCoder: method it hit me that I don't know what class to use for the object:
- (instancetype)initWithCoder:(NSCoder *)aDecoder
{
self = [super init];
if (self) {
_object = [aDecoder decodeObjectOfClass:<#(__unsafe_unretained Class)#> forKey:@"object"];
BOOL nextIsNil = [aDecoder decodeBoolForKey:@"nextIsNil"];
if (!nextIsNil) {
// Decode next
_next = [aDecoder decodeObjectOfClass:[ListContainer class] forKey:@"next"];
if (_next == nil) {
return nil;
}
// Link the nodes manually to prevent infinite recursion
self.next.previous = self;
}
}
return self;
}
我应该使用 -decodeObjectForKey: 代替吗?它仍然是安全的编码吗?
Should I use -decodeObjectForKey: instead? Is it still secure coding?
推荐答案
我最终将同样的问题发布到 Cocoa 的邮件列表,最有趣的讨论发生了.一些亮点:
I ended up posting the same question to Cocoa's mailing list and the most interesting discussion happened. Some of the highlights:
[...] 制作一个普通东西的 NSArray,比如 NSString、NSNumber、encode它,用 decodeObjectForClasses 解码它,没有类.你会在阵列上失败.将 NSArray 添加到允许的类列表中并.. 有用.所以,你认为 NSArray 会盲目地解码任何东西它不再安全.
[...] Make an NSArray of normal stuff, like NSString, NSNumber, encode it, decode it with decodeObjectForClasses, with no classes. You’ll fail on the array. Add the NSArray to the list of allowed classes and .. it works. So, you think, NSArray will blindly decode anything so it’s no-longer secure.
添加一个自定义类的对象在数组中实现安全编码,它将开始失败再次.NSArray 和其他集合类型允许元素已知的安全系统类型,如 NSString,但在任何外部都失败那.[...]
Add an object of a custom class which implements secure coding into the array, and it will start failing again. NSArray, and the other collection types, allow elements of known secure system types, like NSString, but fail at anything outside that. [...]
此时我明白 NSArray 的行为不像我预期的那样.安全编码似乎不再那么安全了:
At this point I understand that NSArray doesn't behave as I expected. Secure coding doesn't seem so secure anymore:
这似乎远非理想 [...] 事实上,它解码了一组已知实现 NSSecureCoding 的类是错误的,IMO,对于两个原因 [...]
This seems far from ideal [...] The fact that it decodes a set of classes known to implement NSSecureCoding is wrong, IMO, for two reasons [...]
1) 所包含的类实现 NSSecureCoding 的事实并不意味着我期待它.[...]
1) The fact that the contained class implements NSSecureCoding does not mean that I'm expecting it. [...]
2) 它限制了可以存储的类.[...]
2) It limits the classes which can be stored. [...]
在替换攻击中获得我不期望的课程尤其可怕.显然 Cocoa 的承诺是不同的:
Getting a class that I'm not expecting in a substitution attack is especially dreadful. Apparently Cocoa's promise is different, though:
[...] 如果你直接在你的编码,你需要检查你得到了什么.他们是安全"解码到 Apple 认为解码它们的程度不会导致缓冲区溢出等,这就是你所得到的默认.[...]
[...] if you use NSArray() or other collection classes directly in your coding, you need to check what you got back. They are ‘securely’ decoded to the extent that Apple believes decoding them will not result in a buffer overflow etc, that’s all you get by default. [...]
所以,不,NSSecureCoding 不保证容器的安全编码,或者至少它不保证类型检查,你必须自己做.甚至在 Cocoa 的原生数据结构中也不如我最初假设的那样(有原因,我仍然这么认为).
So, no, NSSecureCoding does not guarantee secure encoding of containers, or at least it doesn't guarantee type checking and you must do it yourself. Not even in Cocoa's native data structures as I initially assumed (with reason, I still think that).
道具归罗兰·金所有.您可以在此处查看完整对话.
Props go to Roland King for all the effort. You can see the full conversation here.
这篇关于如何将 NSSecureCoding 与 id 对象一起使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
