NSDate:获取与设备时钟无关的精确时间? [英] NSDate: Get precise time independent of device clock?
问题描述
可能重复:
如何在应用程序运行之间本地检测用户的iPhone时钟推进?
< a href =https://stackoverflow.com/questions/12006245/is-there-a-way-to-determine-the-actual-time-and-date-in-ios-not-the-time-of- >有没有办法确定iOS中的实际时间和日期(不是设备的时间)
简短
我正在使用基于订阅的自动续订应用程序。当应用程序收到Apple的最新收据时,它会在 NSUserDefaults 中存储 expires_date_ms 键。该日期过后30天,该应用程序会检查Apple以查看订阅是否仍处于活动状态。该应用可被视为离线应用,但必须每30天连接一次互联网才能检查订阅状态。此时间比较将用于告诉用户他/她必须连接。
Brief
I am working with an auto-renewable subscription-based app. When the app receives the latest receipt from Apple, it stores the expires_date_ms key in NSUserDefaults. Thirty days after that date, the app checks with Apple to see if the subscription is still active. The app can be considered an offline app, but it must connect to the internet once every 30 days in order to check the subscription status. This time comparison will be used to tell the user he/she must connect.
我使用下面的代码将当前时间与 expires_date_ms 进行比较:
I am using the code below to compare the current time with the expires_date_ms:
NSTimeInterval expDateMS = [[productInfo objectForKey:@"expires_date_ms"] doubleValue];
NSTimeInterval currentDateMS = ([[NSDate date] timeIntervalSince1970] * 1000);
if (currentDateMS > expDateMS)
subExpired = YES;
这很好,运作良好,但据我所知,有一个漏洞可以被利用 - 如果用户将设备的时钟设置为一个小时/月/十年,则时间比较将变得不可靠,因为 [NSDate date] 使用设备的当前时间(如果我,请更正我我错了。
This is fine and works well, but from what I can tell there's a loophole that can be exploited - if the user sets the device's clock back a hour/month/decade, the time comparison will become unreliable because [NSDate date] uses the device's current time (please correct me if I'm wrong).
有什么方法可以检索与设备无关的时间(以毫秒为单位)?一个可以准确可靠地测量,而不考虑设备时钟?
Is there any way of retrieving a device-independent time in milliseconds? One that can be accurately and reliably measured with no regards to the device clock?
推荐答案
虽然Kevin和H2CO3完全正确,但那里是用于检查订阅的其他解决方案(我希望不需要毫秒精度....)
While Kevin and H2CO3 are completely correct, there are other solutions for the purposes of checking a subscription (which I would hope does not need millisecond accuracy....)
首先观看 UIApplicationSignificantTimeChangeNotification 以便您收到时间突然变化的通知。如果你被停职,这甚至会被送到你手中(虽然如果你被终止我不相信你会收到它)。当有载波时间更新时调用它,并且当有手动时间更新(检查)时,我相信它被调用。它也会在当地午夜和DST更改时调用。关键是当时间突然改变时,它经常被调用。
First watch UIApplicationSignificantTimeChangeNotification so that you get notifications of when the time changes suddenly. This will even be delivered to you if you were suspended (though I don't believe you will receive it if you were terminated). This gets called when there is a carrier time update, and I believe it is called when there is manual time update (check). It also is called at local midnight and at DST changes. The point is that it's called pretty often when the time suddenly changes.
跟踪你进入后台的时间。跟踪回到前台的时间。如果时间从根本上向后移动(超过一天或两天),请建议您访问网络以检查事物。每当您使用服务器办理登机手续时,都应该告诉您它认为的时间。您可以使用它来同步系统。
Keep track of what time it was when you go into the background. Keep track of what time it is when you come back into the foreground. If time moves radically backwards (more than a day or two), kindly suggest that you would like access to the network to check things. Whenever you check-in with your server, it should tell you what time it thinks it is. You can use that to synchronize the system.
您可以类似地跟踪您的实际运行时间。如果它与明显的运行时间非常不同步,那么请再次请求访问网络以进行同步。
You can similarly keep track of your actual runtime. If it gets wildly out of sync with apparent runtime, then again, request access to the network to sync things up.
我确信攻击者可以潜行35天或者其他任何一个系统而不是30个,但是任何愿意努力工作的人都会破解你的软件并完全退出。这里的重点是未提交的攻击者只是搞乱他们的时钟。并且你可以很好地捕获。
I'm certain that attackers would be able to sneak 35 days or whatever out of this system rather than 30, but anyone willing to work that hard will just crack your software and take the check out entirely. The focus here is the uncommitted attacker who is just messing with their clock. And that you can catch pretty well.
你应该仔细测试,并且非常犹豫地指责用户什么。只需连接到您的服务器就足以让合法用户再次工作。
You should test this carefully, and be very hesitant to accuse the user of anything. Just connecting to your server should always be enough to get a legitimate user working again.
这篇关于NSDate:获取与设备时钟无关的精确时间?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
