在BillingService有模块,需要被修饰,以增加安全性什么? [英] In the BillingService module, what needs to be modified to increase security?
问题描述
的注释类<一href="http://developer.android.com/guide/market/billing/billing_integrate.html#billing-service">BillingService建议:
您应该修改和使用它之前模糊处理此code。
You should modify and obfuscate this code before using it.
确定,但什么必须修改?
类的名字吗?用于记录的标记?方法名和数据成员?逻辑和程序流本身?其他?
The class name? The TAG used for logging? Method names and data members? The logic and program flow itself? Other?
在换句话说,我可以理解,需要模糊处理,但我怎么能逃脱实施建议的无需重写一切从头开始的(可能有错误,比不修改任何东西更糟)?
In other words, I can understand the need for obfuscation, but how can I get away with implementing the recommendation without rewriting everything from scratch (potentially with bugs that are worse than not modifying anything)?
推荐答案
我在这方面的工作,在这个时刻,我的方法,到目前为止,如下:
I'm working on this at this moment and my approach, so far, is as follows:
- 在我使用的BillingReceiver,结算服务,PurchaseObserver和ResponseHandler的。
- 我已经感动了所有的常量到自己的常量类和上述所有类都包含在我自己的包。
- 在我的PurchaseDatabase类完成的路程,综合它的一部分到我自己的SQLite数据库,DBAdapter和数据访问类。
- 我已经改变了CatalogEntry到自己的模型对象,我的用户界面将是完全不同的例子如:单选按钮组,而不是微调的产品项目(我只有4)。
- 它说,在安全类的对于安全实现,这一切code应该是与应用程序通信的服务器上实现。我是'幸运',我的程序有反正来联系我的服务器,所以我将实现在服务器上的这些安全措施,我会做我自己的传递到服务器的购买信息验证。我期待使用SSL来保护这部分的通讯科的,我已经要求事先用户名/密码(哈希和盐渍),这是存储在我的服务器上。
- 在我切割出这我不使用如其他任何多余的code有效载荷的编辑。
- 某些方法有5个或6个参数,他们的签名,例如onPurchasestateChanged() - 我在想这些组合成一个单一的包装对象(但尚未这样做) 。
- 在我测试它慢慢地,彻底地,让我明白这是怎么回事,并按照建议。我用完整的样品在第一,以确保它的工作和测试静态响应。然后,我开始做我自己的变化,同时还在做静态测试。我仍在测试与静态的反应和我将遵循的消息流,了解交汇处回事。有一次,我很高兴这个我将测试我自己的产品ID和尝试,并满足自己的数据和它的安全性。
- 我认为developerPayload字符串也可以签署,并已加密,当返回到我的服务器,解密和完整性检查的。
- 最后,我将使用ProGuard的混淆code和遵循一些这样做的这些文件可在StackOverflow上的提示。
- I'm using the BillingReceiver, Billing Service, PurchaseObserver and ResponseHandler.
- I've moved all the Constants into my own Constants class and all the above classes are included in my own package.
- I've done away with the PurchaseDatabase class and integrated parts of it into my own SQLite database, DBAdapter and data access classes.
- I've changed the CatalogEntry into my own model object and my UI will be quite different to the example e.g. RadioButton group rather than Spinner for product items (I only have 4).
- It says in the Security class 'For a secure implementation, all of this code should be implemented on a server that communicates with the application'. I'm 'fortunate' that my app has to contact my server anyway so I'll be implementing these security measures on the server and I'll be doing my own validation of the purchase info passed to the server. I'm looking to secure this part of the comms using SSL and I already require a prior username/password (hashed and salted) which is stored on my server.
- I'm cutting out any other superfluous code which I'm not using e.g. payload editing.
- Some of the methods have 5 or 6 parameters in their signature e.g. onPurchasestateChanged() - I was thinking about combining these into a single wrapper object (but haven't done so yet).
- I'm testing it slowly and thoroughly, so that I understand what's going on, and following the recommendations. I used the complete sample at first to make sure it worked and tested the static responses. Then I started making my own changes while still doing static testing. I'm still testing with static responses and I will follow the flow of messages to understand the interchanges going on. Once I'm happy with this I'll test with my own product Id's and try and satisfy myself on the data and its security.
- I've thought that the developerPayload string could also be signed and encypted and when returned to my server, decrypted and checked for integrity.
- Finally, I'll obfuscate the code using ProGuard and follow some of the tips for doing so which are available on StackOverflow.
希望这有助于。
这篇关于在BillingService有模块,需要被修饰,以增加安全性什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
