前言:
这里算是比较实用的一篇了吧,进行了网络安全部署
准备:
bmob账号,JSPatch,公钥,私钥,MD5加密,AFNetWorking下载文件
#import <CommonCrypto/CommonDigest.h>
#import <BmobSDK/Bmob.h>
#import "AFNetworking.h"
#import "JPEngine.h"
#import "RSA.h"
原理:
1.使用bmob,得到私钥加密后的jsMD5,JS文件地址
2.根据地址下载js文件,并且保存到沙盒中
3.根据加密MD5匹配JS文件内容,成功就执行
4.没有进行网络判断,只有有网的情况才能执行,没网的时候就使用以前的OC代码
代码片段:
1.请求bmob上的数据
//这里是bmob的key自己去申请个账号,创建一个应用就有了
[Bmob registerWithAppKey:@"这里填写自己的key"];
BmobQuery *bquery = [BmobQuery queryWithClassName:@"JSPathString"];
//约束,只取版本号为1的
[bquery whereKey:@"version" equalTo:@"1"]; //是1得就取得
[bquery findObjectsInBackgroundWithBlock:^(NSArray *array, NSError *error) {
//删除操作,如果。。。。删除文件。。。。
if (!error) {
if (array.count > 0) {
BmobObject *object = array[0];
NSString *PrivateMD5String = [object objectForKey:@"PrivkeyMD5String"];
BmobFile *file = (BmobFile*)[object objectForKey:@"JSData"];
NSArray *path = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
//取得第一个Documents文件夹的路径
NSString *filePath = [path objectAtIndex:0];
// NSLog(@"%@",filePath);
[self downloadFileURL:file.url savePath:filePath fileName:file.name tag:0 PrivateMD5String:PrivateMD5String];
}
}else {
NSLog(@"失败的情况。。。");
}
}];
2.根据提供的地址下载文件
/**
* 下载文件,这是用的,网络请求,要换,现在都是af3.0了
*/
+ (void)downloadFileURL:(NSString *)aUrl savePath:(NSString *)aSavePath fileName:(NSString *)aFileName tag:(NSInteger)aTag PrivateMD5String:(NSString *)PrivateMD5String
{
NSFileManager *fileManager = [NSFileManager defaultManager];
//检查本地文件是否已存在
NSString *fileName = [NSString stringWithFormat:@"%@/%@", aSavePath, aFileName];
//检查附件是否存在
if ([fileManager fileExistsAtPath:fileName]) {
// NSLog(@"本地已经存在");
[self doJSPathWith:PrivateMD5String fileName:fileName];
}else{
//创建附件存储目录
if (![fileManager fileExistsAtPath:aSavePath]) {
[fileManager createDirectoryAtPath:aSavePath withIntermediateDirectories:YES attributes:nil error:nil];
}
//下载附件
NSURL *url = [[NSURL alloc] initWithString:aUrl];
NSURLRequest *request = [NSURLRequest requestWithURL:url];
AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:request];
operation.inputStream = [NSInputStream inputStreamWithURL:url];
operation.outputStream = [NSOutputStream outputStreamToFileAtPath:fileName append:NO];
//下载进度控制
[operation setDownloadProgressBlock:^(NSUInteger bytesRead, long long totalBytesRead, long long totalBytesExpectedToRead) {
NSLog(@"is download:%f", (float)totalBytesRead/totalBytesExpectedToRead);
}];
//已经完成下载
[operation setCompletionBlockWithSuccess:^(AFHTTPRequestOperation * operation, id responseObject) {
//下载的数据
NSLog(@"下载成功");
[self doJSPathWith:PrivateMD5String fileName:fileName];
} failure:^(AFHTTPRequestOperation * operation, NSError * error) {
NSLog(@"下载失败");
}];
[operation start];
}
}
3.匹配检查JS文件是否正确
+ (void)doJSPathWith:(NSString *)PrivateMD5String fileName:(NSString *)fileName{
#pragma mark - 客户端操作,可以等待服务器,等待时间可以10‘s左右,网络请求后得到数据,然后还可以加一个开关按钮,可决定是否传这个js文件,以免出现BUG
//公钥
NSString *pubkey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCiw8lUn/RkpTFrIsC49i9ETR1\nRZuc265x7emOYgSLF4E2LkvxZk0klIC74MBDABhyN+TFQ2J9FkJX8XkzQkrnTv/G\nh0td+U+0D84tK81NJzBa1+pPXE55JjarwNLzf1VEfUBUWMoGKTVQV05sC0JjsYyX\nm6mbFq8j9v7ygO/FQQIDAQAB";
//服务器返回的RSA私钥加密的字符串字符串
NSString *fuwuqiMD5String = PrivateMD5String;
//服务器返回的JS字符串
NSString *script = [NSString stringWithContentsOfFile:fileName encoding:NSUTF8StringEncoding error:nil];;
//公钥解密得到解密后的MD5字符串
NSString *decWithPrivKey = [RSA decryptString:fuwuqiMD5String publicKey:pubkey];
[JPEngine startEngine];
if ([[self md5:script] isEqualToString:decWithPrivKey]) {
// NSLog(@"匹配成功");
[JPEngine evaluateScript:script];
}else {
// NSLog(@"匹配失败");
}
}
4.其它(MD5加密)
//md5加密
+ (NSString *)md5:(NSString *)input {
const char* str = [input UTF8String];
unsigned char result[CC_MD5_DIGEST_LENGTH];
CC_MD5(str, (unsigned)strlen((const char *)str), result);
NSMutableString *ret = [NSMutableString string];
for(int i = 0; i<16; i++) {
[ret appendFormat:@"%02X",result[i]];
}
return ret;
}
时间: 2024-11-03 21:26:22