修补应用内购买黑客;坚持第四步

时间:2012-07-23 12:51:47

标签: ios encoding in-app-purchase decoding

正如我们许多人所知,最近苹果出现了一种情况,即黑客可以免费获得任何应用内购买。 Apple最近发布了 this document ,描述了如何修补它,但我对第4步感到有些困惑,并希望得到任何帮助。

第一步是下载他们的补丁.h和.m,将其包含在您的项目中,并将其链接到安全框架。好的,好的,明白了。然后Apple说:

4. Provide a base64 encoder, a base64 decoder, and the action to perform when validation succeeds.

关于编码器的部分到底意味着我应该做什么? (验证成功时要执行的操作对我来说很清楚。)我确实在类中看到了名为base64_encodebase64_decode的函数。但它要求的是什么?这是否只是我知道的特殊密码,以防止黑客入侵?我不知道该怎么做。当然,我得到了编码和解码的整体概念,但没有在这种情况下如何正确生成编码和解码的程序细节。

Apple编写的代码,如果这有助于任何:

- (NSString *)encodeBase64:(const uint8_t *)input length:(NSInteger)length
{ 
#warning Replace this method.
    return nil;
}

- (NSString *)decodeBase64:(NSString *)input length:(NSInteger *)length
{
#warning Replace this method.
    return nil;
}

#warning Implement this function.
char* base64_encode(const void* buf, size_t size)
{ return NULL; }

#warning Implement this function.
void * base64_decode(const char* s, size_t * data_len)
{ return NULL; }

我也很困惑,有2个编码和2个解码功能。我知道有一对返回NSString* s,但为什么第二对会返回char*void*?这些功能有望返回?我真的不明白。

2 个答案:

答案 0 :(得分:0)

听起来他们想要一个通用的base64编码器。尝试一些代码:

http://cocoadev.com/wiki/BaseSixtyFour

(免责声明:我没有对此进行测试)

这是第二个更容易阅读的内容: http://cocoawithlove.com/2009/06/base64-encoding-options-on-mac-and.html

答案 1 :(得分:0)

请查看提交的解决方案:here,由未知作者发布。

包含以下代码,我测试并为我工作:

//  single base64 character conversion
static int POS(char c)
{
    if (c>='A' && c<='Z') return c - 'A';
    if (c>='a' && c<='z') return c - 'a' + 26;
    if (c>='0' && c<='9') return c - '0' + 52;
    if (c == '+') return 62;
    if (c == '/') return 63;
    if (c == '=') return -1;

    [NSException raise:@"invalid BASE64 encoding" format:@"Invalid BASE64 encoding"];
    return 0;
}

- (NSString *)encodeBase64:(const uint8_t *)input length:(NSInteger)length
{
    return [NSString stringWithUTF8String:base64_encode(input, (size_t)length)];
}

- (NSString *)decodeBase64:(NSString *)input length:(NSInteger *)length
{
    size_t retLen;
    uint8_t *retStr = base64_decode([input UTF8String], &retLen);
    if (length)
        *length = (NSInteger)retLen;
    NSString *st = [[[NSString alloc] initWithBytes:retStr
                                             length:retLen
                                           encoding:NSUTF8StringEncoding] autorelease];
    free(retStr);    // If base64_decode returns dynamically allocated memory
    return st;
}

char* base64_encode(const void* buf, size_t size)
{
    static const char base64[] =  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

    char* str = (char*) malloc((size+3)*4/3 + 1);

    char* p = str;
    unsigned char* q = (unsigned char*) buf;
    size_t i = 0;

    while(i < size) {
        int c = q[i++];
        c *= 256;
        if (i < size) c += q[i];
        i++;

        c *= 256;
        if (i < size) c += q[i];
        i++;

        *p++ = base64[(c & 0x00fc0000) >> 18];
        *p++ = base64[(c & 0x0003f000) >> 12];

        if (i > size + 1)
            *p++ = '=';
        else
            *p++ = base64[(c & 0x00000fc0) >> 6];

        if (i > size)
            *p++ = '=';
        else
            *p++ = base64[c & 0x0000003f];
    }

    *p = 0;

    return str;
}

void* base64_decode(const char* s, size_t* data_len_ptr)
{
    size_t len = strlen(s);

    if (len % 4)
        [NSException raise:@"Invalid input in base64_decode" format:@"%d is an invalid length for an input string for BASE64 decoding", len];

    unsigned char* data = (unsigned char*) malloc(len/4*3);

    int n[4];
    unsigned char* q = (unsigned char*) data;

    for(const char*p=s; *p; )
    {
        n[0] = POS(*p++);
        n[1] = POS(*p++);
        n[2] = POS(*p++);
        n[3] = POS(*p++);

        if (n[0]==-1 || n[1]==-1)
            [NSException raise:@"Invalid input in base64_decode" format:@"Invalid BASE64 encoding"];

        if (n[2]==-1 && n[3]!=-1)
            [NSException raise:@"Invalid input in base64_decode" format:@"Invalid BASE64 encoding"];

        q[0] = (n[0] << 2) + (n[1] >> 4);
        if (n[2] != -1) q[1] = ((n[1] & 15) << 4) + (n[2] >> 2);
        if (n[3] != -1) q[2] = ((n[2] & 3) << 6) + n[3];
        q += 3;
    }

    // make sure that data_len_ptr is not null
    if (!data_len_ptr)
        [NSException raise:@"Invalid input in base64_decode" format:@"Invalid destination for output string length"];

    *data_len_ptr = q-data - (n[2]==-1) - (n[3]==-1);

    return data;
}