Summary:
1, in the transmission process of the JS file for the RSA signature encryption;
2, download the script saved to the local, it should be a simple symmetric encryption, each time to decrypt the read;
3, the proposed JS script increase, delete, change, check the content in the same JS file processing, only download a file on OK.
Following the previous article to understand the principle of work, this article on the construction of their own management background to realize the basic idea of patch update.
First of all, assume the following problems: App released two versions, V1.0 and V2.0, on line after the launch of the discovery of V1.0 existence bug1,v2.0 existence bug2;
Prerequisite Preparation:
A, local generation of RSA key pairs, public key can be public, packaged as a configuration constant into the IPA file, the private key for safekeeping, stored in such as PSAM card, with encryption function of the disk carrier.
b, the production of a good script file (that is, patches).
Rationale: Install all local patches –> networking update patch information and install updates or new additions to patches.
Specific process:
1, in the management of the new need to update the background patch version number, and then upload the bug file (*.js). When uploading the script, select the local RSA_PRIVATE_KEY.PEM (RSA private key) file, upload with the script, the management platform will use the uploaded private key to encrypt the script MD5 value, get the encrypted result and save the script file one by one correspondence.
2, the client to determine whether there is a script, there are at the beginning of the program loading execution (if the file symmetric encryption to be decrypted first), no skip;
3, the client network request patch updates, upload parameters with version information (such as version number), query the current version whether there are bugs.
4, management platform will only be issued for this version of the JS script (Implementation of V1.0 and V2.0 respectively), if the version number corresponds to No or no bug, the client will not request the corresponding JS script; if there is a bug, the server returns STEP1 script and encryption MD5 value.
5, Client Computing script MD5 value (Md5_1), through the built-in RSA public key decryption Step4 MD5 get value md5_2, compare Md5_1 and Md5_2 are the same, can decrypt and the result is the same, that the encryption must be used in the Step1 RSA private key, The server returns data that is trusted and is first saved to the app local cache (it can be saved locally with simple symmetric encryption, decrypted each time it is read).
6, after each startup of the app, you need to load and execute the locally saved script (that is, the above step2), so you can implement patch updates.
Note: The Rsa_private_key.pem uploaded here is only one-time use, will not be saved in the service side, so only through the user's own save Rsa_private_key.pem files can be issued for the APP script, even if the management platform is black, Hackers are also unable to distribute malicious scripts to your APP (which can be issued, but not executed) to ensure security. RSA_PRIVATE_KEY.PEM please keep safe and avoid leakage.
Pending discussion: in the previous step, the patch file did not force an update, and it only loaded the last downloaded script. Assuming that the steps are loaded in the Appdelegate and the client sleeps in the system background without rebooting, this scenario does not enable immediate repair for each user. Some people say that it's good to do, I at the program entrance settings must pull the server script to enter the program interface, so you can force users to achieve immediate repair, I think there is a problem: if the network is not stable, pull request failed, how the client should be rendered. Exit (bad user experience) or jump to the program interface (so that scripts cannot be executed locally).
app needs to have "add, delete, change, check" function
Other questions: If V1.0 finds a new bug3, or discovers that the last footstep was flawed and needed to be modified, or cancel this version of the patch, how the client and server should respond. This requires the app to have "add, delete, change, check" function.
Add: The server returns the patch, the local does not exist, the default download store, and execute.
Delete: The patch set returned by the server does not contain a local patch, and the patch will not be executed again next time.
Change: The patch returned by the server, included locally, but MD5 value changes, this will be downloaded again.
Check: The default is to perform all existing and MD5 value matching patches when the application starts. The information for the patch set is updated each time the network is updated. Here is a cache library
Patch status management see click on the Open link
Optimization: In view of the above steps may have operational complexity, the use of one-time download all may be better: Add, delete, change, check the content of all written to a JS file,
1, the client each request first search whether the local JS file and calculate MD5 value, if no value is not transmitted, if there is a new MD5 value;
2, the server Judge MD5 is not empty, carry out two MD5 value comparison, inconsistent issued script;
3. Client cache script (first download) or replacement script (locally cached)
Notice here to remove the script problem, if all scripts are deleted in the background, then the client also deletes the local cache based on the blank content returned.
mac computer Gets the MD5 value of a file , Enter the command directly at the terminal:
MD5 file full path
Objective-c Gets the MD5 value of a file:
#include <commoncrypto/commondigest.h>:
/**
* Gets the MD5 value of the file.
* @param path of the path file.
* @return The MD5 value of the file.
*/
-(NSString *) Mcmd5hashofpath: (NSString *) path
{
Nsfilemanager *filemanager = [Nsfilemanager Defaultmanager];
Make sure the file exists.
if ([FileManager fileexistsatpath:path Isdirectory:nil])
{
NSData *data = [NSData datawithcontentsoffile: Path];
unsigned char digest[cc_md5_digest_length];
CC_MD5 (Data.bytes, (Cc_long) Data.length, Digest);
nsmutablestring *output = [nsmutablestring stringwithcapacity:cc_md5_digest_length * 2];
for (int i = 0; i < cc_md5_digest_length i++) {
[Output appendformat:@ '%02x ', Digest[i]];
}
return output;
}
else
{return
@ "";
}
}
Put a demo.js in the project for debug in debug mode
In/**
* Test mode, this method is executed to verify the function of a JS file. The local demo.js is used by default.
*/-(void) mcdebug
{
#ifdef DEBUG
nsstring * Path = [[NSBundle Mainbundle] pathforresource:@ "Demo" oftype:@ "JS"];
[Self mcevaluatescriptfile:path];
#endif
}
Jspatch solution to the App Store review mechanism is: Click on the Open link
Reference: Click to open the link