iOS Picture Slimming Summary

Objective

Recently, a small program was written in the company to slim down the images in an iOS app, reducing the size of the app and decreasing the amount of traffic the user downloads.

Slimming is done in a website specifically designed to slim down the image.

Address:https://tinypng.com

The interface provided by this site is based on the HTTPS protocol, and has not used the HTTPS protocol before, and now summed up.

About HTTPS

For the basic HTTPS protocol, please refer to the reference:

Seven Misconceptions about HTTPS

In fact, HTTPS is the secure version of the HTTP protocol,

He used the RSA asymmetric encryption public key pair, using SSL certificate authentication to ensure that the user data in the transmission of the security line.

Here's a quick look at the similarities and differences between HTTP and HTTPS request processes

Let's take a look at the process.

1. The client sends an HTTPS-based request to the server.

2. Create a public private key pair on the server side.

3. The server binds the common key on the certificate and returns it to the client.

4. The client verifies that the certificate is reliable (there are two authentication methods, the certificate for the CA agency approach, and the certificate that you created: 1. A request is sent to the CA authority that issued the certificate to authenticate. 2. is to save a copy of the certificate in the client, to compare two certificates, but also to verify whether the man-in-the-middle attack, the authentication method is to use the certificate's PubKey to solve the certificate of the ciphertext, if and the certificate on the plaintext can be determined that there is no attack).

5. The client generates a random number and passes the public key encryption to the server.

6. The server decrypts the random number with the private key, generates a symmetric encryption key based on the random number and encrypts the secret key with the private key.

7. Pass the symmetric secret key to the client.

8. The client decrypts the symmetric encryption key with the public key.

Later communication will use the symmetric encryption of the secret key to do, so HTTPS is actually the first request will be slow, because to generate a communication symmetric key, and then communicate with the HTTP will not be much worse.

iOS support for HTTPS

Before you say this, talk about tinypng the interface of this website.

After registering the new user will return to you a string of key, we want to do HTTPS request for this string key

The station uses the HTTP basic Auth authentication method (see Wikipedia for details on basic AUTH certification).

So we need to use Add Headerfield when we make the request.

Return when we upload image processing after the download path back, the more wonderful is that the path is not in response to the body but in the response header in the Location field ... (Doesn't the picture need to be kept secret?) ）。

Let's talk about what iOS does,

iOS's nsurlconnection and Nsurlsession APIs provide a handy API to support HTTPS requests.

I used the nsurlconnection when I was actually working.

Create the request first:

1Nsurl *url =[Nsurl Urlwithstring:request_url];2 3Nsmutableurlrequest *request =[[Nsmutableurlrequest alloc] initwithurl:url];4 5NSString *basicauthusername =Basic_auth_username;6NSString *basicauthpassword =Basic_auth_password;7NSData *authorizationdata = [[NSString stringWithFormat:@"%@:%@", Basicauthusername,basicauthpassword] datausingencoding:nsasciistringencoding];8NSString *authorizationstr = [NSString stringWithFormat:@"Basic%@", [Authorizationdata base64encodedstringwithoptions:0]];9NSLog (@"%@", authorizationstr);Ten[Request Sethttpmethod:@"POST"]; One[Request Addvalue:authorizationstr Forhttpheaderfield:@"Authorization"]; A[Request AddValue:@"*/*"Forhttpheaderfield:@"Accept"];

URLs provided in the API have, just protocol we write as HTTPS, and then the Authorization header field splicing, is essentially the basic base64 (user name: password).

Accept here for */*, in fact, if you know that the server return type can be directly specified Application/json or Text/json and the like on the line.

Here's a look at the connection:

1-(BOOL) connection: (nsurlconnection*) connection canauthenticateagainstprotectionspace: (nsurlprotectionspace*) Protectionspace2 {3     return[Protectionspace.authenticationmethod isequaltostring:nsurlauthenticationmethodservertrust];4 }5 6-(void) Connection: (nsurlconnection*) connection Didreceiveauthenticationchallenge: (nsurlauthenticationchallenge*) Challenge7 {8 [Challenge.sender Continuewithoutcredentialforauthenticationchallenge:challenge];9}

We need to implement nsurlconnectiondelegate and then implement the two methods above.

The first method is to determine what kind of security problems you need to respond to,

NSString *nsurlauthenticationmethoddefault;

Nsstring*nsurlauthenticationmethodhttpbasic;

Nsstring*nsurlauthenticationmethodhttpdigest;

Nsstring*nsurlauthenticationmethodhtmlform;

Nsstring*nsurlauthenticationmethodnegotiate;

NSSTRING*NSURLAUTHENTICATIONMETHODNTLM;

Nsstring*nsurlauthenticationmethodclientcertificate;

Nsstring*nsurlauthenticationmethodservertrust;

There are many security issues to respond to, and here we only respond to HTTPS-related lines, so choose Nsurlauthenticationmethodservertrust.

The second method is to handle the validation results, where I write this will directly ignore certificate validation, where we can handle the validation policy logic of the certificate.

After we start connection we will find that we can successfully invoke the interface.

For some other details

Writing this gadget still uses something that has not been touched.

Here's a summary.

1. File instance class Nsfilehandle, this class can get the file instance, for example, we want to control the file read and write details need to use this class, here is used to save the picture name without a successful request.

2.connection asynchronous request is done very well, using multi-threaded requests, the specific number of request threads by the system to judge.

3. Multithreading read-write files use the Dispatch_barrier_async method to avoid resource contention.

Insufficient

1. Write the time is all upload requests after the end of the download, so inefficient, can be modified to upload directly after the download without waiting for other files to upload, but so multi-threading will be a little more cumbersome.

iOS Picture Slimming Summary