Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to write the IAP anti-cracking code of iPhone/iPad

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/03 Report--

This article shows you how to write iPhone/iPad 's IAP anti-cracking code, which is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

Now the cracking of IAP is very serious, which makes it even more difficult for us to wait for individual developers who don't have much income. The principle of cracking will not be explained too much here. The so-called as vice rises one foot, virtue rises ten, a variety of anti-IAP cracking methods have come out, the other more effective is to re-verify with the Apple server. It means to get the data of the successful purchase and send it to the Apple server again to verify whether the purchase is true or not. But if you are doing this secondary verification on iPhone/iPad and Apple server, it is also possible to be cracked (there are Developer tests to determine that it can be cracked, which I have not tested). So this secondary verification is best placed on your own server (VPS and virtual host, because mine is VPS, so I refer to VPS below). Since the authentication protocol between iPhone/iPad and VPS is entirely up to you, this is basically foolproof!

Agreement:

1. PHP is used in VPS programs.

2. The iPhone/iPad end code uses a third-party library: ASIHTTPRequest, GMTBase64.

The approximate steps are as follows:

1. IPhone/iPad sends a purchase request to the Apple server

2. Apple server returns the receipt that has been purchased successfully

3. IPhone/iPad encodes the received receipt with Base64 and sends it to its own VPS

4. After receiving the receipt, the PHP program of its own VPS sends a second verification to the Apple server to verify whether the receipt is real and valid.

5. Apple reply verification result

6. When you get the result, you can do whatever you want.

IPhone/iPad side code

-(BOOL) verifyReceipt: (NSData*) receipt

{

NSURL * url = [NSURL URLWithString: [NSString stringWithFormat:@ "% @ / verifyiapreceipt.php", SERVER_DOMAIN]]

ASIFormDataRequest * request = [ASIFormDataRequest requestWithURL:url]

[request setPostValue: [GTMBase64 stringByEncodingData:receipt] forKey:@ "receipt"]

# ifdef TEST_SANDBOX

[request setPostValue:@ "1" forKey:@ "sandbox"]

# else

[request setPostValue:@ "0" forKey:@ "sandbox"]

# endif

[request startSynchronous]

NSError * err = [request error]

If (err)

{

Return NO

}

If (handle reqquest if the verification is successful)

Return YES

Return NO

}

VPS side Code (PHP)

That's it. The disadvantage of this approach is that it is a little slower than the normal process, because you have to go through your own VPS, but it doesn't feel too obvious in the process of using it.

The above is how to write iPhone/iPad 's IAP anti-cracking code. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 262

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report