I am working on a static library that do some security sensitive data. It is important for me that the developer who use this library can not use reflaction on the library.
In Android we solve the problem by develop an aar file with services and run the service into separate process;(When the service is running into another process then the developer can not use reflaction) but I am wondering how we can do this in iOS ?
Does we can execute a static library into a separate process? if not how we can avoiding doing reflaction on our static libraries?
For more detailed information please see below code:
MyTestObject *obj = [[[myTestView alloc] init ];
//===========================================
Class clazz = [obj class];
u_int count;
Ivar* ivars = class_copyIvarList(clazz, &count);
NSMutableArray* ivarArray = [NSMutableArray arrayWithCapacity:count];
for (int i = 0; i < count ; i++)
{
const char* ivarName = ivar_getName(ivars[i]);
[ivarArray addObject:[NSString stringWithCString:ivarName encoding:NSUTF8StringEncoding]];
}
free(ivars);
objc_property_t* properties = class_copyPropertyList(clazz, &count);
NSMutableArray* propertyArray = [NSMutableArray arrayWithCapacity:count];
for (int i = 0; i < count ; i++)
{
const char* propertyName = property_getName(properties[i]);
[propertyArray addObject:[NSString stringWithCString:propertyName encoding:NSUTF8StringEncoding]];
}
free(properties);
Method* methods = class_copyMethodList(clazz, &count);
NSMutableArray* methodArray = [NSMutableArray arrayWithCapacity:count];
for (int i = 0; i < count ; i++)
{
SEL selector = method_getName(methods[i]);
const char* methodName = sel_getName(selector);
[methodArray addObject:[NSString stringWithCString:methodName encoding:NSUTF8StringEncoding]];
}
free(methods);
NSDictionary* classDump = [NSDictionary dictionaryWithObjectsAndKeys:
ivarArray, @"ivars",
propertyArray, @"properties",
methodArray, @"methods",
nil];
NSLog(@"%@", classDump);
//======================================================
int v2 = [[obj valueForKey:@"testValue"] intValue];
SEL s = NSSelectorFromString(@"wannatTestIt");
[obj performSelector:s];
At above code MyTestObject is a class from my developed library. At first line I initialize an object from this class.
At next line I read the variables, methods and property list of the class and log it. It is the result:
{
ivars = (
testValue
);
methods = (
printTestValue,
wannatTestIt,
"initWithFrame:"
);
properties = (
);
}
wannaTestIt is a private method and testValue is a private variable. So I expect that the developer that use the library can not access them but because the user of the library could get the name you can see that at next lines they can call the method or read the value of the iVar.
So the question is that how we can prevent this?
Aucun commentaire:
Enregistrer un commentaire