stackoom
  简体   繁体   中英

iOS and RESTful web service encryption

 原文  2012-09-04 16:17:37       ios/ encryption/ gps/ sha

Question

So here is situation: I have GPS based app with a lot of sensitive data sending to server - GPS coordinates, users address book phone numbers and so on. So I need to have it really secure.

I decided to encrypt data sent to server with HMAC+SHA256, decrypt there, encrypt response, send response to client, and decrypt there.

Question is - does my app need CCATS review and approval since I'm not using HHTPS with SSL and just sending data encoded with SHA256?

2 answers

solution1
 1  2012-09-04 18:33:53

Yes, it does. In theory any app that uses encryption needs CCATS review. If you ask directly to Apple, they will answer that (yes, I did ask them).

solution2
 1 ACCPTED  2012-09-04 20:46:03

Don't reinvent the wheel, use https - really.

You will have to have a 'real' certificate on your website as (last time I checked) the https built in to iOS will only work with 'real' certificates. Note that this will probably cost you ~$100/year.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question consuming restful web service in iOS 5 RESTFul web service from html on IOS current library for iOS to consume RESTful web service Sample iOS apps that consume RESTful web service Caching in iOS application and RESTful web service IOS how to retrieve data from web service using RESTFUL API ASIHttpRequest call Restful web service? RESTful web server library for iOS iOS: Getting 415(unsupported media type) error while consuming RESTFUL web service using NSUrlConnection simple ways to create RESTful Web Service (java/python/?) in OSX to test ios app with swift
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM