A fast, easy to use, free, and community supported 2D game engine
SonnyBurnette
Member
If I store the user's save game stats like current health, map level, etc. in a plist or SQLite, can that data be altered with a jailbroken phone? I don't want to implement cocoslive and find out someone went into their phone and jacked up their score before playing the next round and submitting. I guess I could MD5 is with a salt to use as a checksum.
Any ideas?
ob1
Member
Salted MD5 sounds like a good idea. I don't think you can do much more apart from obfuscating the salt and algortihm as much as possible.
It's probably not difficult to modifiy a SQLite database on a jailbroken phone (my jb phone as sqlite3 on command line), and even maybe on a normal phone directly from a backup (heard it's doable, never tried).
Since you guys are mentioning it here, here is a quick snippet I found to help out with MD5 on the iPhone. Not sure if there is an easier way to do this, but it may help!
'#import <CommonCrypto/CommonDigest.h>
NSString* md5( NSString *str )
{
const char *cStr = [str UTF8String];
unsigned char result[CC_MD5_DIGEST_LENGTH];
CC_MD5( cStr, strlen(cStr), result );
return [NSString stringWithFormat:
@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3], result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11], result[12], result[13], result[14], result[15]
];
}'
Fixing the backticks.
#import <CommonCrypto/CommonDigest.h>
NSString* md5( NSString *str )
{
const char *cStr = [str UTF8String];
unsigned char result[CC_MD5_DIGEST_LENGTH];
CC_MD5( cStr, strlen(cStr), result );
return [NSString stringWithFormat:
@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3], result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11], result[12], result[13], result[14], result[15]
];
}You must log in to post.
