To ensure the security of offline packages, developers can enable signature verification for an offline package. The basic process of signature verification is as follows:
The developer configures a pair of public and private keys. The private key is placed on the server for signing the offline package, and the public key is placed on the client for verification of the signature.
On the offline package release platform, if you have configured a private key for the signature, the .amr file released by the platform will contain the signature information. The signature information is the ciphertext obtained by encrypting the hash value of the offline package by using the private key.
After the client obtains and decompresses the amr package, the client will verify the signature by using the public key preset in the project. Decrypt the ciphertext obtained in the previous step to get a hash value, and locally calculate the hash value of the offline package. Determine whether these two hash values are equal, if they are, then the signature passed verification.
This process ensures not only the integrity of the offline package but also the correct source of the offline package.
Note: The signature verification for the offline package can ensure that offline packages are not tampered with during transmission and loading. However, the mechanism cannot completely prevent behaviors such as malicious cracking and tampering of H5 logic on the client because the client is completely controlled by users. Therefore, developers must always pay attention to the various potential security risks that exist on the front end.
For example, permission control must require backend verification, behaviors such as flash sales and rushing to buy products must require timestamp verification performed on the backend.