I am looking at UUID generation in Blackberrys.
I need to be able to generate 128 bit UUIDs from last generation Blackberrys.
I have just looked through the API and it looks like the javax.bluetooth.UUID class is the way to go.
Can I assume that this API will be available for all Blackberrys? Is there another, more standard/better, way of generating 128 bit UUIDs from a Blackberry?
Edit: I also found this other class net.rim.device.api.synchronization. UIDGenerator. All I need to know is if this is available for all new Blackberries, since I'm not going to develop the app but require a 3rd party developing it to send me a 128 bit UUID.
The Bluetooth UUID class doesn't actually generated UUIDs, it's just a data representation of a UUID for Bluetooth purposes. I don't think there's a native API on the BlackBerry for actually generating UUIDs - you may need a third party library for that.
UUIDs (depending on the definition) are usually just a hash sum of the current time and the hardware (MAC) address (as those are considered being unique) of a/the network device, e.g. bluetooth or WiFi devices. If you don't need to build UUIDs conforming with specific UUID algorithms but just need unique IDs, you could just roll your own easily. Otherwise it shouldn't be too hard to implement a standardized algorithm either.
Look here for some UUID algorithms: http://en.wikipedia.org/wiki/Universally_Unique_Identifier (there are also links to Java libraries for generating UUIDs)
Related
Rather new to Bluetooth Low-energy devices, and having recently purchased a bunch of trackers off Amazon, decided to write a little application to see what type of information I can get from these.
The trackers are from a Chinese company, and they don't have a ton of information around advertisement information, so I'm playing by best guess here.
What I've been able to achieve so far, through Flutter Reactive BLE, is to find the devices by their ID (filter out additional noise I don't care about) and pull information like RSSI, Name and ID from it.
Now I want to interpret the manufacturerData object, screenshot attached of just one of them, and can't seem to get anything concrete from it.
I half assumed that reactive_ble would've stripped the leading checks and only supplied the the necessary portions of the data object that's relevant to interpret, however, this does not seem to be the case.
My first feel was to just convert this UInt8List to String utf8.decode(device.manufacturerData), however, this returns either a 1x spaced string or nothing at all.
I've tried using ByteData with a start of 3 and end of 4, and that's not very helpful either.
Is there something I'm missing in it's interpretation? I've read the Bluetooth spec and as I don't come from a CompSci background, is rather foreign to me, so would appreciate a layman response.
The first 16 bits (little endian) in manufacturer data contain the manufacturer id (Bluetooth SIG's web site has a list). The layout of the rest of the bytes are totally up to the manufacturer. If you can't guess what they mean, you'll have to ask the manufacturer.
I'm using Airdrop to transfer application internal data between two phones. Because Airdrop was intended for file sharing, it could occur that user choose "save the file" to save the data file in Files app by accident. Since my app is a financial planning app, I'm considering to encrypt the file transferred by Airdrop to keep user's data secure. The encryption only applies to the temp file transferred by Airdrop. Once the app on the receiver phone receivers it, it decrypts the file immediately.
I'm referring to this thread to determine how I should answer the export compliance question if I encrypt the temp file. And I noticed these two exemption items:
(iii) your app uses, accesses, implements or incorporates encryption with key lengths not exceeding 56 bits symmetric, 512 bits asymmetric and/or 112 bit elliptic curve
(iv) your app is a mass market product with key lengths not exceeding 64 bits symmetric, or if no symmetric algorithms, not exceeding 768 bits asymmetric and/or 128 bits elliptic curve.
I don't quite understand the difference between the conditions in the two items (what is a mass market product?). But I don't think either helps, because the ciphers provided by iOS Cryptokit contains only AES and ChaChaPoly - the former takes a minimum key size of 128 bits and the latter takes 256 bits key size.
Since there are a lot of apps using Airdrop to transfer application internal data (I can tell that from the discussions on SO), I wonder how other people deal with this? Is this considered an exemption case?
BTW, I considered other options, but none is satisfying:
Don't encrypt the data. Obscure it instead (for example, using something like Caesar cipher). But that feels very unprofessional.
Don't use Airdrop. Implement my own data transfer mechanism. For example, start a tiny web server on sender side and the receiver side get the data through HTTPS, which from my understanding is an exemption case. I don't choose this approach because a) Airdrop provides a much better user experience than this approach, b) I'll need to use Bonjour to discover service, which requires local network permission. I'd like to avoid that if possible.
The answer depends on what cipher you use to encrypt the data.
Apple summarises your requirements in a couple of documents.
First, in the CryptoKit documentation
Typically, the use of encryption that’s built into the operating system—for example, when your app makes HTTPS connections using URLSession—is exempt from export documentation upload requirements, whereas the use of proprietary encryption is not. To determine whether your use of encryption is considered exempt, see Determine your export compliance requirements.
This leads you to this document which has a table, that I have shown in part:
Assuming that you use AES from Apple's Crypto Kit framework, the second clause would apply. You don't need to provide any documentation to Apple but you should submit a self classification report to the us government.
The exemptions you listed in your question do not apply since you wouldn't use a symmetric cipher with a key length of 64 or 56 bits.
I'm in the process of writing a CoreBluetooth driver in Swift, and I'm discovering services and characteristics.
One thing that I've noticed, is that the Apple operating system always returns standard Bluetooth characteristics and services as strings instead of raw UUIDs, identifying them.
For example, instead of saying "180A", the log will say "Device Information," or somesuch.
I see these in English. I have no idea if they are localized.
I'd like to be able to access these values for my own purposes (logging and debugging), but I can't find them listed anywhere.
Is there a known, standard place that publishes a glossary that I could use? The best, of course, would be if I could access the Apple pages, but I don't see anything in CoreBluetooth that describes this.
Otherwise, I need to set up my own glossary.
I want to develop an App in Android 6. I need to transmit iBeacon packet.
As I checked in iBeacon advertisement packet spec we need to transmit UUID along with major number and minor number.
So my question is this
Is there any process/License for generation UUID ?
While you can use any byte sequence you want for a ProximityUUID, they are designed to be universally unique so you can be confident that your byte sequence is not used by others. If this is your goal, you will want to use a dedicated UUID generator, which uses a secure random number generator and a seed value to generate a byte sequence that has a very high probability of being globally unique.
Android has a built in API to do this here: https://developer.android.com/reference/java/util/UUID.html
There are also plenty of online web-based tools that do the same. A quick Google search for "UUID generator" will find several options.
We are developing a game where all the game logic is executed locally (no server back-end) and would like to make it difficult to tamper with game data (such as user credits, game settings and so on).
Now, it's even possible on non-jailbroken devices to access the filesystem and change game data - so, for example if user inventory stats are stored in a plist file, it's very easy to edit them.
If we move game settings from plist files to source-code files, such that they get compiled into the binary, it will require at least a modification of the binary to change settings. On non-jailbroken phones - will modified binaries still run, or does the apple codesigning prevent from modifying the binaries in any way?
What are some quick and easy to implement measures to make it a bit harder to tamper with game-data (especially on non-jailbroken phones. Optimally we'd like to provide some kind of security that will at least require a jailbreak to make modifications to the game)?
so - to summarize the questions:
can the binary part of an iOS app be modified and still run on non-jailbroken devices?
what are some quick and easy to implement measures to make it harder to tamper with gamedata on non-jailbroken devices?
You can't modify the binary as it would invalidate the signature. I would just use some sort of encryption on the data you don't want users to modify. You can make this as simple or as complex as you want. I don't think iOS provides any kind of encryption services out of the box, but you don't need to go hog wild with it - a simple ROT13 algorithm would do, since we're not talking about password-level security here. If you want, you can even add a checksum on the encrypted data, then invalidate it if the checksums don't match.
To answer your questions:
No. The application will be required to be signed again.
A simple but not unbreakable measurement is to safe the data in a secure container (key chain for example) or encrypt it yourself before you safe it to disk. An attacker now have to monitor a running app to get to the decrypted data in memory - or need to crack the secure store.
There are a few ways on iOS (and Mac OS X) where you can accomplish to encrypt and decrypt data. One way is pretty nicely described here in the official docs:
Encrypting and Decrypting Data.