Android prevents anti-compilation

Last Update:2014-09-09 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

<strong><span style= "FONT-SIZE:24PX;" > is well known that Android is easy to decompile, even if it does prevent the anti-compilation processing many of the code can also be seen, the current use of more means is JNI, namely: Put the core code in C + +, and then make so library, so the security improved a lot, but if not the so library special treatment, By looking at the anti-compiled Java code, you will be able to infer the interface that you have defined to call the so library, and others can copy your interface and call your so library. In fact, each time we call the so library in the function in so library to determine whether the public key of the android is yours, thereby preventing them from using your so library, specific code and engineering as follows </span></strong>

#include "com_example_singjni_mainactivity.h" #include <stdio.h> #include <stdlib.h>////get the Java code of the public key// public void Getsinginfo () {//try {//String pn=getpackagename ();////packageinfo PackageInfo = g  Etpackagemanager (). Getpackageinfo (//PN, Packagemanager.get_signatures);//signature[] Signs        = packageinfo.signatures;//Signature sign = signs[0];//parsesignature (Sign.tobytearray ());// } catch (Exception e) {//E.printstacktrace ();//}//}////public void parsesignature (byte[] Si Gnature) {//Bytearrayinputstream bi=new Bytearrayinputstream (signature);//try {//Certificatefactor Y certfactory = certificatefactory//. getinstance ("x");//X509Certificate cert = (x509ce  rtificate) certfactory//. Generatecertificate (New Bytearrayinputstream (signature));//String PubKey = Cert.getpublickey (). TostriNg ();//String Signnumber = Cert.getserialnumber (). toString ();//////System.out.println ("Signname:" + Cert.getsigalgname ());//System.out.println ("PubKey:" + PubKey);//System.out.println ("Signnumber: + Signnumber);//System.out.println ("SubjectDN:" +cert.getsubjectdn (). toString ());/} catch (Exception e) {/ /e.printstacktrace ();//}//}//core code is as follows, others can be ignored Jniexport jstring Jnicall java_com_example_singjni_mainactivity_sing__ Landroid_content_context_2 (JNIENV * env, Jobject ob1, Jobject thiz) {jclass thisclass=env->getobjectclass (thiz); Jmethodid Getpnid=env->getmethodid (ThisClass, "Getpackagename", "() ljava/lang/string;"); Jstring packname= (jstring) Env->callobjectmethod (Thiz,getpnid); Jmethodid Getpmid=env->getmethodid (ThisClass , "Getpackagemanager", "() Landroid/content/pm/packagemanager;"); Jobject Packmanger=env->callobjectmethod (thiz,getpmid); Jmethodid Getpiid=env->getmethodid (env-> Getobjectclass (Packmanger), "GetpackAgeinfo "," (ljava/lang/string;i) landroid/content/pm/packageinfo; "); Jobject Packageinfo=env->callobjectmethod (packmanger,getpiid,packname,0x00000040); JfieldID signaturesId=env- >getfieldid (Env->getobjectclass (PackageInfo), "signatures", "[Landroid/content/pm/signature;"); Jobject Signatures=env->getobjectfield (PACKAGEINFO,SIGNATURESID); Jobjectarray signaturesArray= (JobjectArray) Signatures;//signature=signs[0]jobject signature=env->getobjectarrayelement (signaturesArray,0); JmethodID Signaturebytesmid=env->getmethodid (Env->getobjectclass (signature), "Tobytearray", "() [B");// Sign.tobytearray () Jobject Signaturebytes=env->callobjectmethod (signature,signaturebytesmid);//////////////// /public void Parsesignature (byte[] signature) {}///////////////////////////////////////////////////////////////// Jclass Certificatefactoryclass=env->findclass ("Java/security/cert/certificatefactory"); JmethodID Getinstancemid=env->getstaticmethodid (Certificatefactoryclass, "getinstance", "(Ljava/lang/string;) ljava/security/cert/certificatefactory; "); Jobject Certfactory=env->callstaticobjectmethod (Certificatefactoryclass,getinstancemid,env->newstringutf ( "///////////////////////////////////jclass Byteinstreamclass=env->findclass" ("java/io/"); Bytearrayinputstream "); Jmethodid bytearrayinstreamconmid= Env->getmethodid (Byteinstreamclass," <init> "," ([B) V "); Jobject bytearrayinstream=env->newobject (byteinstreamclass,bytearrayinstreamconmid,signaturebytes); Jmethodid Generatecertificatemid=env->getmethodid (Certificatefactoryclass, "Generatecertificate", "(Ljava/io/ InputStream;) ljava/security/cert/certificate; "); Jobject Certificate=env->callobjectmethod (certfactory,generatecertificatemid,bytearrayinstream); JmethodID Getpkmid=env->getmethodid (Env->getobjectclass (certificate), "Getpublickey", "() Ljava/security/publickey;"); Jobject Publickey=env->callobjectmethod (certificate,getpkmid); Jmethodid Tostringmid=env->getmethodid (env- >getobjectclass (PublIckey), "ToString", "() ljava/lang/string;"); Jstring publickeystr= (jstring) Env->callobjectmethod (publickey,tostringmid);///////////////////////jmethodid Equalsmid=env->getmethodid (Env->getobjectclass (PUBLICKEYSTR), "Equals", "(Ljava/lang/object;) Z"); Jboolean Iscorrect=env->callbooleanmethod (Publickeystr,equalsmid,env->newstringutf ("OpenSSLRSAPublicKey{modulus= 123.: Your public key ..., publicexponent=10001} ")); if (!iscorrect) return Env->newstringutf (" wrong "); Jstring jstr=env-> Newstringutf ("correct"); return jstr;} Jniexport jstring jnicall java_com_example_singjni_mainactivity_sing (jnienv * env, jobject thiz) {jstring jstr=env-> Newstringutf (""); return jstr;}

Java-side code package COM.EXAMPLE.SINGJNI; Import Java.io.bytearrayinputstream;import Java.io.file;import Java.lang.reflect.constructor;import Java.lang.reflect.field;import Java.lang.reflect.method;import Java.security.cert.certificate;import Java.security.cert.certificatefactory;import Java.security.cert.x509certificate;import Java.text.simpledateformat;import Java.util.date;import Android.app.activity;import android.app.Application; Import Android.content.context;import Android.content.pm.packageinfo;import Android.content.pm.PackageManager; Import Android.content.pm.signature;import Android.os.bundle;import Android.util.displaymetrics;import Android.widget.edittext;import Android.widget.textview;import Android.widget.Toast; public class Mainactivity extends Activity {static{system.loadlibrary ("Jniso");} EditText et; @Overrideprotected void onCreate (Bundle savedinstancestate) {super.oncreate (savedinstancestate); Setcontentview (R.layout.activity_main); et= (EditText) Findviewbyid (r.id.et); String S=sing (this); Et.settext (s); System.out.println (s);} Public native string Sing ();p ublic native string sing (context context);}

Project Click to open link

Android prevents anti-compilation

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Android prevents anti-compilation

Contact Us

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support