Android prevents Decompilation

Android prevents Decompilation

As we all know, Android is easily decompiled. You can see that, even if you prevent code decompiling, many methods are used: put the core code in c ++ and then make the so library. This improves the security a lot. However, if so library is not specially processed, by viewing the decompiled java code, you will be able to deduce the interface you have defined to call the so library, and others will be able to mimic your interface and then call your so library. In fact, every time we call the so library, we can use the function in the so library to determine whether the android Public Key is yours and prevent them from using your so library. The specific code and project are as follows:

 

 

 

# Includecom_example_singjni_MainActivity.h # include
 
  
# Include
  
   
//// Obtain the java code for the public Key // public void getSingInfo () {// try {// String pn = getPackageName (); /// PackageInfo packageInfo = getPackageManager (). getPackageInfo (// pn, PackageManager. GET_SIGNATURES); // Signature [] signs = packageInfo. signatures; // Signature sign = signs [0]; // parseSignature (sign. toByteArray (); //} catch (Exception e) {// e. printStackTrace (); //} // public void parseSignature (byte [] signature) {// ByteArrayInputStream bi = new ByteArrayInputStream (signature ); // try {// CertificateFactory certFactory = CertificateFactory //. getInstance (X.509); // X509Certificate cert = (X509Certificate) certFactory //. generateCertificate (new ByteArrayInputStream (signature); // String pubKey = cert. getPublicKey (). toString (); // String signNumber = cert. getSerialNumber (). toString (); // System. out. println (signName: + cert. getSigAlgName (); // System. out. println (pubKey: + pubKey); // System. out. println (signNumber: + signNumber); // System. out. println (subjectDN: + cert. getSubjectDN (). toString (); //} catch (Exception e) {// e. printStackTrace (); //} // The core code is as follows. You can ignore JNIEXPORT jstring JNICALL parameters _ Landroid_content_Context_2 (JNIEnv * env, jobject ob1, jobject thiz) {jclass thisClass = env-> GetObjectClass (thiz); jmethodID getPNId = env-> GetMethodID (thisClass, getPackageName, () Ljava/lang/String;); jstring packName = (jstring) env-> CallObjectMethod (thiz, getPNId); jmethodID getPMId = env-> GetMethodID (thisClass, getPackageManager, () Landroid/content/pm/PackageManager ;); jobject packManger = env-> require (thiz, getPMId); jmethodID getPIId = env-> GetMethodID (env-> GetObjectClass (packManger), getPackageInfo, (Ljava/lang/String; I) landroid/content/pm/PackageInfo;); jobject packageInfo = env-> CallObjectMethod (packManger, getPIId, packName, 0x00000040 ); jfieldID signaturesId = env-> GetFieldID (env-> GetObjectClass (packageInfo), signatures, [Landroid/content/pm/Signature;); jobject signatures = env-> GetObjectField (packageInfo, signaturesId); jobjectArray signaturesArray = (jobjectArray) signatures; // signature = signs [0] jobject signature = env-> GetObjectArrayElement (signaturesArray, 0 ); jmethodID signatureBytesMId = env-> GetMethodID (env-> GetObjectClass (signature), toByteArray, () [B); // sign. toByteArray () jobject signatureBytes = env-> CallObjectMethod (signature, signatureBytesMId ); //// // public void parseSignature (byte [] signature) {}////////////////////////////////////// /// // jclass certificateFactoryClass = env-> FindClass (java/security/cert /CertificateFactory ); jmethodID getInstanceMId = env-> GetStaticMethodID (response, getInstance, (Ljava/lang/String;) Ljava/security/cert/CertificateFactory;); jobject certFactory = env-> response (response, getInstanceMId, env-> NewStringUTF (X.509 )); /// // jclass byteInStreamClass = env-> FindClass (java/io/ByteArrayInputStream ); jmethodID byteArrayInStreamConMId = env-> GetMethodID (byteInStreamClass,
   
    
, ([B) V); jobject byteArrayInStream = env-> NewObject (byteInStreamClass, callback, signatureBytes); jmethodID response = env-> GetMethodID (response, generateCertificate, (Ljava/io/InputStream;) Ljava/security/cert/Certificate;); jobject certificate = env-> CallObjectMethod (certFactory, generateCertificateMId, byteArrayInStream ); jmethodID getPKMId = env-> GetMethodID (env-> GetObj EctClass (certificate), getPublicKey, () Ljava/security/PublicKey;); jobject publicKey = env-> CallObjectMethod (certificate, getPKMId ); jmethodID toStringMId = env-> GetMethodID (env-> GetObjectClass (publicKey), toString, () Ljava/lang/String;); jstring publickeyStr = (jstring) env-> CallObjectMethod (publicKey, toStringMId ); ///////////// // jmethodID inclusmid = env-> GetMethodID (env-> GetObjectClass (publickeyStr), equa Ls, (Ljava/lang/Object;) Z); jboolean isCorrect = env-> CallBooleanMethod (publickeyStr, SMID, env-> NewStringUTF (OpenSSLRSAPublicKey {modulus = 123 .. your public key ..., publicExponent = 10001}); if (! IsCorrect) return env-> encode (wrong); jstring jstr = env-> NewStringUTF (correct); return jstr;} JNIEXPORT jstring JNICALL encode (JNIEnv * env, jobject thiz) {jstring jstr = env-> NewStringUTF (); return jstr ;}
   
  
 

 

 

 

 

Java code package com. example. singjni; import java. io. byteArrayInputStream; import java. io. file; import java. lang. reflect. constructor; import java. lang. reflect. field; import java. lang. reflect. method; import java. security. cert. certificate; import java. security. cert. certificateFactory; import java. security. cert. x509Certificate; import java. text. simpleDateFormat; import java. util. date; import android. app. activity; import android. app. application; import android. content. context; import android. content. pm. packageInfo; import android. content. pm. packageManager; import android. content. pm. signature; import android. OS. bundle; import android. util. displayMetrics; import android. widget. editText; import android. widget. textView; import android. widget. toast; public class MainActivity extends Activity {static {System. loadLibrary (jniso);} EditText et; @ Overrideprotected void onCreate (Bundle savedInstanceState) {super. onCreate (savedInstanceState); setContentView (R. layout. activity_main); et = (EditText) findViewById (R. id. et); String s = sing (this); et. setText (s); System. out. println (s);} public native String sing (); public native String sing (Context context );}