How to encrypt Android apk and Androidapk

Source: Internet
Author: User
Tags pkware

How to encrypt Android apk and Androidapk

After a busy week, I finally had time to wait and write something. We will continue to introduce another method to prevent decompilation of android apk. The first two articles we talked about shelling Technology (http://my.oschina.net/u/2323218/blog/393372) and runtime modification bytecode (http://my.oschina.net/u/2323218/blog/396203 ), if you do not understand, check the introduction of these two technologies in the first two articles of my blog. Next we will introduce another simple and applicable technology to prevent apk decompilation-pseudo encryption.

 

I. Principles of pseudo-Encryption

We know that android apkis essentially a zip package. We can change the android app extension .apkto. Zip to easily decompress the android app with the decompression software. In daily life or work, we usually encrypt our files to protect them in a compressed manner. This method is also applicable to android apk. The principle is very simple. There is a bit in the zip file format to indicate whether the files in the zip file are encrypted. We only need to set this flag bit to 1 to achieve our goal. Android PackageManagerService does not care about this encrypted Bit During apk installation (we will call it this for the time being) it can be installed normally without affecting the running of apk.

 

Ii. zip file format

The zip file format consists of three parts: compressed file source data, compressed directory source data, and directory end ID. The three parts are related to the encrypted bit, which is the compressed directory source data section. Next we will introduce this part in detail.

The compressed directory source data records all the compressed directory source data. Its structure is as follows:

Central directory file header

 

Offset

Bytes

Description [18]

Translation

Limit 0

4

Central directory file header signature = 0x02014b50

Core directory file header id = (0x02014b50)

Limit 4

2

Version made

Pkware version used for compression

Limit 6

2

Version needed to extract (minimum)

Extract the minimum pkware version

Listen 8

2

General purpose bit flag

Common bits

10

2

Compression method

Compression Method

12

2

File last modification time

Last file modification time

14

2

File last modification date

Last file modification date

16

4

CRC-32

6) CRC-32 Algorithm

20

4

Compressed size

Size after compression

24

4

Uncompressed size

Uncompressed size

28

2

File name length (n)

File Name Length

30

2

Extra field length (m)

Extended domain Length

32

2

File comment length (k)

File comment Length

34

2

Disk number where file starts

Disk number at the beginning of the file

36

2

Internal file attributes

Internal file attributes

38

4

External file attributes

External file attributes

42

4

Relative offset of local file header. this is the number of bytes between the start of the first disk on which the file occurs, and the start of the local file header. this allows software reading the central directory to locate the position of the file inside the ZIP file.

The relative displacement of the header of the local file.

46

N

File name

Directory file name

46 + n

M

Extra field

Extended domain

46 + n + m

K

File comment

File comment content

 

If the first bits of the General purpose bit flag part in this structure are set to 1, the compressed package is encrypted; if it is set to 0, the compressed package is not encrypted.

 

Iii. Implementation

We can use the jar package ZipCenOp. jar to encrypt and decrypt the apk (or use python to perform this operation. We will not introduce it here ).

(1) encrypt the apk

After encryption, we use the decompression software for decryption and will see the following prompt information:

 

If you use apktool for decompilation, the following error message is displayed:

The encrypted apk can be installed and run normally.

 

(2) decrypt the apk

 

Decryption is not very useful for us, just to understand.

 

I believe that you have some knowledge about the pseudo-encryption technology of apk, but this method is not applicable to android 4.2.x and later versions. It will reject the installation of this encrypted apk. In the next article, we will introduce another android apk anti-decompilation technology. We are looking forward to your support.

Thank you for reading this article. We look forward to seeing you next time:


If you have any questions about the technology mentioned in this article and want to obtain the technical tools described in this article, you will get the article updated immediately. Every day, you will publish an original article about the technology, share more technical information.

Welcome to personal public platform: programmer InterAction alliance, scan the QR code below or search for coder_onlineYou can pay attention to it and help you solve technical difficulties online and solve problems for Daniel..

 

From: http://my.oschina.net/u/2323218/blog/399326

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.