生活随笔
收集整理的這篇文章主要介紹了
(转) android so 文件存私密数据,且防止 so文件未知应用盗用
小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
?
android so 文件存私密數(shù)據(jù),且防止 so文件未知應(yīng)用盜用
?
?
? ? ? ?有時(shí)候我們需要在客戶端 存放一些 保密的數(shù)據(jù),比如 服務(wù)端的IP 端口,接口的地址,授權(quán)的key 等等,如果我們直接寫(xiě)在java中,別人反編譯就能看到,那么我們可以把這些數(shù)據(jù) 存在 ?so文件中,這樣別人就不可能會(huì)看到了,順便 so里面驗(yàn)證 app的簽名 來(lái)防止別人盜用so文件,
下面的例子是 在so里面獲取我的客戶端key
?
1.jni的java文件 ? JNI.java
?
[java]?view plain?copy package?com.android.jni;????import?android.content.Context;????public?class?JNI?{?????????static{???????????System.loadLibrary("auth");???????}???????????????????public?native?String?getAuthKey(Context?context);?????????}?? ?
?
[java]?view plain?copy ? ?? 2. .h頭文件 ?com_android_jni_JNI.h
?
?
[cpp]?view plain?copy #include?<jni.h>????#ifndef?_Included_com_android_jni_JNI??#define?_Included_com_android_jni_JNI??#ifdef?__cplusplus??extern?"C"?{??#endif??JNIEXPORT?jstring?JNICALL?Java_com_android_jni_JNI_getAuthKey????(JNIEnv?*,?jobject,?jobject);????#ifdef?__cplusplus??}??#endif??#endif?? ?
3. so的 c++實(shí)現(xiàn) ?com_android_jni_JNI.cpp
?
?
?
[cpp]?view plain?copy ? #include?<jni.h>??#include?<string.h>??#include?<stdio.h>??#include?<com_android_jni_JNI.h>??const?char*?AUTH_KEY?=?"0CC175B9C0F1B6A831C399E269772661";????const?char*?RELEASE_SIGN?="3082030d308201f5a0030201020204163677d7300d06092a864886f70d01010b05003037310b30090603550406130255533110300e060355040a1307416e64726f6964311630140603550403130d416e64726f6964204465627567301e170d3134303131343035333835315a170d3434303130373035333835315a3037310b30090603550406130255533110300e060355040a1307416e64726f6964311630140603550403130d416e64726f696420446562756730820122300d06092a864886f70d01010105000382010f003082010a02820101008f02a948189bfa0134bdb17155061a4b62956c08881eac87b39f0a0acf1c808596100b09a16600f5567e5504f035f1deadc1dcc93fa93b930f78ac9a55ee961283458d66d3775e612e4eb5f5076bf06aeabb6e285400e89dd6e1327a52b4739a91d04d7288bc64c336b7776efe0b6341913d655943ffc9da4b8ba157a52f7790a815bf0cc693dd684209a07290b9c8d4220c8f56c00c25bee78500231213adba58b3c2c9e95951308dfab9edc4f9744fe6c99b3311b54971210db4c2e8a5d518def97535a69170827d6c14bd8a822a0d1b179a3633178db16376a9596df91c595b8cb3d3a916b0f10d029a0aad3b345a7ad54e85f2547686f612b62a010d7dd90203010001a321301f301d0603551d0e04160414f7c342dca7f916bb77312bb517105732c5e96328300d06092a864886f70d01010b0500038201010010b1bb9c29118a7eb15193ef15d40bafd4338526b200511f0e348e5c93eb9cbdf9330163cba183022572513dc7dac14cbd384c116bfc2c3d5efc9f545c3972ec8ce32908eb4e54a6940774ac569d682c188388380d60ed1904ecca4f4bf6bdcacd8be71557f1133c2fd5bcc2577fde19adef54cb91e02e635b47e6a6bfb1f46a5956259a10c61727e70cd8595fd632d4ed6c588dcb089967f164090aa89050911fd70eb1f7ccacd4d7b75c0b5ecd2bb84709b16176b9ac21f8bb25a970f65105af7939057cbf616abf5e9617f1ef87e39d16e458b278cbdc4f9ccb5d8e0c69719a5fae55bdd786b7b59c4a37a205972de1b0f3d4e8877267bad8f28ab09800f2";????static?jclass?contextClass;??static?jclass?signatureClass;??static?jclass?packageNameClass;??static?jclass?packageInfoClass;??JNIEXPORT?jstring?JNICALL?Java_com_android_jni_JNI_getAuthKey(??????????JNIEnv?*?env,?jobject?obj,?jobject?contextObject)?{????????jmethodID?getPackageManagerId?=?(env)->GetMethodID(contextClass,?"getPackageManager","()Landroid/content/pm/PackageManager;");??????jmethodID?getPackageNameId?=?(env)->GetMethodID(contextClass,?"getPackageName","()Ljava/lang/String;");??????jmethodID?signToStringId?=?(env)->GetMethodID(signatureClass,?"toCharsString","()Ljava/lang/String;");??????jmethodID?getPackageInfoId?=?(env)->GetMethodID(packageNameClass,?"getPackageInfo","(Ljava/lang/String;I)Landroid/content/pm/PackageInfo;");??????jobject?packageManagerObject?=??(env)->CallObjectMethod(contextObject,?getPackageManagerId);??????jstring?packNameString?=??(jstring)(env)->CallObjectMethod(contextObject,?getPackageNameId);??????jobject?packageInfoObject?=?(env)->CallObjectMethod(packageManagerObject,?getPackageInfoId,packNameString,?64);??????jfieldID?signaturefieldID?=(env)->GetFieldID(packageInfoClass,"signatures",?"[Landroid/content/pm/Signature;");??????jobjectArray?signatureArray?=?(jobjectArray)(env)->GetObjectField(packageInfoObject,?signaturefieldID);??????jobject?signatureObject?=??(env)->GetObjectArrayElement(signatureArray,0);????????const?char*?signStrng?=??(env)->GetStringUTFChars((jstring)(env)->CallObjectMethod(signatureObject,?signToStringId),0);??????if(strcmp(signStrng,RELEASE_SIGN)==0)????{?????????return?(env)->NewStringUTF(AUTH_KEY);??????}else??????{?????????return?(env)->NewStringUTF("error");??????}????}??????JNIEXPORT?jint?JNICALL?JNI_OnLoad?(JavaVM*?vm,void*?reserved){?????????JNIEnv*?env?=?NULL;???????jint?result=-1;???????if(vm->GetEnv((void**)&env,?JNI_VERSION_1_4)?!=?JNI_OK)?????????return?result;?????????contextClass?=?(jclass)env->NewGlobalRef((env)->FindClass("android/content/Context"));???????signatureClass?=?(jclass)env->NewGlobalRef((env)->FindClass("android/content/pm/Signature"));???????packageNameClass?=?(jclass)env->NewGlobalRef((env)->FindClass("android/content/pm/PackageManager"));???????packageInfoClass?=?(jclass)env->NewGlobalRef((env)->FindClass("android/content/pm/PackageInfo"));?????????return?JNI_VERSION_1_4;???}?? 關(guān)于如何獲取正式keystone簽名的問(wèn)題
先打一個(gè)正式的包,代碼里面獲取到簽名,然后再log里面打印出來(lái),copy到cpp文件里面編譯so即可,下面是android里面獲取簽名字符串的代碼
?
[java]?view plain?copy public?static?String?getSignature(Context?context)??????{??????????try?{??????????????????????????PackageInfo?packageInfo?=?context.getPackageManager().getPackageInfo(context.getPackageName(),?PackageManager.GET_SIGNATURES);??????????????????????????Signature[]?signatures?=?packageInfo.signatures;??????????????????????????return?signatures[0].toCharsString();??????????????????????}?catch?(NameNotFoundException?e)?{??????????????e.printStackTrace();??????????}????????????????return?null;??????}???????? ?
轉(zhuǎn)載于:https://www.cnblogs.com/VindyLeong/p/5363667.html
總結(jié)
以上是生活随笔為你收集整理的(转) android so 文件存私密数据,且防止 so文件未知应用盗用的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò),歡迎將生活随笔推薦給好友。
