-
I have no longer supported
AES algorithms. If still need it, you can check out tag: v2.2. -
Use CHACHA20 instead of AES. I have to mention that TLS1.3 use CHACHA20 on mobile device too. It is high-performance for ARM architecture.
-
Hide native function in JniOnload
-
Use signature verification to avoid being packaged again (It is prevents that hacker call your jni method directly.)
-
key exists in the symbol table, and hides the character table. This method has been deprecated due to discard reason issues5 -
Get the key from a complex function, to hide the key, current function is a simple solution. (Complex solution: divide the Key into several pieces, store them in different C files, and finally splicing them together. This function should be complicated to write and increase the decompiling difficulty.)
-
Use "obfuscator" to confuse C code, how to deobfuscate it?
-
Supporting x86 of obfucation. A link at the bottom is tutorial for configuring obfucator.
-
Anti-debugging. Currently, I put a simple solution into code but there are complicated and sophisticated solutions. I recommand determining whether it is traced in every encryption and decryption. You can add other complicated algorithm in your fork.
-
Detecting device is emulator in runtime : That feature comes from my another repo Check_Emulator_In_NDK
-
TODO: Prevent SO file injecting from hacker.
click to expand.
- preparation:
run the shell : aesjni/src/main/jni/build_libsodium_for_all_android_abi.sh
- click run app from Android Studio to look at logcat.
click to expand.
a. generating a chacha20 key:run test_in_exexutaing.sh
, and look at logcat. It will generate key and nonce. You can paste it into JNIEntry.c.
b. Set ndk.dir in local.properties. Some versions of NDK I have not tested. Maybe you will encounter build errors from that.
c. As you integrating it into the project, please modify class names and method names, don't expose the name of encryption algorithm, modify the C function of key storage from my code.
d. Generate and modify signatures.
d.1. Generate keystore file(You shoul jump this step in case you already have keysotre.)
# my generate record:
mkdir keystore
cd keystore/
keytool -genkey -alias client1 -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -storetype PKCS12 -keystore ./androidyuan.keystore
d.2. Modify hash
of your keystore and pkg-name
in check_signature.h.
As you obtaining the hash, you should use this medthod: getSignature(), to get.
Please copy the keystore hashcode and package name into check_signature.h
.
Size of confused SO file may be three times the size of original SO file. If the size bother you, you can disable obfscator-lvvm. It is unnecessary.
Because you need to do signature verification, I can't provide jcenter dependencies, pls forgive me!
Even though these code is very safe, I still against storing key in code.
To confuse native code, you need to modify the externalNativeBuild
in the aesjni/build.gradle
and configure the Obfuscator-LLVM under the NDK.
This is my NDK configuration obfuscator tutorial: Obfuscator-LLVM-4.0-BUILD-NDK.
In another way, you can build it on docker. Maybe you think configurating Obfuscator-LLVM is really difficult. I recommend using docker : github.com/nickdiego/docker-ollvm.
How do other languages work together with encryption and decryption?
If you got a crash, you can look into FigureOutJNICrash.md to find where code crash at.
If you live in China, you should take care of checking apk signature. In this code, I use PackageManger that may be misunderstood to collect list of installed apps. You should look at 工信部整治八项违规.
In case you would like to add information to this repository or suggest some ideas, please use one of the following options:
- Create an Issue.
- Send me Pull Requests
https://github.com/larry19840909
https://github.com/baoyongzhang
Libsodium Algorithm from: https://github.com/jedisct1/libsodium
Native code obfuscator: obfuscation-o-llvm-ndk