java - NDK application Signature Check -


i have security key in application. want store securly. store in native shared library (maybe generated code). after want returned method check signature of original apk. no 1 can use file except trusted applications. know, ndk library decompiled, harder make reverse engineering of native code java .class files.

question:

  1. is there way calk signature of origin apk native code (c/c++)?
  2. how can make sure library called trusted application?

i try answer first question here:

signature of application stored in dex(dalvik executable) file of apk. dex files have following structure:

  1. header
  2. data section(contains strings, code instructions, fields, etc)
  3. arrays of method identifiers, class identifiers, etc

so, beginning of header of dex file:

  1. dex_file_magic constant - ubyte[8]
  2. adler-32 checksum of application(except dex_file_magic , checksum itself) - uint
  3. sha-1 signature of application(except of dex_file_magic, checksum , hash itself) - ubyte[20]

so, calk signature of apk, should compute sha-1 signature of dex file starting offset 32.

to access dex file of apk native code, can read process memory, stored in /proc/self/maps:

file *fp; fp = fopen("/proc/self/maps", "r");

each row in proc/$id/maps file has following structure:

  1. address
  2. permissions
  3. offset
  4. device
  5. inode
  6. pathname

here can find better description of proc/$id/maps file's structure: understanding linux /proc/id/maps

to detect location of dex file in process memory should check out 'pathname' column in every row of proc/self/maps file. when row corresponding dex file found, should starting , ending addresses of dex file region:

while (fgets(line, 2048, fp) != null) {     // search '.dex'     if (strstr(line, ".dex") != null) {         // starting , ending addresses of dex file region

so, when have starting , ending addresses of apk's bytecode, able compute signature of apk.


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more

Website Login Issue developed in magento -

i have website developed using magento . able login. right now, login failed. infact operations interacts user table failing. need know issue. how figure out? first clear try clear log file second make sure have not upgraded magento and 3rd make sure db accessible in magento -harry p
Read more