I've made a .so file using in Android to encode/decode some private string , but I found it's easy to decrypt the .so file by using ida ,and easy to debug with some reverse engineering software.How to encrypt the .so file ? How to use the encrypted .so file in java?
You can't. A .so file is instructions to be used by the client processor. You can leave it encrypted until you need it, but before using it you have to unencrypt it so it can be put unencrypted in memory where the processor can access it. An encrypted .so file would need an entirely new type of architecture from the processor, to the motherboard, to RAM. And even then the client would have to have the decryption keys, which basically means you need a cryptographically secure system with all code encrypted by keys controlled by the processor OEMs. Which you don't want.
Related
I need to encrypt the zip file (generated from 5-6 files of size 50 MB) which are created by the android native service written in C++.
After doing google learned that there are some open source libs which can help to do the encryption. But I would like to know if there is any inbuilt support to achieve the encryption.
Code flow : Read log files create a custom logs and write to the desired location, zip and encrypt the files
Note : even if i can compress the file with password protection is enough for me.
Sorry, there is no standard Java mechanism to password protect a zip file. You will have to use a third party library.
I have use AES encryption to secure my data in sdcard.It work fine but take some time to decrypt mp3 file as file size is large.
when I checked file stored in other application like whats-app ,Facebook etc.. it is encrypted in different way.
Is there is any other option which I can apply to secure my files in sdcard. Please help me.
First, I will start my mentioning that you should evaluate files size and encryption/decryption time versus file importance. For example, we may want a 500mb file be only accessible by our application through Android, in which case we can set the required permissions. Because this file is not that important for us, we may decide not to encrypt it and encrypt the small and important files.
This said, I would suggest looking into faster/less reliable encryption schemes which will produce faster results. Following that you mentioned Facebook, you can look at Conceal, an open source framework developed by Facebook.
I have an APK packaged with encrypted classes.dex file while the assets(image, text, etc.) are not encrypted.
Say that for me Protection of decryption key is not a problem, can I use JNI to decrypt the dex file into a bytearray and than load it?
You can, if you're willing to write a custom DexClassLoader to load the class from the decrypted byte array *. But why do you need JNI? You could perform the decryption in the class loader itself.
EDIT
*) Unlike the JDK, Android currently does not support loading classes from a byte array. You will need to write the decrypted class data to a temporary file, and load it from there.
I am currently working on a project that involves ssl communication. So, I want to copy my bks file to the device' s internal memory and access it afterwards. I am using a specific library for communication and I have to provide the bks file' s full path as a parameter to this library. Where should I put this bks file? Into the raw or assets folder or somewhere else? From which uri can I access this file? (In windows I am giving it C:\keys\blah.bks, so I have to give a similar uri like /data/data/com.example.exampleapplication/my_app/blah.bks or something like this.) How is this achieved in Android system?
Thanks in advance
Store it in the assets folder of your app.
but consider encrypting it and letting your program decrypt it, since files in the assets folder are user accessible
My android application is configurable using an external XML file present in the SD Card. The changes in the configuration requires a new XML file to be copied in that location. This XML file needs to be encrypted. So if the user request a new config for the app, the steps would be:
New XML file is generated for desired configuration.
File is encrypted using some standard encryption utility.
The file is sent to client/user.
Client copies the file to SD Card, and starts my app.
My application opens the file, decrypt it, read the content and delete the file.
I need help in step 2 and 5. Which standard tool I can use to encrypt my XML file (Should use some standard encryption algo) and secondly how the file can be decrypted in my android app. I am looking into java crypto package.
You can use this:
Android encryption
Beware as you should salt your encryption key with something not stored on the app (coming from a server for example) so that by reverting the APK to code you couldn't read the file anyway.