I am using the "org.simalliance.openmobileapi.jar" file from SDK. I copied it to my libs folder and added the dependency like this
Case #1: working fine (in debug mode)
In app Gradle file I have:
provided files('libs/org.simalliance.openmobileapi.jar')
Case #2: not working (in release mode - without minifyEnabled)
In app Gradle file I have:
compile files('libs/org.simalliance.openmobileapi.jar')
In case #2 I get the following exception:
(java.lang.SecurityException: Access Control Enforcer: no APDU access allowed!)
What could cause the problem?
First of all, you need to use the "provided" scope in your build.gradle file for both your debug and your release build:
dependencies {
[...]
provided files('libs/org.simalliance.openmobileapi.jar')
}
UPDATE
"provided" is obsolete and has been replaced with "compileOnly", so for current gradle versions, you need to use (as commented by TT):
dependencies {
[...]
compileOnly files('libs/org.simalliance.openmobileapi.jar')
}
Moreover, you need to have a uses-library entry in your AndroidManifest.xml:
<uses-library android:name="org.simalliance.openmobileapi"
android:required="true" />
However, since you got a SecurityException with the reason "Access Control Enforcer: no APDU access allowed!", this is a clear indication that linking to and using the system-provided Open Mobile API library worked as expected and that you successfully connected to the SmartcardService system service on your device. Consequently, you seem to have your build working as expected.
Therefore, the SecurityException already clearly tells you what the problem is:
Access Control Enforcer: no APDU access allowed!
This means that the access control list on the secure element is not properly configured. Since your debug build works, you probably did register the certificate for your debug environment with the ARA applet (and/or the ARF file) on the secure element. However, release builds are not signed with that same debug keys (certificate). Instead, they are signed with the release keys (certificate) that you chose when selecting "Generate Signed APK..." in Android Studio. Therefore, you have two options:
Add the release certificate to the list of allowed applications for your applet on the secure element.
Change access conditions on the secure element to ALLOW ALL in order to allow access to any applet from any device app.
Depending on your secure element, you would typically need to update the ARA (GlobalPlatform Access Control) applet (AID A00000015141434C00) or the access rules file (ARF) located in a PKCS#15 application (AID A000000063504B43532D3135) or in the SIM file system with the new access conditions.
Related
I am new to programming generally please I need some help!
My app was installing successfully after every update until i decided to add the 'com.github.PhilJay:MPAndroidChart:v3.1.0-alpha' library to the app because i need the user to be able to view some data in form of statistical charts.
The library was synced successfully and have used packages and classes therein successful. But when i try to install the app in my android device it returned this error:
Installation failed with message Failed to commit install session 590492354 with command cmd package
install-commit 590492354. Error: INSTALL_FAILED_MISSING_SHARED_LIBRARY: Package couldn't be installed in
/data/app/com.cenitscitech.www.etimebook-jOP-jv2YuNu7_8qnkfqp-A==: Package com.cenitscitech.www.etimebook requires unavailable shared library com.google.android.things; failing!.
It is possible that this issue is resolved by uninstalling an existing version of the apk if it is present, and then re-installing." I have pasted a screenshot here:
I uninstalled the existing version of the apk, cleared some memory space but keep on getting the same message! What should I do next please?
You are most likely installing on a device that is not an Android Things device. I suspect the library you added either has some transitive dependency on com.google.android.things, or something else changed in your project.
To get around this, you must do the following 2 things:
1. Mark that Android Things is not required on the device in your AndroidManifest.xml file:
<uses-library
android:name="com.google.android.things"
android:required="false"
tools:replace="android:required" />
(tools:replace is not strictly required, but it just there in case something in the manifest merge process overrides your setting.)
2. In your app's code, before making any calls to the Things APIs, make sure that they are available on the current device. This can be tested with the following code snippet:
public boolean isThingsDevice(Context context) {
final PackageManager pm = context.getPackageManager();
return pm.hasSystemFeature(PackageManager.FEATURE_EMBEDDED);
}
Only doing 1 should fix the install problem, but your app will crash if you make any Things API calls on a device that isn't an Android Things device.
Had a look in the com.github.PhilJay:MPAndroidChart:v3.1.0-alpha repository and did not find any reference to com.google.android.things inside the source code.
You need to remove the below entry in case it's found in the AndroidManifest.xml of your app for it to work on your device again:
<uses-library android:name="com.google.android.things" />
I want to ask if there is a possibility to debug a release apk without having source code and how we can prevent user to do this action ?
I thought that I can't debug an apk without a source code ( manifest has by default android:debuggable="false") until I sent it to a client and he asks me to disable debuggable mode because he got this issue . I try to reproduce the problem and I'm thinking if he did a reverse engineering.
You can debug an already signed APK with a number of different tools. Most approaches would be considered a form of reverse engineering. At a high level, a common approach (for dynamic "live" debugging) would be to:
Use APKTool to enable debugging via the property in the AndroidManifest.xml. Align and sign the newly modified APK.
Use ADB to push the new "debuggable" APK to the device/emulator.
Use a debugger such as GDB (NDK includes a gdbserver with the arm toolchain).
It's worth mentioning that static analysis can be an option too, whereby the APK could be unpacked and decompiled to SMALI/Java.
There are a number of tools available to help reverse and debug APK's. Some I use frequently are; dex2jar, JDGUI, APK Studio, JEB, IDA Pro, VisualGDB.
You can debug APKs without having source code, using Android Studio 3.0 and higher
First make sure to Enable Debugging
To start debugging an APK, click Profile or debug APK from the Android
Studio Welcome screen. Or, if you already have a project open, click
File > Profile or Debug APK from the menu bar. In the next dialog
window, select the APK you want to import into Android Studio and
click OK.
Some prevention tricks against debugging:
1. Checking the Debuggable Flag in ApplicationInfo
The android:debuggable flag in the Android Manifest determines whether the JDWP thread is started for the app. Its value can be determined programmatically, via the app's ApplicationInfo object. If the flag is set, the manifest has been tampered with and allows debugging.
public static boolean isDebuggable(Context context){
return ((context.getApplicationContext().getApplicationInfo().flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0);
}
2. isDebuggerConnected
The Android Debug system class offers a static method to determine whether a debugger is connected. The method returns a boolean value.
public static boolean detectDebugger() {
return Debug.isDebuggerConnected();
}
The same API can be called via native code by accessing the DvmGlobals global structure.
JNIEXPORT jboolean JNICALL Java_com_test_debugging_DebuggerConnectedJNI(JNIenv * env, jobject obj) {
if (gDvm.debuggerConnected || gDvm.debuggerActive)
return JNI_TRUE;
return JNI_FALSE;
}
3. APK Signatures check
If APK is resigned, its signature would have changed. Check that against your original APK signature.
we can not debug apk.
You can check only logs if used for release build.
open Android Monitor in android studio at the bottom
and select No Filter from drop down appears at top-left.
You will be able to see logs of released .apk
I want to use open alpr (automatic licences plate recognition) library in my android project. I compiled everything successfully and now it is time to use open alpr in app but...
to create Alpr class object properly I have to provide path to config file and path to runtime_data folder which contains some mandatory files needed by open alpr (ocr and trained data).
I tried something like:
Alpr alpr = new Alpr("eu", "android_assets/alpr.conf", "android_assets/runtime_data");
but Alpr.isLoaded() returns false which means that config or runtime_data have not been found.
Path to assets folder in project is: src/main/assets.
Can someone explain to me how path to "runtime_data" directory and "alpr.conf"
should looks to be visible by open alpr?
Thanks in advance.
I am not familiar with the specific library, but on newer Android devices (Android 6 and up), you can not rely on your application files residing under /data/data/your.package.name
The actual library name still includes the package name of your app, but also has some identifier appended to it in base64 format.
This identifier is unique per installation, and it will change if you uninstall and reinstall the app on the same device.
So, if your library needs to use a configuration file with a path to some other files, there are 2 options:
The right way:
Get the real address of your application files folder using Context.getFilesDir().
Unpack you files from the assets folder of the APK on the device using AssetManager.
Programmatically rewrite your configuration file with the path returned by getFilesDir().
The "hacky" but simpler way:
Use public storage to unpack your files.
You will need to add WRITE_EXTERNAL_STORAGE permission to your app, and unpack the assets files to the external storage.
For backwards compatibility this will be available under /sdcard folder on most Android devices, even with the latest Android version.
The second method is not recommended since using /sdcard directly is deprecated and strongly discouraged by Google.
Also, not all Android devices have /sdcard link to their public storage, but this is the only way to avoid dynamically editing the configuration file after installation.
Important note before you start implementing those steps. This library supports only arm CPU architecture. Good news is, most probably, your physical device is using arm architecture but to make sure just double-check it before implemting those steps.
I've recompiled this library to a new wrapper library. In original library, you need to manually configure openalpr.conf file and edit its content with correct path to your data directory. Manual configuration is cumbersome because since Android 5 multiple user accounts is supported and we can't simply hardcode data directory as /data/data/com.your.packagename/..... Because every user gets their symlink to data directory as /data/user/0/com.your.packagename/..... All those manual steps are gone in recompiled wrapper library.
Implementation
Add this in your root build.gradle at the end of repositories:
allprojects {
repositories {
...
maven { url 'https://jitpack.io' }
}
}
Add the dependency into app module:
dependencies {
...
implementation 'com.github.mecoFarid:openalpr:1.0.0'
}
And you're done. Please check this sample app to get started with UI.
Troubleshooting:
If your target sdk is targetSdkVersion >= 24 and you're running your app on a device with Android API 24+ you'll get following error:
android.os.FileUriExposedException: file:///storage/emulated/0/OpenALPR/2019-09-21-01-32-13.jpg exposed beyond app through ClipData.Item.getUri()
To solve this error: you can add following lines into onCreate() of your Activity as a workaround or you may use this thread for offical solution:
if(Build.VERSION.SDK_INT>=24){
try{
Method m = StrictMode.class.getMethod("disableDeathOnFileUriExposure");
m.invoke(null);
}catch(Exception e){
e.printStackTrace();
}
}
TEST:
You can use this image to test your app.
"/data/data/yourpackagename" + File.separatorChar + "runtime_data"
+ File.separatorChar + "openalpr.conf";
I am attempting to white label my app by changing my Android Application Project into an Android Library Project and then importing the library into a new Android Application Project.
I am running into a problem with the fact that my app (read: Library Project) contains a ContentProvider.
When I attempt to install my new Android Application Project onto an emulator, console tells me:
[2014-01-24 13:35:39 - WhitelabelTest] Installation error: INSTALL_FAILED_CONFLICTING_PROVIDER
[2014-01-24 13:35:39 - WhitelabelTest] Please check logcat output for more details.
[2014-01-24 13:35:39 - WhitelabelTest] Launch canceled!
According to the logcat:
01-24 13:38:52.217: W/PackageManager(58): Can't install because provider name com.myapp.app.db.providers.MyProvider (in package com.example.whitelabeltest) is already used by com.myapp.app
01-24 13:38:52.227: W/PackageManager(58): Package couldn't be installed in /data/app/com.example.whitelabeltest-2.apk
Does this simply mean you cannot have both applications installed on the same device because they use the same ContentProvider? Or is there a way around this? Do I need to create a new ContentProvider in my new Android Project with a new name instead?
Here is the Provider as listed in my WhitelabelTest project's Manifest:
<provider
android:name="com.myapp.app.db.providers.MessagesProvider"
android:authorities="com.myapp.app.db.providers.MessagesProvider"
android:exported="false" />
I attempted to change the name parameter with the same result.
Does this simply mean you cannot have both applications installed on the same device because they use the same ContentProvider?
You cannot have both applications installed on the same device because they both attempt to declare the same authority (in android:authorities) in a <provider>. There can only be one provider for a given authority.
This is similar to how you cannot have two apps installed with the same package.
Do I need to create a new ContentProvider in my new Android Project with a new name instead?
I'd start by considering whether a ContentProvider is necessary, and perhaps drop it if it is not.
Otherwise, the implementation of the ContentProvider can be the common one from the library project. However, the android:authorities must be unique, and therefore any clients of that ContentProvider need to know the right authority to use to reach the right provider.
I have an XML file that contains some config data for my Android App. In it there is config info that can be used for development and production. E.g. the link to our api can be set as follows:
For production:
<api>api.example.com</api>
For development:
<api>dev.example.com</api>
I keep this config file under /assets/app-config.xml
It is quite a hassle to keep having to remember which setting I have in the XML. Is there a way to automatically configure eclipse/ android so that it uses the production for runtime (export etc.) and the development when in debug mode.
Define multiple resources and use BuildConfig.DEBUG to conditionally get a resource or another:
<string name="url_api">api.example.com</string>
<string name="url_api_dev">dev.example.com</string>
When extracting the resource:
getString(BuildConfig.DEBUG ? R.string.url_api_dev : R.string.url_api);
This constant is set to true as long as you run from Eclipse. When you select the Export Signed Application Package option, it will be set to false.
If you use this method, it is a good idea to be aware of this bug.
Customize your build using ANT
Please refer the following link for more information
http://playaprogrammer.blogspot.com/2013/01/android-build-configuration-tutorial.html
I use this to create test and production builds from single source. You can have different configurations for development, QA, Production...