[x] I have no longer supported
AES algorithms. If you still need it, check out tag: v2.2.
[x] Use CHACHA20 instead of AES. TLS1.3 has used CHACHA20 on mobile device too. It is high-performance for ARM architecture.
[x] Hide native function in JniOnload
[x] Use signature verification to avoid being packaged again (It is prevents that hacker call your jni method directly.)
key exists in the symbol table, and hides the character table. This method has been deprecated due to discard reason issues5
[x] Get the key from a complex function, to hide the key, current function is a simple solution. (Complex solution: divide the Key into several pieces, store them in different C files, and finally splicing them together. This function should be complicated to write and increase the decompiling difficulty.)
[x] Use "obfuscator" to confuse C code, how to deobfuscate it?
[x] Supporting x86 of obfucation. A link at the bottom is tutorial for configuring obfucator.
[x] Anti-debugging. Currently, I put a simple solution into code but there are more complicated and more sophisticated solutions. I recommand determining whether it is traced in every encryption and decryption. You can add other complicated algorithm in your fork.
[x] Detecting device is emulator in runtime : The code comes from my another repo Check_Emulator_In_NDK
[ ] TODO: Prevent SO file being code injected
run the shell :
test_in_exexutaing.sh, and look at logcat. It will generate key and nonce. You can paste it into JNIEntry.c.
b. Set ndk.dir in local.properties. Some versions of NDK I have not tested. Maybe you will encounter build errors from that.
c. As you integrate into the project, please modify class name and method name, don't expose the name of encryption algorithm, modify the C function of key storage from my code.
d. Generate and modify signatures.
d.1. Generate keystore
# my generate record: mkdir keystore cd keystore/ keytool -genkey -alias client1 -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -storetype PKCS12 -keystore ./androidyuan.keystore
hash of keystore and
pkg-name in check_signature.h.
hash which you can use this medthod: getSignature(),
Please copy the keystore hashcode and package name into
Confused SO file is three times the size of original SO file. If the size bother you, you can disable obfscator-lvvm. It is unnecessary.
Because you need to do signature verification, I can't provide jcenter dependencies, pls forgive me!
Even though these code is very safe, I still against storing key in code.
To confuse native code, you need to modify the
externalNativeBuild in the
aesjni/build.gradle and configure the Obfuscator-LLVM under the NDK.
This is my NDK configuration obfuscator tutorial: Obfuscator-LLVM-4.0-BUILD-NDK.
And if you think configurating Obfuscator-LLVM is really difficult, I recommend using docker : github.com/nickdiego/docker-ollvm.
If you encounter crash, you can look into FigureOutJNICrash.md to find where code crash at.
In case you would like to add information to this repository or suggest some ideas, please use one of the following options:
libsodium Algorithm from: https://github.com/jedisct1/libsodium
Native code obfuscator: obfuscation-o-llvm-ndk