一.混淆
之前的文章有介绍
二.配置防止抓包
okHttpClient = new OkHttpClient.Builder()
.proxySelector(new ProxySelector() {
@Override
public List<Proxy> select(URI uri) {
return Collections.singletonList(Proxy.NO_PROXY);
}
@Override
public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
}
})
三.加固
四.判断证书正确性
4.1 获取当前证书sha
public static String getCertificateSHA1Fingerprint() {
String hexString = "";
PackageManager pm = TUILogin.getAppContext().getPackageManager();
String packageName = TUILogin.getAppContext().getPackageName();
Signature[] signatures = null;
try {
if (Build.VERSION.SDK_INT > Build.VERSION_CODES.P) {
PackageInfo packageInfo = TUILogin.getAppContext().getPackageManager().getPackageInfo(TUILogin.getAppContext().getPackageName(), PackageManager.GET_SIGNING_CERTIFICATES);
SigningInfo signingInfo = packageInfo.signingInfo;
signatures = signingInfo.getApkContentsSigners();
} else {
PackageInfo packageInfo = pm.getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
signatures = packageInfo.signatures;
}
byte[] cert = signatures[0].toByteArray();
InputStream input = new ByteArrayInputStream(cert);
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate c = null;
c = (X509Certificate) cf.generateCertificate(input);
MessageDigest md = MessageDigest.getInstance("SHA1");
byte[] publicKey = md.digest(c.getEncoded());
hexString = byte2HexFormatted(publicKey);
} catch (PackageManager.NameNotFoundException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e1) {
e1.printStackTrace();
} catch (CertificateEncodingException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return hexString.trim();
}
4.2 调用so包中方法去判断是否正确
extern "C"
JNIEXPORT jboolean JNICALL Java_com_tencent_qcloud_tuicore_util_EnvironmentUtil_isCertificate
(JNIEnv *env, jobject thiz, jstring input) {
char *out = jstringToChar(env, input);
if (strcmp(hash, out) == 0) {
return true;
} else {
return false;
}
}
char *jstringToChar(JNIEnv *env, jstring jstr) {
char *rtn = NULL;
jclass clsstring = env->FindClass("java/lang/String");
jstring strencode = env->NewStringUTF("GB2312");
jmethodID mid = env->GetMethodID(clsstring, "getBytes", "(Ljava/lang/String;)[B");
jbyteArray barr = (jbyteArray) env->CallObjectMethod(jstr, mid, strencode);
jsize alen = env->GetArrayLength(barr);
jbyte *ba = env->GetByteArrayElements(barr, JNI_FALSE);
if (alen > 0) {
rtn = (char *) malloc(alen + 1);
memcpy(rtn, ba, alen);
rtn[alen] = 0;
}
env->ReleaseByteArrayElements(barr, ba, 0);
return rtn;
}
五.判断当前环境
5.1 判断当前环境是否root
public static boolean isDeviceRooted() {
return checkRootMethod1() || checkRootMethod2() || checkRootMethod3();
}
private static boolean checkRootMethod1() {
String buildTags = android.os.Build.TAGS;
return buildTags != null && buildTags.contains("test-keys");
}
private static boolean checkRootMethod2() {
String[] paths = {
"/system/app/Superuser.apk", "/sbin/su", "/system/bin/su", "/system/xbin/su", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su", "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su"
};
for (String path : paths) {
if (new File(path).exists())
return true;
}
return false;
}
private static boolean checkRootMethod3() {
Process process = null;
try {
process = Runtime.getRuntime().exec(new String[]{
"/system/xbin/which", "su"
});
BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
if (in.readLine() != null) return true;
return false;
} catch (Throwable t) {
return false;
} finally {
if (process != null) process.destroy();
}
}
5.2 判断当前环境中是否存在xposed等app
public static boolean isSafe() {
PackageManager pm = TUILogin.getAppContext().getPackageManager();
List<PackageInfo> list = pm
.getInstalledPackages(PackageManager.GET_UNINSTALLED_PACKAGES);
for (PackageInfo packageInfo : list) {
String packageName = packageInfo.packageName;
if (packageName.equals("de.robv.android.xposed.installer")) {
return false;
} else if (packageName.equals("com.wrbug.developerhelper")) {
return false;
} else if (packageName.equals("formatfa.xposed.Fdex2")) {
return false;
} else if (packageName.equals("com.topjohnwu.magisk")) {
return false;
}else if (packageName.equals("com.topjohnwu.magisk")){
return false;
}else if (packageName.equals("eu.chainfire.supersu")){
return false;
}
}
return true;
}
4.3 退出程序
extern "C"
JNIEXPORT void JNICALL
Java_com_tencent_qcloud_tuicore_util_EnvironmentUtil_exit(JNIEnv *env, jclass clazz) {
exit(0);
}