Needs and background
Industry-related, programs with higher security generally need to add integrity detection function to prevent programs from being tampered with, resulting in security problems.
Several related payment application projects have been done this year, and these programs have also passed the certification of relevant industry security standards.
accomplish
Let’s share the implementation ideas and code implementation of Android APP integrity verification.
Use sp to determine whether the current first installation of apk is currently installed. The default installation of apk is downloaded and installed from the market. By default, it is believed that it has not been tampered with. You can just calculate the current hash value and save it to a file without checking.
The operation of calculating the hash value of the apk and writing files is a time-consuming operation. Remember to open the child thread to perform it.
private boolean integrityCheckResult = false;
private boolean isFirstRun;//It can be saved through files, such as SP @Override
public void onCreate() {
();
().runInBackground(new Runnable() {
@Override
public void run() {
//Detection of apk integrity if (isFirstRun){//skip and calculate apk's hash
().checkIntegrity(true);
integrityCheckResult = true;
}else {
integrityCheckResult = ().checkIntegrity(false);
}
}
});
public boolean isIntegrityCheckResult() {
return integrityCheckResult;
}In the entry activity, determine whether the integrity verification is passed. If it fails, you can pop up the window and lock the APP, allowing the user to download and install again on a safe platform. The current APP cannot be used, and there are security issues.
@Override
protected void onCreate(Bundle savedInstanceState) {
(savedInstanceState);
setContentView(.activity_main);
if (().isIntegrityCheckResult()) {
(TAG, "onCreate: checkIntegrity success");
} else {
(TAG, "onCreate: checkIntegrity failed");
}
}Security Management
Create a new security management class to manage all security-related classes
public class SecurityManager {
// Make a single case private static SecurityManager instance = null;
private final Integrity integrity;
private SecurityManager(){
integrity = new Integrity();
}
public static synchronized SecurityManager getInstance() {
if (instance == null)
instance = new SecurityManager();
return instance;
}
public boolean checkIntegrity(boolean isFirstInstall) {
return (isFirstInstall);
}
}Implement the interface for integrity detection
public interface IIntegrity {
boolean checkApkIntegrity();
}Integrity detection implementation class:
public class Integrity implements IIntegrity {
public boolean checkIntegrity(boolean isFirstInstall) {
if (isFirstInstall) {
calcAndSaveApkSoHash();
return true;
} else {
return compareHashsWithLastTime();
}
}
private void calcAndSaveApkSoHash() {
File apk = new File(().getPackageCodePath());
byte[] apkHash = (apk, HashCalculator.SHA_256);
(filePath + APK_HASH_FILE, apkHash);
}
private boolean compareHashsWithLastTime() {
//Detection apk so return checkApkIntegrity();
}
@Override
public boolean checkApkIntegrity() {
if () {
(TAG, "Debug version,skip apk‘s hash verification");
return true;
}
try {
String apkPath = ().getPackageCodePath();
byte[] originalApkHash = (filePath + APK_HASH_FILE);
return calcSrcAndCompareWithLastHash(originalApkHash, new File(apkPath));
} catch (IOException e) {
(TAG, "checkApkAndLibs: ", e);
}
return false;
}
/**
* Calculate plaintext data and compare it with the last hash
*
* @param decHashBytes plain text hash data
* @param decSrc plaintext source data
*/
private static boolean calcSrcAndCompareWithLastHash(byte[] decHashBytes, File decSrc) {
String decHash = Utils.bcd2Str(decHashBytes);
// Calculate the hash of decryption ksn String calcHash = (decSrc, HashCalculator.SHA_256);
(TAG,
"calculate hash = " + Utils.bcd2Str(
(decSrc, HashCalculator.SHA_256)));
return (calcHash);
}
}Related Tools
This is just a tool class, which is convenient for obtaining Application. Just obtain the context and you can play it at will.
public class BaseApplication extends Application {
private static BaseApplication mBaseApplication ;
mBaseApplication = this;
}
public static BaseApplication getAppContext(){
return mBaseApplication;
}Coding conversion tool:
@NonNull
public static String bcd2Str(@Nullable byte[] b, int length) {
if (b == null) {
return "";
}
StringBuilder sb = new StringBuilder(length * 2);
for (int i = 0; i < length; ++i) {
(ARRAY_OF_CHAR[((b[i] & 0xF0) >>> 4)]);
(ARRAY_OF_CHAR[(b[i] & 0xF)]);
}
return ();
}hash calculator
@NonNull
public static String bcd2Str(@Nullable byte[] b, int length) {
if (b == null) {
return "";
}
StringBuilder sb = new StringBuilder(length * 2);
for (int i = 0; i < length; ++i) {
(ARRAY_OF_CHAR[((b[i] & 0xF0) >>> 4)]);
(ARRAY_OF_CHAR[(b[i] & 0xF)]);
}
return ();
}File Tools
/**
* File Locking
* Force Flushing Buffer:
*/
public static boolean writeBytesToFile(String filePath, byte[] bytes) {
try (FileOutputStream fos = new FileOutputStream(filePath)) {
(bytes);
// Get file lock FileChannel fileChannel = ();
try (FileLock fileLock = ()) {
// Force refresh buffer (true);
}
return true;
} catch (IOException e) {
(e);
return false;
}
}This is the article about the implementation ideas and full records of Android apk integrity detection. For more related content on Android apk integrity detection, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!