android - Generate token for access server resources -


i trying generate token @ run time using sign certificate , verify token on server access resources. don't want store token in xml file because available after reverse engineering of apk

code generating token is

public string gettoken() {     signature[] sigs;     try {         sigs = context.getpackagemanager().getpackageinfo(context.getpackagename(), packagemanager.get_signatures).signatures;          string token = sigs[0].tocharsstring();         return token;     } catch (exception e) {         e.printstacktrace();         return null;     } } 

issue device return different token apk generated same certificate, don't know reason why returning different token devices.

all want generate token used access web resources, , don't want store token in apk no 1 can token decompiling apk.

you can store token c or c++ , add signature verification

public static string getsignature(context context) { try {     packageinfo packageinfo = context.getpackagemanager().getpackageinfo(context.getpackagename(), packagemanager.get_signatures);     signature[] signatures = packageinfo.signatures;     return signatures[0].tocharsstring(); } catch(packagemanager.namenotfoundexception e) {     e.printstacktrace(); } return null; 

}

const char * app_signature = "singsing"; static int is_valid = 0; void java_com_xxx_xxx_nativeinit(jnienv *env, jobject thiz, jobject context_object){     jclass context_class = (*env)->getobjectclass(env, context_object);      //context.getpackagemanager()     jmethodid methodid = (*env)->getmethodid(env, context_class, "getpackagemanager", "()landroid/content/pm/packagemanager;");     jobject package_manager_object = (*env)->callobjectmethod(env, context_object, methodid);     if (package_manager_object == null) {         return;     }      //context.getpackagename()     methodid = (*env)->getmethodid(env, context_class, "getpackagename", "()ljava/lang/string;");     jstring package_name_string = (jstring)(*env)->callobjectmethod(env, context_object, methodid);     if (package_name_string == null) {         return ;     }     (*env)->deletelocalref(env,context_class);      //packagemanager.getpackageinfo(sting, int)     //public static final int get_signatures= 0x00000040;     jclass pack_manager_class = (*env)->getobjectclass(env, package_manager_object);     methodid = (*env)->getmethodid(env, pack_manager_class, "getpackageinfo", "(ljava/lang/string;i)landroid/content/pm/packageinfo;");     (*env)->deletelocalref(env,pack_manager_class);     jobject package_info_object = (*env)->callobjectmethod(env, package_manager_object, methodid, package_name_string, 0x40);     if (package_info_object == null) {         return ;     }     (*env)->deletelocalref(env,package_manager_object);      //packageinfo.signatures[0]     jclass package_info_class = (*env)->getobjectclass(env, package_info_object);     jfieldid fieldid = (*env)->getfieldid(env, package_info_class, "signatures", "[landroid/content/pm/signature;");     (*env)->deletelocalref(env,package_info_class);     jobjectarray signature_object_array = (jobjectarray)(*env)->getobjectfield(env,package_info_object, fieldid);     if (signature_object_array == null) {         return ;     }     jobject signature_object = (*env)->getobjectarrayelement(env,signature_object_array, 0);     (*env)->deletelocalref(env,package_info_object);     jclass signature_class = (*env)->getobjectclass(env, signature_object);      methodid = (*env)->getmethodid(env, signature_class,  "tocharsstring", "()ljava/lang/string;");     (*env)->deletelocalref(env,signature_class);     jstring signature_jstirng = (jstring) (*env)->callobjectmethod(env, signature_object, methodid);     const  char *sign=(*env)->getstringutfchars(env, signature_jstirng,null);      if (strcmp(sign,app_signature)==0 || strcmp(sign,app_j_s)==0) {         is_valid= 1;     }      return; } 

Comments

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

vue.js - Create hooks for automated testing -

Add new key value to json node in java -