jni验证application

2021-03-25 12:20:44 +08:00
parent ba6eb721e1
commit 0df3d14e28
9 changed files with 131 additions and 42 deletions
--- a/apisecurity/src/main/java/cn/android/security/APISecurity.java
+++ b/apisecurity/src/main/java/cn/android/security/APISecurity.java
@@ -46,8 +46,13 @@ public class APISecurity {
     * @param str
     */
    public static native String sign(String str);
-    public static native String getRelayPackName();
+
+    public static native String getRealyAppName();
+
    public static native void verifyApp(Application applicationByReflect);
+
+    public static native boolean verifyApplication();
+
    public static native boolean init(Context context);

    /**
@@ -62,7 +67,7 @@ public class APISecurity {
 //        Log.e("mhyLog", "hash:" + AppSigning.getSignatureHash(context));
 //        Log.e("mhyLog", "sha1:" + getSignSha1(context));
        //runCommand();
-       // Log.e("mhyLog包文件", "签名:"+getApkSignatures(context, context.getPackageName()));
+        // Log.e("mhyLog包文件", "签名:"+getApkSignatures(context, context.getPackageName()));
        //Log.e("mhyLog已安装", "签名："+getInstalledAPKSignature(context, context.getPackageName()));
        //通过获取其他应用的签名 如果一样那么被hook了
    }
@@ -79,7 +84,7 @@ public class APISecurity {
                if (appInfo == null || appInfo.signingInfo == null)
                    return "";
                return AppSigning.getSignatureString(appInfo.signingInfo.getApkContentsSigners(), AppSigning.SHA1);
-            }else {
+            } else {
                PackageInfo appInfo = pm.getPackageInfo(packageName.trim(), PackageManager.GET_SIGNATURES);
                if (appInfo == null || appInfo.signatures == null)
                    return "";
@@ -105,19 +110,19 @@ public class APISecurity {
            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
                //TODO 这里获取的signingInfo 为空 猜想是flag不对 但看源码好像 目前只能使【GET_SIGNATURES 对应signatures】
                PackageInfo packageInfo = pm.getPackageArchiveInfo(path, PackageManager.GET_SIGNING_CERTIFICATES);
-                if (packageInfo != null&&packageInfo.signingInfo!=null) {
+                if (packageInfo != null && packageInfo.signingInfo != null) {
                    Signature[] signatures = packageInfo.signingInfo.getApkContentsSigners();
-                     return AppSigning.getSignatureString(signatures, AppSigning.SHA1);
-                }else {
-                  return AppSigning.getAPKSignatures(path);
+                    return AppSigning.getSignatureString(signatures, AppSigning.SHA1);
+                } else {
+                    return AppSigning.getAPKSignatures(path);
                }
                //如果获取失败就用下面方法喽
-            }else {
+            } else {
                PackageInfo packageInfo = pm.getPackageArchiveInfo(path, PackageManager.GET_SIGNATURES);
                if (packageInfo != null) {
                    Signature[] signatures = packageInfo.signatures;
                    return AppSigning.getSignatureString(signatures, AppSigning.SHA1);
-                }else {
+                } else {
                    return AppSigning.showUninstallAPKSignatures(path);
                }
            }
--- a/apisecurity/src/main/java/cn/android/security/AppSigning.java
+++ b/apisecurity/src/main/java/cn/android/security/AppSigning.java
@@ -80,7 +80,6 @@ public class AppSigning {
            IllegalAccessException,
            NoSuchFieldException,
            NullPointerException {
-
        // 反射获取 ActivityThread 的 currentActivityThread 获取 mainThread
        Class activityThreadClass = Class.forName("android.app.ActivityThread");
        Method currentActivityThreadMethod =
@@ -115,12 +114,12 @@ public class AppSigning {
    /**
     * 校验 application
     */
-    public static boolean checkApplication(){
+    public static boolean sameApplication(){
        //在这里使用反射 获取比较靠谱 如果 被替换换 就查出来了
        Application nowApplication = getApplicationByReflect();
-        APISecurity.verifyApp(nowApplication);
-        String trueApplicationName = "cn.android.sample.MyApplication";//getSimpleName()自己的Application类名 防止替换
-        String nowApplicationName = nowApplication.getClass().getName();
+        String trueApplicationName = APISecurity.getRealyAppName();
+        //getSimpleName()自己的Application类名 防止替换
+        String nowApplicationName = nowApplication.getClass().getName();//当前app类全名
        Log.e("mhyLogAppName", "反射获取:"+nowApplicationName);
        return trueApplicationName.equals(nowApplicationName);
    }
@@ -326,7 +325,6 @@ public class AppSigning {
                    return getSignatureString(info,AppSigning.SHA1);
                }

-
            } else {
                pkgParserCt = pkgParserCls.getConstructor(typeArgs);
                pkgParser = pkgParserCt.newInstance(apkPath);
--- a/apisecurity/src/main/java/cn/android/security/InitProvider.java
+++ b/apisecurity/src/main/java/cn/android/security/InitProvider.java
@@ -12,15 +12,12 @@

 package cn.android.security;

-import android.annotation.SuppressLint;
-import android.app.Application;
 import android.content.ContentProvider;
 import android.content.ContentValues;
 import android.content.Context;
 import android.database.Cursor;
 import android.net.Uri;
 import android.util.Log;
-
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;

@@ -39,9 +36,9 @@ public class InitProvider extends ContentProvider {
        }
        Log.e("mhyLog", "initContentProvider:");
        chekSignature(application);
-
-        Log.e("mhyLog检测Provider_APP", String.valueOf(AppSigning.checkApplication()));
-
+        Log.e("mhyLog验证APP", String.valueOf(AppSigning.sameApplication())+";apkmd5="+ AppSigning.apkMD5(application));
+        APISecurity.verifyApp(AppSigning.getApplicationByReflect());
+        APISecurity.verifyApplication();
        return true;
    }