classes.dex的校验值保持与Dexguard改每次构建 [英] Checksum value of classes.dex keep changing with Dexguard for every build
问题描述
我做检查本地code classes.dex的总和在此间表示:
检查C /本地code .apk文件的签名一>
I do check sum of classes.dex in native code as indicated here: Check .apk-signature in C/native Code
- 计算classes.dex 的校验
- 硬codeD值相比较 - XXX
- 如果这是真的,并传递下去
- 如果这不是真的,退出程序
我要做的就是登录校验值第一个版本,然后更改本地code中的,如果(校验== XXX)是一样的记录值。
What I do is log the checksum value for the first build, then change the if (checksum == xxx) in native code to be the same as the logged value.
然而,使用Dexguard,校验和是每一个不同的版本不同,也就是说,如果我改变XXX,并生成APK签署再次,检查将永远是假的。我认为Dexguard生成随机的东西进入,使每一个构建不同的classes.dex。
However, with using Dexguard, the checksum is different for every different build, means that if I change xxx, and generate the signed apk again, the check will always be false. I think Dexguard generate something random into the classes.dex that makes every build different.
任何想法来解决这个问题呢?谢谢
Any ideas to get around this problem ? Thanks
推荐答案
每一个DEX文件包括两个校验:一个的Adler32和SHA-1签名。前者作为一个快速检查的文件损坏,后者唯一标识文件的内容。 IIRC,优化(.odex)文件更新文件的校验,但保留了SHA-1签名。
Every DEX file includes two checksums: an Adler32 and a SHA-1 signature. The former is used as a quick check for file corruption, the latter to uniquely identify the file contents. IIRC, the optimized (.odex) file updates the file checksum but retains the SHA-1 signature.
如果你的目标是当classes.dex内容已被构建系统改为识别,您应该使用SHA-1。如果你正试图建立某种形式的防篡改的,那么你可能需要改变你去嵌入校验的方式。例如,您可以将其存储在一个字节数组,与一个独特的模式开始,只需直接编辑文件(重新计算的Adler32后)。
If your goal is to identify when the classes.dex contents have been changed by the build system, you should use the SHA-1. If you are attempting to create some sort of tamper-resistance, then you may need to change the way you go about embedding the checksum. For example, you could store it in an array of bytes that begins with a unique pattern, and just edit the file directly (recomputing the Adler32 afterward).
这篇关于classes.dex的校验值保持与Dexguard改每次构建的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!