klaxit / hidden-secrets-gradle-plugin Goto Github PK

Hi! I am testing this plugin. I am learning how to code in Java. I successfully imported the plugin and created some secret keys. However, when I build the app, I run into the following error:

Execution failed for task ':hideSecret'.

Extension with name 'android' does not exist. Currently registered extension names: [ext, buildScan, gradleEnterprise, _internalAndroidGradlePluginDependencyCheckerRegistered]

When calling the secret values in an activity using final String key = new Secrets()..., I get an error because Secrets() is not recognized.

Also, the copied files are save in root folder. Is there a way that those files will be saved in the default Java directory?

I am new to app development. I tried googling but I can't find a solution. I someone can help me.

Thank you in advance.

This is what I get when trying to use the plugin in a project that uses AGP 4.1.2

Does it mean that the plugin only works for AGP 4.0.0?

Hi,

I not found Secrets.kt in my project

buildscript {
    repositories {
        maven {
            url "https://plugins.gradle.org/m2/"
        }
    }
    dependencies {
        classpath "com.klaxit.hiddensecrets:HiddenSecretsPlugin:X.Y.Z"
    }
}

apply plugin: 'com.klaxit.hiddensecrets'

./gradlew hideSecret -Pkey=yourKeyToObfuscate

other problem

I copy file from github and add kotlin support to my app and copy file Secrets.kt from github

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':hideSecret'.
> Extension with name 'android' does not exist. Currently registered extension names: [ext, _internalAndroidGradlePluginDependencyCheckerRegistered]

* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 6s
2 actionable tasks: 1 executed, 1 up-to-date

You are using Gradle 6.1.1 inside your plugin.

Think you should update to 6.7 and change to use Java Toolchain.

With this you do not need the Java configuration any more.

Hello. I'm new to flutter. Do you have documentation on how to integrate this in flutter apps? I would greatly appreciate it if anyone can teach me how. Thank you so much.

After successfully adding some key. How can I remove it?

Hey! I've faced the issue today. You can't encode String more than 4046 symbols (In my case it's a JSON configuration file). After using a function on the Java side I do not receive the initial String, only part of it. Could you explain why and If possible provide some workaround?

I am getting this error:
Task 'hideSecret' not found in project ':app'.
Please help.

C:\Users\abhiv\AndroidStudioProjects\Testing\app>gradle hideSecret -Pkey=loveabhishek [-PkeyName=first] [-Ppackage=com.example.testing] --info
Initialized native services in: C:\Users\abhiv\.gradle\native
The client will now receive all logging from the daemon (pid: 26056). The daemon log file: C:\Users\abhiv\.gradle\daemon\6.5.1\daemon-26056.out.log
Starting 7th build in daemon [uptime: 4 mins 27.496 secs, performance: 98%]
Using 16 worker leases.
Starting Build
Settings evaluated using settings file 'C:\Users\abhiv\AndroidStudioProjects\Testing\settings.gradle'.
Projects loaded. Root project using build file 'C:\Users\abhiv\AndroidStudioProjects\Testing\build.gradle'.
Included projects: [root project 'Testing', project ':app']

> Configure project :
Evaluating root project 'Testing' using build file 'C:\Users\abhiv\AndroidStudioProjects\Testing\build.gradle'.
Unzip jar to C:\Users\abhiv\AndroidStudioProjects\Testing\build/hidden-secrets-tmp

> Configure project :app
Evaluating project ':app' using build file 'C:\Users\abhiv\AndroidStudioProjects\Testing\app\build.gradle'.
Creating configuration androidTestUtil
All projects evaluated.
Analytics other plugin to proto: Unknown plugin type com.klaxit.hiddensecrets.HiddenSecretsPlugin expected enum COM_KLAXIT_HIDDENSECRETS_HIDDENSECRETSPLUGIN

FAILURE: Build failed with an exception.

* What went wrong:
Task 'hideSecret' not found in project ':app'.

* Try:
Run gradle tasks to get a list of available tasks. Run with --stacktrace option to get the stack trace. Run with --debug option to get more log output. Run with --scan to get full insights.

* Get more help at https://help.gradle.org

BUILD FAILED in 1s

Hi,

By adding the plugin in my module (version 0.2.0), I was able to run this command ./gradlew hideSecret ....

I have enabled C++ files compilation in my module, then I was able to get my secret key from Kotlin code by calling val key = Secrets().getYourSecretKeyName(packageName).

However, when I install the app and launch it, I have this exception :

2022-07-04 16:41:41.790 19552-19552/com.vianavigo.androidlab.dev E/AndroidRuntime: FATAL EXCEPTION: main Process: com.vianavigo.androidlab.dev, PID: 19552 java.lang.UnsatisfiedLinkError: dlopen failed: library "libsecrets.so" not found at java.lang.Runtime.loadLibrary0(Runtime.java:1087) at java.lang.Runtime.loadLibrary0(Runtime.java:1008) at java.lang.System.loadLibrary(System.java:1664) at com.instantsystem.homearoundme.Secrets.<clinit>(Secrets.kt:10) at com.instantsystem.homearoundme.ui.home.HomeFragment.onViewCreated(HomeFragment.kt:338) at androidx.fragment.app.Fragment.performViewCreated(Fragment.java:2987) at androidx.fragment.app.FragmentStateManager.createView(FragmentStateManager.java:546) at androidx.fragment.app.FragmentStateManager.moveToExpectedState(FragmentStateManager.java:282) at androidx.fragment.app.FragmentManager.executeOpsTogether(FragmentManager.java:2189) at androidx.fragment.app.FragmentManager.removeRedundantOperationsAndExecute(FragmentManager.java:2100) at androidx.fragment.app.FragmentManager.execPendingActions(FragmentManager.java:2002) at androidx.fragment.app.FragmentManager$5.run(FragmentManager.java:524) at android.os.Handler.handleCallback(Handler.java:938) at android.os.Handler.dispatchMessage(Handler.java:99) at android.os.Looper.loop(Looper.java:233) at android.app.ActivityThread.main(ActivityThread.java:8010) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:631) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:978)

I saw in an older issue that it could come from the NDK version. I have tested with some versions but nothing changed.
Did I miss something?
Do you have any idea about this issue please?

I had this issue. So i thought i will edit the secrets.cpp. So i changed the function:

extern "C"
JNIEXPORT jstring JNICALL
Java_YOUR_PACKAGE_GOES_HERE_Secrets_getYOUR_KEY_NAME_GOES_HERE(
        JNIEnv *pEnv,
        jobject pThis,
        jstring packageName) {
    char obfuscatedSecret[] = {"lifeisgood2"}; // added 
    return getOriginalKey(obfuscatedSecret, sizeof(obfuscatedSecret), packageName, pEnv);
}

This line is returning a value in some random format

        final String key = new Secrets().getYourSecretKeyName(getPackageName());
        System.out.println(key);

What should I do to make it work?

Hello ,

I am getting this error:

Gradle project cmake.path is C:\Users\abhiv\AndroidStudioProjects\Testing\app\src\main\cpp\CMakeLists.txt but that file doesn't exist

If writing CMAKEList is important. Please provide a sample to work for my project.
Or if there is other way please tell.

Hi, I have been experimenting with hidden-secrets-gradle-plugin.

I am getting a crash with this stack trace when secret names have underscores.

example property file content:

base_url=https://google.com

java.lang.UnsatisfiedLinkError: No implementation found for java.lang.String com.demo.app.Secrets.getbase_url(java.lang.String) (tried Java_com_demo_app_Secrets_getbase_1url and Java_com_demo_app_Secrets_getbase_1url__Ljava_lang_String_2)
at com.demo.app.Secrets.getbase_url(Native Method)
at com.demo.app.MainActivity.checkForSecurityIssues(MainActivity.kt:375)
at com.demo.app.MainActivity.onCreate(MainActivity.kt:77)
at android.app.Activity.performCreate(Activity.java:8057)
at android.app.Activity.performCreate(Activity.java:8037)
at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1345)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3697)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3873)
at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:103)
at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:135)
at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:95)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2262)
at android.os.Handler.dispatchMessage(Handler.java:106)
at android.os.Looper.loopOnce(Looper.java:201)
at android.os.Looper.loop(Looper.java:288)
at android.app.ActivityThread.main(ActivityThread.java:7882)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003)

Hi. Is it possible to use libsecrets.so library in a custom Android or a Linux app and call the generated method and get the key?

In this project, I'm using version catalogs as well and I tried all the options you have in the README, including the legacy plugin application, but all of them complain with an error, the legacy plugin application error is:

A problem occurred configuring root project 'XXXXXX'.
> Could not resolve all files for configuration ':classpath'.
   > Could not find com.klaxit.hiddensecrets:HiddenSecretsPlugin:X.Y.Z.
     Searched in the following locations:
       - https://dl.google.com/dl/android/maven2/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://plugins.gradle.org/m2/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://repo.maven.apache.org/maven2/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
     Required by:
         project :

Possible solution:
 - Declare repository providing the artifact, see the documentation at https://docs.gradle.org/current/userguide/declaring_repositories.html

You defined a Utils.kt class which contains a companion object.

I think there a 2 better solutions:

1. change it to object:

- class Utils {
-   companion object {
+ object Utils {
...
-     }

2. Fully remove the block and us functions declared in a file:

- class Utils {
-     companion object {
...
-     }
- }

Hello,

In our project, hidden-secrets is only library that uses NDK and have any C++ code.

A portion of our Android 7 users are getting these errors:

SIGSEGV Segmentation violation (invalid memory reference) 
    /system/lib/libart.so:666192 0xa8a3fa50

Specially these two devices are experiencing the highest failures:

HOT5 (Infinix X559C)- 20.3%
TECNO K7about - 19.7%

Do you guys have any insight, how we may address these crashes?

Hey guys,

I'm doubting my approach, if my API token is protected by this plugin like this:

val headers = HashMap<String, String>()
headers["api-token"] = Secrets().getApiTokenProd(requireContext().packageName)
ApiService.getServerStatus(headers) ()

Couldn't the the hacker that got his hands on the code via disassembly simply set a breakpoint there and read the token?
How have I protected the token then? 🤔

I think it would be nice to make the constants here public.
This would enable everyone to us this in their code instead of creating duplicated strings.

For example:

...
project.tasks.withName(Class.CONSTANT)
...

Hi,
after adding the cmake path to my build.gradle and syncing, I received the following error messages:

C/C++ debug|armeabi-v7a : CMake Error at C:/Users/.../AppData/Local/Android/sdk/cmake/3.10.2.4988404/share/cmake-3.10/Modules/CMakeTestCCompiler.cmake:52 (message):
  The C compiler

    "C:/Users/.../AppData/Local/Android/sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/windows-x86_64/bin/clang.exe"

  is not able to compile a simple test program.

  It fails with the following output:

    Change Dir: P:/.../app/.cxx/cmake/debug/armeabi-v7a/CMakeFiles/CMakeTmp
    
    Run Build Command:"C:\Users\...\AppData\Local\Android\Sdk\cmake\3.10.2.4988404\bin\ninja.exe" "cmTC_f0e2c"
    [1/2] Building C object CMakeFiles/cmTC_f0e2c.dir/testCCompiler.c.o
    FAILED: CMakeFiles/cmTC_f0e2c.dir/testCCompiler.c.o 
    C:\Users\...\AppData\Local\Android\sdk\ndk\21.1.6352462\toolchains\llvm\prebuilt\windows-x86_64\bin\clang.exe --target=armv7-none-linux-androideabi24 --gcc-toolchain=C:/Users/.../AppData/Local/Android/sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/windows-x86_64 --sysroot=C:/Users/.../AppData/Local/Android/sdk/ndk/21.1.6352462/toolchains/llvm/prebuilt/windows-x86_64/sysroot   -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -march=armv7-a -mthumb -Wformat -Werror=format-security   -fPIE -o CMakeFiles/cmTC_f0e2c.dir/testCCompiler.c.o   -c testCCompiler.c
    clang: error: no such file or directory: 'testCCompiler.c'
    clang: error: no input files
    ninja: build stopped: subcommand failed.
    

  CMake will not be able to correctly generate this project.
Call Stack (most recent call first):
  CMakeLists.txt

Any idea whats going wrong? Is the file testCCompiler.c missing? What is this?

Thank you.

Fatal Exception: java.lang.UnsatisfiedLinkError: dlopen failed: library "libsecrets.so" not found
at java.lang.Runtime.loadLibrary0(Runtime.java:1087)
at java.lang.Runtime.loadLibrary0(Runtime.java:1008)
at java.lang.System.loadLibrary(System.java:1664)

You missed the name and description for this Gradle plugin. This will improve the informations on the plugins.gradle.com repository?

Hello

This project has completely stopped working.

build.gradle

buildscript {
    ext.kotlin_version = "1.4.21"
    repositories {
        google()
        jcenter()
        maven { url  "https://adcolony.bintray.com/AdColony" }
        maven { url 'https://dl.bintray.com/ironsource-mobile/android-sdk' }
        maven { url "https://plugins.gradle.org/m2/" }
    }
    dependencies {
        classpath 'com.android.tools.build:gradle:4.1.2'
        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
        classpath "androidx.navigation:navigation-safe-args-gradle-plugin:2.3.2"
        classpath 'com.google.gms:google-services:4.3.4'
        classpath 'com.google.firebase:firebase-crashlytics-gradle:2.4.1'
        classpath "com.klaxit.hiddensecrets:HiddenSecretsPlugin:0.1.2"
    }
}

It gets completely messed up and throws this error.

Could not HEAD 'https://adcolony.bintray.com/AdColony/com/klaxit/hiddensecrets/HiddenSecretsPlugin/0.1.2/HiddenSecretsPlugin-0.1.2.pom'. Received status code 502 from server: Bad Gateway
Disable Gradle 'offline mode' and sync project

This happens on MacBook Pro (intel).

This seems like a great project.

I have tried to install it both the legacy and modern way. And both fail:

Legacy:

> Could not resolve all artifacts for configuration ':classpath'.
   > Could not find com.klaxit.hiddensecrets:HiddenSecretsPlugin:X.Y.Z.
     Searched in the following locations:
       - https://dl.google.com/dl/android/maven2/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://jcenter.bintray.com/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://adcolony.bintray.com/AdColony/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://dl.bintray.com/ironsource-mobile/android-sdk/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
       - https://plugins.gradle.org/m2/com/klaxit/hiddensecrets/HiddenSecretsPlugin/X.Y.Z/HiddenSecretsPlugin-X.Y.Z.pom
     Required by:
         project :

I also changed it to the tag:

classpath "com.klaxit.hiddensecrets:HiddenSecretsPlugin:1.0.0"

Which leads to:

   > Could not find com.klaxit.hiddensecrets:HiddenSecretsPlugin:1.0.0.

What am I missing please?

plugin version: 0.1.3
when running

./gradlew lib.hiddensecrets:assembleRelease --rerun-tasks --no-build-cache

> Task :lib.hiddensecrets:configureCMakeRelWithDebInfo[arm64-v8a] FAILED

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':lib.hiddensecrets:configureCMakeRelWithDebInfo[arm64-v8a]'.
> [CXX1405] error when building with cmake using C:\Users\user\projectname\lib.hiddensecrets\src\main\cpp\CMakeLists.txt: Build command failed.
  Error while executing process C:\Users\user\AppData\Local\Android\Sdk\cmake\3.18.1\bin\cmake.exe with arguments {-HC:\Users\user\projectname\lib.hiddensecrets\src\main\cpp -DCMAKE_SYSTEM_NAME=Android -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_SYSTEM_VERSION=23 -DANDROID_PLATFORM=android-23 -DANDROID_ABI=arm64-v8a -DCMAKE_ANDROID_ARCH_ABI=arm64-v8a -DANDROID_NDK=C:\Users\user\AppData\Local\Android\Sdk\ndk\21.4.7075529 -DCMAKE_ANDROID_NDK=C:\Users\user\AppData\Local\Android\Sdk\ndk\21.4.7075529 -DCMAKE_TOOLCHAIN_FILE=C:\Users\user\AppData\Local\Android\Sdk\ndk\21.4.7075529\build\cmake\android.toolchain.cmake -DCMAKE_MAKE_PROGRAM=C:\Users\user\AppData\Local\Android\Sdk\cmake\3.18.1\bin\ninja.exe -DCMAKE_LIBRARY_OUTPUT_DIRECTORY=C:\Users\user\projectname\lib.hiddensecrets\build\intermediates\cxx\RelWithDebInfo\166m5e59\obj\arm64-v8a -DCMAKE_RUNTIME_OUTPUT_DIRECTORY=C:\Users\user\projectname\lib.hiddensecrets\build\intermediates\cxx\RelWithDebInfo\166m5e59\obj\arm64-v8a -DCMAKE_BUILD_TYPE=RelWithDebInfo -BC:\Users\user\projectname\lib.hiddensecrets\.cxx\RelWithDebInfo\166m5e59\arm64-v8a -GNinja}

If I specify the Cmake version (a one we used before, when it worked) explicitly, it works

    externalNativeBuild {
        cmake {
            version "3.10.2.4988404"
        }
    }

Thanks in advance!

to get your secret key from Java/Kotlin code by calling :

Kotlin

val key = Secrets().getYourSecretKeyName(packageName)

Java

final String key = new Secrets().getYourSecretKeyName(getPackageName());

How to get secret key from Groovy (build.gradle) file?

Hi!
I managed to install the library using the legacy instructions:

buildscript {
  repositories {
    maven {
      url "https://plugins.gradle.org/m2/"
    }
  }
  dependencies {
    classpath "com.klaxit.hiddensecrets:HiddenSecretsPlugin:0.1.1"
  }
}

apply plugin: "com.klaxit.hiddensecrets"

I could also generate the secrets with the ./gradlew command. Even use it in my code with no errors in the editor but when I run the app I get the following error:

error: cannot find symbol
import com.package.package.Secrets;
^
symbol: class Secrets
location: package com.package.package

It's declared in the upper part of the class and it is used like this:

params.put("client_id",new Secrets().getClientIdPre(mainActivity.getApplicationContext().getPackageName()));

The key has already been created and the class exists. I would appreciate some help.
Thanks in advance

Hi,

I have this error when I build java project

MainActivity.java:26: error: cannot find symbol
String key = new Secrets().getMyKey(getPackageName());
^
symbol: class Secrets
location: class MainActivity

What is the problem ?

Hey there.

I tried this plugin on a new project, works fine with my key.
I tried to implement it into my multi module project with dynamic features and much more and I have the issue that the so is missing from the apk (mapbox so is there for example)

It is getting generated, because I see it under app/build/intermediates/cmake/debug/obj/arm64-v8a/libsecrets.so but when running my application it won't be moved into the apk, and I can't find it in the following directories (where I can also find libmapbox-gl.so): app/build/intermediates/stripped_native_builds/.. or app/build/intermediates/merged_native_builds/..

I tried adding everything known to me to the demo project where it worked, but it's always in the debug apk in the end. (dynamic features, modules, mapbox, ..)

Do you have any clue what could be the reason for the missing libsecrets.so in the apk?

Can't really provide code as it is a lot and can't pinpoint anything as everything seems to work fine until apk merging is happening.

Thanks in advance,
Richard

When obfuscating the key and when decrypting it, you take the string representation of the sha256 digest. This causes the obfuscator used to be constructed from only [1-10,a-e], and not the full range of the byte values. This guarantee that some bits are never changed (e.g. the MSB, as ascii calues are always less than 127).
I suggest using the original digest value and not "format" it to string value.

I did a test and managed to get the keys by modifying the app in order to make it deliver the key to me.

Also, I haven't tested it, but I wonder what would stop someone from simply taking the libsecrets.so file and running it in their application? I think a C-code level app signature check would solve both of these issues (since I lose the signature when I modify the app).

When I encode/decode a JWT it is decoding to the incorrect string. Here is a sample with a random JWT:
Sample JWT:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJPbmxpbmUgSldUIEJ1aWxkZXIiLCJpYXQiOjE2MDk4ODM4MzMsImV4cCI6MTY0MTQxOTgzMywiYXVkIjoid3d3LmV4YW1wbGUuY29tIiwic3ViIjoianJvY2tldEBleGFtcGxlLmNvbSIsIkdpdmVuTmFtZSI6IkpvaG5ueSIsIlN1cm5hbWUiOiJSb2NrZXQiLCJFbWFpbCI6Impyb2NrZXRAZXhhbXBsZS5jb20iLCJSb2xlIjpbIk1hbmFnZXIiLCJQcm9qZWN0IEFkbWluaXN0cmF0b3IiXX0.e2tiZHYwmHVR-9cm5Wtuq3Ye6Ar3h3r0iqRp75XxVA0

Hidden with ./gradlew hideSecret -Pkey="$SAMPLE_JWT" -PkeyName=SampleJWT

The result of Secrets().getSampleJWT(packageName) is (newline characters included)

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJPbmxpbmUgSldUIEJ1aWxkZXIiLCJpYXQiOjE2MDk4ODM4MzMsImV4cCI6MTY0MTQxOTgzMywiYXVkIjo;L~�y0b71�uKs�"h}'TP:7�"*�s�0
*Gwe�c@8W�9 �D:S
�k#J\Awg����
1D�
�F{P}�mY�.f�fF�RNi�_HzgVgIb�KHL��y/�cD�x��c] p~Dbhnk�r9ZNglH1B	���cWs&yl�%GFMu:Wu}�@O��Lbff�J���6D
�eF��7�#D#.?�9��l
���&�=�:]�~P?{e9J)�Wj,%y�Q]

Here is a screenshot of the value at the break point for better clarity:

The first part of the decoded string seems to be correct and then it goes awry

The hidden secrets plugin is working for us as a charm. But as soon as we want to get a secret from a JUnit unit test it fails with:

no secrets in java.library.path: /Users/me/Library/Java/Extensions:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java:.
java.lang.UnsatisfiedLinkError: no secrets in java.library.path: /Users/me/Library/Java/Extensions:/Library/Java/Extensions:/Network/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java:.

I assume this is because the native libs are missing in the library path. Is there any way to easily add them?

Hi,

I encounter some conflict between the hidden-secrets-gardle-plugin and proguard obfuscation.
I have meet two errors after proguard obfuscation, first is :

"java.lang.UnsatisfiedLinkError: No implementation found for java.lang.String"

This error is due to the native method System.loadLibrary() which is obfuscated.

This error can be fixed by adding this proguard rule :

-keepclasseswithmembernames,includedescriptorclasses class * {
    native <methods>;
}

As it is said by the Proguard documentation (https://www.guardsquare.com/en/products/proguard/manual/examples) :

"If your application, applet, servlet, library, etc., contains native methods, you'll want to preserve their names and their classes' names, so they can still be linked to the native library. The following additional option will ensure that:"

The second error is :

"impossible - java.lang.AssertionError: impossible
at java.lang.Enum$1.create(Enum.java:272)
at java.lang.Enum$1.create(Enum.java:262)
at libcore.util.BasicLruCache.get(BasicLruCache.java:58)
at java.lang.Enum.getSharedConstants(Enum.java:289)
at java.lang.Enum.valueOf(Enum.java:244)
at java.io.ObjectInputStream.readEnum(ObjectInputStream.java:1746)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:374)
at android.os.Parcel.readSerializable(Parcel.java:2933)
at android.os.Parcel.readValue(Parcel.java:2725)
at android.os.Parcel.readArrayMapInternal(Parcel.java:3043)
at android.os.BaseBundle.initializeFromParcelLocked(BaseBundle.java:288)
at android.os.BaseBundle.unparcel(BaseBundle.java:232)
at android.os.BaseBundle.getBoolean(BaseBundle.java:898)
..."

It seems that an enum class is obfuscated and can't be accessed at runtime.

This proguard rule avoid this error :

-keepclassmembers enum * {
    public static **[] values();
    public static ** valueOf(java.lang.String);
}

The problem with this rule, is that it keeps all enum class of the project deobfuscated.

It seems that the enum class that causes this error is one from hidden-secrets-gradle-plugin or one used by it. Because when I remove the plugin, this error disappear.

I would like to identify which enum class causes this problem to avoid the deobfuscation of all my project enum class.

Do you ever encounter this problem ? And do you have an idea of which enum class causes this problem ?

Thank you

Hello!

Sorry about my last issue request.

I get this fatal error output in the logcat when running my java app:

2021-05-05 11:34:20.567 10645-10968/com.nanonodes.servers E/AndroidRuntime: FATAL EXCEPTION: Thread-13 Process: com.nanonodes.servers, PID: 10645 java.lang.UnsatisfiedLinkError: dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/base.apk"],nativeLibraryDirectories=[/data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/lib/x86, /data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/base.apk!/lib/x86, /system/lib, /system/product/lib]]] couldn't find "libsecrets.so" at java.lang.Runtime.loadLibrary0(Runtime.java:1067) at java.lang.Runtime.loadLibrary0(Runtime.java:1007) at java.lang.System.loadLibrary(System.java:1667) at com.nanonodes.servers.Secrets.<clinit>(Secrets.kt:10) at com.nanonodes.servers.ui.login.PanelActivity$o.run(PanelActivity.java:1328) at java.lang.Thread.run(Thread.java:919)

App-level gradle:

apply plugin: 'com.android.application'
apply plugin: 'kotlin-android'


android {
    compileSdkVersion 29
    buildToolsVersion "29.0.2"
    // Enable NDK build
    externalNativeBuild {
        cmake {
            path "src/main/cpp/CMakeLists.txt"
        }
    }
    defaultConfig {
        applicationId "com.nanonodes.servers"
        minSdkVersion 21
        targetSdkVersion 29
        versionCode 22
        versionName 'v22'
        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
    }
    buildTypes {
        release {
            debuggable false
            minifyEnabled true
            shrinkResources true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
        debug {
            debuggable true
            minifyEnabled true
            shrinkResources true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
}

dependencies {
    implementation fileTree(dir: 'libs', include: ['*.jar'])
    implementation 'androidx.appcompat:appcompat:1.0.2'
    implementation 'com.google.android.material:material:1.0.0'
    implementation 'androidx.annotation:annotation:1.0.2'
    implementation 'androidx.constraintlayout:constraintlayout:1.1.3'
    implementation 'androidx.lifecycle:lifecycle-extensions:2.0.0'
    testImplementation 'junit:junit:4.12'
    androidTestImplementation 'androidx.test.ext:junit:1.1.0'
    androidTestImplementation 'androidx.test.espresso:espresso-core:3.1.1'
    implementation 'com.google.firebase:firebase-auth:19.2.0'
    implementation 'com.google.android.gms:play-services-auth:17.0.0'
    implementation 'androidx.multidex:multidex:2.0.0'
    implementation 'com.google.android.gms:play-services-ads:18.2.0'
    implementation 'com.google.firebase:firebase-database:19.2.1'
    implementation 'com.firebase:firebase-client-android:2.5.0'
    implementation 'com.amitshekhar.android:android-networking:1.0.2'
    implementation 'com.anjlab.android.iab.v3:library:1.0.44'
    implementation 'com.android.billingclient:billing:2.1.0'
    implementation 'com.google.firebase:firebase-core:17.0.0'
    implementation 'com.github.javiersantos:PiracyChecker:1.2.7'
    implementation project(path: ':unity-ads')
    implementation files('libs/tapjoyconnectlibrary.jar')
    implementation 'com.scottyab:rootbeer-lib:0.0.8'
    implementation 'com.android.billingclient:billing:3.0.0'
    implementation 'androidx.core:core-ktx:1.3.2'
    implementation "androidx.lifecycle:lifecycle-viewmodel-ktx:2.0.0"
    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
}

apply plugin: 'com.google.gms.google-services'
apply plugin: 'io.michaelrocks.paranoid'
apply plugin: 'com.klaxit.hiddensecrets'
repositories {
    mavenCentral()
}

Project-level gradle:

buildscript {
    ext.kotlin_version = '1.5.0'
    repositories {
        google()
        jcenter()
        maven {
            url "https://jitpack.io"
        }
        maven { url "https://plugins.gradle.org/m2/" }
    }
    dependencies {
        classpath 'com.android.tools.build:gradle:4.1.3'
        classpath 'com.google.gms:google-services:4.3.3'
        classpath 'io.michaelrocks:paranoid-gradle-plugin:0.2.5'
        classpath "com.klaxit.hiddensecrets:HiddenSecretsPlugin:0.1.2"
        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"

        // NOTE: Do not place your application dependencies here; they belong
        // in the individual module build.gradle files
    }
}

allprojects {
    repositories {
        google()
        jcenter()
        maven {
            url "https://jitpack.io"
        }
    }
}

task clean(type: Delete) {
    delete rootProject.buildDir
}

As you can see I have added externalNativeBuild. I have also run the ./gradlew hideSecret -Pkey=yourKeyToObfuscate command in the terminal.

secrets.cpp, secrets.hpp, sha256.cpp, sha256.hpp are generated in the src/main/cpp folder along with the CMakeLists.txt I created manually.

.\gradlew build failed whit this error:

Task :test

UtilsTest > Using encodeSecret() should > UtilsTest.encode String with special characters FAILED
io.kotest.assertions.AssertionFailedError at UtilsTest.kt:45

"encode String with special characters" {
val key = "@&é(§èçà)-ù,;:=#°_*%£?./+"
Utils.encodeSecret(
key,
packageName
) shouldBe "{ 0x70, 0x45, 0xa2, 0xcc, 0x4c, 0xf5, 0x9e, 0xa5, 0x9a, 0xf0, 0xc1, 0xa6, 0x92, 0x4a, 0x4e, 0xa6, 0x8a, 0x1a, 0xc, 0x5e, 0x5, 0x14, 0xf7, 0x86, 0x6b, 0x13, 0x40, 0xf5, 0x9a, 0xc, 0x16, 0x16, 0x19 }"
}

Currently Gradle prefers the plugin DSL. Therefore I would recommend to add the buildscript mechanic as optional deprecated application and tell inside the readme to use the plugin DSL.

When the main package name includes an underscore, java looks for the incorrect function name.

Ex:
Using with com.example.mypackage, it looks for Java_com_example_mypackage_Secrets_getsecretname.
However, using with com.example.my_package, it looks for Java_com_example_my_1package_Secrets_getsecretname.

Note the my_1package instead of my_package.

This causes an UnsatisfiedLinkError when it doesn't find what it's looking for.

Task '[-PkeyName=roomKey]' not found in root project 'Faker' and its subprojects.

I'm getting the following error below when using the plugin dsl

Could not find com.android.tools.build:gradle:4.2.2.
Searched in the following locations:

• https://plugins.gradle.org/m2/com/android/tools/build/gradle/4.2.2/gradle-4.2.2.pom

Kindly advise. Thanks

When using the plugin I was expecting the files to be generated in app/src/main/cpp however they were just placed in the root of my project. Is it the intention the required files are not put in the main app module?

Something like the following might be useful when running different flavors. ./gradlew hideSecrets -Pkey=1234 -PkeyName=Tester -Pdirectory=app/src/qa

There is a problem with compiling the C code.

When adding this entry in grade build:

externalNativeBuild {
        cmake {
            path "src/main/cpp/CMakeLists.txt"
        }
    }

And syncing gradle I get this error message:

Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
Gradle project cmake.path is /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt but that file doesn't exist
/Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt : C/C++ debug|x86 : Failed to activate protocol version: "CMAKE_HOME_DIRECTORY" is set but incompatible with configured source directory value.
/Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt : C/C++ debug|x86 : Waiting for type "handshake".
executing external native build for cmake /Users/houmie/projects/t-android/app/src/main/cpp/CMakeLists.txt

I went then ahead and created the cpp directory and placed an empty text file called CMakeLists.txt.
Then I could sync the gradle.

Then I ran:

./gradlew hideSecret -Pkey=Houmie -PkeyName=YourSecretKeyName 

It creates four files under cpp folder. secrets.cpp, sha256.cpp + headers. Secrets is also generated for Kotlin.

So far so good, but when I run it in the project:

val key = Secrets().getYourSecretKeyName(packageName)

It crashes:

java.lang.UnsatisfiedLinkError: dlopen failed: library "libsecrets.so" not found

It hasn't built it. What am I missing please?
Thank you

I got this error when read data from credentials.properties file

$: gradlew hideSecretFromPropertiesFile -PpropertiesFileName=credentials.properties -Ppackage=com.sample.test

FAILURE: Build failed with an exception.

• What went wrong:
  Task '.properties' not found in project ':app'. Some candidates are: 'properties'.

I created a test key like this

./gradlew -Dorg.gradle.java.home=/usr/lib/jvm/java-1.11.0-openjdk-amd64 hideSecret -Pkey=test -PkeyName=Test -Ppackage=de.datlag.burningseries

The code got generated and I can call Secrets().getTest(packageName)
However it doesn't return test, instead the output is :-v

When I call the obfuscate method like this

./gradlew -Dorg.gradle.java.home=/usr/lib/jvm/java-1.11.0-openjdk-amd64 obfuscate -Pkey=test -Ppackage=de.datlag.burningseries

The output in terminal is

> Task :app:obfuscate
### SECRET ###
test

### PACKAGE NAME ###
de.datlag.burningseries

### OBFUSCATED SECRET ###
{ 0x41, 0x3, 0x4b, 0x47 }

The same value appears in the secrets.cpp file inside the getTest method
char obfuscatedSecret[] = { 0x41, 0x3, 0x4b, 0x47 };
I have no additional customDecode method (so the provided method is default)

I'm not sure if I use it correctly but I think so.
If you can't reproduce you can look in my code https://github.com/DATL4G/BurningSeries-Android
(The repo does not contain this plugin, however it's not modified further yet so all you have to do is add it (I used the legacy method))

You currently define all tasks specifics inside the plugin class.
It would be better to extract the task as classes and extends the DefaultTask. Something like this

Inside this you can use a temporary folder generated with Gradle internal mechanic temporaryDir which is given by task mechanics: https://docs.gradle.org/current/dsl/org.gradle.api.Task.html#org.gradle.api.Task:temporaryDir

C:\Users\abhiv\AndroidStudioProjects\dummy\app\src\main\java\com\example\dummy\MainActivity.java:13: error: cannot find symbol
String key = new Secrets().getTNWDPJXI(getPackageName());
^
symbol: class Secrets
location: class MainActivity

using in java android

I am getting below crash for some devices like Gionee M7 power and Xiaomi Redmi 4a.

Fatal Exception: java.lang.UnsatisfiedLinkError
dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/mypackage.myapp-2/base.apk", zip file "/data/app/mypackage.myapp-2/split_config.arm64_v8a.apk", zip file "/data/app/mypackage.myapp-2/split_config.xhdpi.apk"],nativeLibraryDirectories=[/data/app/mypackage.myapp-2/lib/arm64, /vendor/lib64, /system/lib64]]] couldn't find "libsecrets.so"
       at java.lang.Runtime.loadLibrary(Runtime.java:367)
       at java.lang.System.loadLibrary(System.java:1076)
       at air.com.religare.iPhone.Secrets.<clinit>(Secrets.java:10)

Let me know if you need more information.

Please help

Could a flag be added to prevent the logging of the secret, package name and obfuscated secret? It would be useful to hide these from our CI logs which are stored indefinitely.
If you have a way around this in your CI process and could share some details on how you use this with your CI processes I would greatly appreciate it.
If you are open to supporting this I could make a PR

2021-05-05 11:34:20.567 10645-10968/com.nanonodes.servers E/AndroidRuntime: FATAL EXCEPTION: Thread-13 Process: com.nanonodes.servers, PID: 10645 java.lang.UnsatisfiedLinkError: dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/base.apk"],nativeLibraryDirectories=[/data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/lib/x86, /data/app/com.nanonodes.servers-t6bctHCf0XzknxVEfyXDDw==/base.apk!/lib/x86, /system/lib, /system/product/lib]]] couldn't find "libsecrets.so" at java.lang.Runtime.loadLibrary0(Runtime.java:1067) at java.lang.Runtime.loadLibrary0(Runtime.java:1007) at java.lang.System.loadLibrary(System.java:1667) at com.nanonodes.servers.Secrets.<clinit>(Secrets.kt:10) at com.nanonodes.servers.ui.login.PanelActivity$o.run(PanelActivity.java:1328) at java.lang.Thread.run(Thread.java:919)

I want to use this plugin in my production app but I am getting error while adding the plugin "Minimum supported gradle version is 6.5". In the README file its written that "This gradle plugin can be used with any Android project in Java or Kotlin."