The moment i implemented this library, I always keep getting the message:

External build files have changed since last project sync. A project sync may be necessary for the IDE to work properly.

I pressed "Sync Now" but after each resync, the message comes back. Same if i do a project Rebuilt, the message doesn't go away.

Any idea how to solve this? thanks

Hello,

I would like to use your library in one of my Android library module. Is-it possible?
Right now I have this error when I include the apply plugin line in the module:

Error:Cannot get property 'externalNativeBuild' on null object

Thanks

Can this library be used in an android library?

I have placed the apply plugin: 'cipher.so' but I am unable to build the project. I keep getting the error, cannot read 'externalNativeBuild' on a null object

support android sign key checking may be better?

Thank you for the nice plugin! 👍

While trying to replace my own implementation with this, I ran in to a somewhat a problem, so maybe some one else is also experiencing this.

I like to sometimes run a clean task before building my project (mostly when deploying), and with that task in place the compiler game me an error that the file specified in the externalNativeJsonGenerator.makefile property does not exist. Some investigation revealed that the CMakeLists.txt is generated in the afterEvaluate callback witch is executed before the clean task, so on the clean task the file is deleted.
So I was wondering if it is plausible of moving the generation after the clean task?
Maybe it can be hooked to after/before preBuild task?

The issue can be simulated with the sample projects by running a clean when building ./gradlew sample:clean sample:assemble

A problem was found with the configuration of task ':sample:generateJsonModelDebug'.
> File '/Users/darius/workspace/android/Cipher.so/sample/build/cipher.so/cmake/CMakeLists.txt' specified for property 'externalNativeJsonGenerator.makefile' does not exist.

Description

The password used to encrypt the secret (when the project is configured to encrypt them) is embedded in the app and can be easily retrieved.

The password used to generate the key (in a weak way but this is an other matter) is stored in the binary as a string constant. And from what I saw, the IV is always 0000 (which is bad, you should use a random number instead).

In AESEncryptor.java

private static byte[] iv = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};

In extern-key.h

#define SECRET_KEY "Cipher.so@DEFAULT"

In cipher-lib.cpp

jstring
Java_net_idik_lib_cipher_so_CipherCore_getString(JNIEnv *env, jobject instance, jstring key_) {
    const char *key = env->GetStringUTFChars(key_, 0);
    string keyStr(key);
    string value = _map[keyStr];
    const char *result = encryptor->decrypt(SECRET_KEY, value.c_str());

It means that you will have to look for strings in the binary which makes it quite easy to find.
Also the password is stored as a constant (read only data). In the ELF file generated with clang this value is stored in the .rodata section.

Reproduction

You first need to unzip the APK to exctract the so file.

$ readelf -p .rodata lib/x86/libcipher-lib.so
String dump of section '.rodata':
  [     0]  HelloSecretKey
  [     f]  9Lh16XTo0e+6tw+oD7jVx9cBTty2WSxRi75FJTEPpbA=
  [    3c]  5d41402abc4b2a76b9719d911017c592
  [    5d]  NkXVm1rkyXcK1SsYkV8l8mgu6BDpwBIt2iqCVjVIQRg=
  [    8a]  58b49c7df6e825734005b0185607e8d7
  [    ab]  basic_string
...

We can clearly identify a the password here: HelloSecretKey. As well as the encrypted secrets 9Lh16XTo0e+6tw+oD7jVx9cBTty2WSxRi75FJTEPpbA= and NkXVm1rkyXcK1SsYkV8l8mgu6BDpwBIt2iqCVjVIQRg=

Then it is easy to decrypt the secrets, you generate the key the same way you did (you should at least use a safe key generation algorithm like PBKDF2 or bcrypt).

echo -n HelloSecretKey | md5sum -
88c5ef0a90786ede576a9cb8ab0190a3

To finish you can decrypt the secret using openssl or whatever

echo "9Lh16XTo0e+6tw+oD7jVx9cBTty2WSxRi75FJTEPpbA=" |openssl base64 -d|openssl enc -aes-128-cbc -d -K "88c5ef0a90786ede576a9cb8ab0190a3" -iv 0000000000000000
Hello From Cipher.so😊

Solution

Sadly, there is no solution I recommend. Developers should avoid to embed secret keys in their application. The problem you try to solve is actively researched and is called whitebox cryptography. Some solutions try to replace AES implementation and a key by a huge lookup table. However all the public proposal have been broken...

In the meantime, you can try to better generate and hide the key. But understand this will never be safe. Here are some ideas:

• Use a random IV. IV does not require to be hiden. Use a different IV per secret you encrypt.
• Use a randomly generated key instead of a password. You can have a look to KeyGenerator
• You can try to hide the key in other sections of the ELF file, maybe in .text area among code
• You can try to randomize a bit the place where the key is stored so it is different for each project

Hi guys. i'm trying to add this in my project. but i get error. all link has 404 error.

`A problem occurred configuring root project 'HamrahBankAnsarV3'.

Could not resolve all artifacts for configuration ':classpath'.
Could not find com.github.MEiDIK:Cipher.so:dev-SNAPSHOT.
Searched in the following locations:
- https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/maven-metadata.xml
- https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.pom
- https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.jar
- https://jitpack.io/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/maven-metadata.xml
- https://jitpack.io/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.pom
- https://jitpack.io/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.jar
- https://plugins.gradle.org/m2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/maven-metadata.xml
- https://plugins.gradle.org/m2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.pom
- https://plugins.gradle.org/m2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.jar
Required by:
project :

Possible solution:

• Declare repository providing the artifact, see the documentation at https://docs.gradle.org/current/userguide/declaring_repositories.html

`

项目已经用上，非常好用，但是有个疑问，如题：请问如何防止so包被人拿出来调用？

It's a great library.

• I understand that if we want to store passwords dynamically then android keystore is one of the best option. However, I believe there is more to it. Could you throw more insight into it?

  https://developer.android.com/training/articles/keystore.html.

• Is it possible to get the password by decompiling the apk using this library?

Thankyou

can use this library for Encrypt url that use in app ?

is secure?

can trust ?

很不错的工具，使用方便，提高了反编译的门槛。但是直接把字符串放在 so 里，使用现代工具还是很容易反编译的。比如使用 IDA Pro F5 就能很容易拿到字符串。可以考虑加入汇编指令或者更复杂的加密而非直接讲字符串写在头文件中。

引用这个库，rebuild一下，调用函数值后，我的module下的java目录竟然不见了。一直找不到....................

I can not start the test project. Displays the following error.

Error while executing: am start -n "net.idik.lib.cipher.so.sample/net.idik.lib.cipher.so.sample.MainActivity" -a android.intent.action.MAIN -c android.intent.category.LAUNCHER
Starting: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=net.idik.lib.cipher.so.sample/.MainActivity }
Error type 3
Error: Activity class {net.idik.lib.cipher.so.sample/net.idik.lib.cipher.so.sample.MainActivity} does not exist.

Error while Launching activity

Is there any special configuration for proguard?
I run in the 64 bits architecture device.

我刚刚试了一下，换一个签名，key还是正常调用，请问如何打开签名认证

hi guys . i faced this warning and i wonder to ask it here if anyone can help me thanks

and i did not have this warning until i added this library

最好可以不依赖本地的ndk

使用ndk16,ndk15编译，都会无限build.

can we have a snapshot channel please?

atm i'm having issues on bitrise/ci with the latest version because of #9

tried to use https://jitpack.io/#MEiDIK/Cipher.so/-SNAPSHOT but didn't work for some reason

cheers,
jan

it would be helpful if we can encrypt array of values (strings/integers) and retrieve them later

我看readme上面，验证签名加了一条横杠，是不是意味着获取key没有再进行签名认证了呢？

Can this functionality be introduced to retain previous keys?

I don't know how this works, or even if it is possible.

For e.g. It might look like this.

1. I created keys.

cipher.so {

    keys {
        password {
            value = 'noonecanfindthis.'
        }
    }

    encryptSeed = 'HelloSe1cretKey'
}

2. Rebuild the project.

3. Change/Add keys

cipher.so {
    keep_previous_keys = true
    keys {
        user {
            value = 'meidik.'
        }
    }

    encryptSeed = 'HelloSe1cretKey'
}

4. After Rebuild, remove keys from build.gradle

cipher.so {
    keep_previous_keys = true
    encryptSeed = 'HelloSe1cretKey'
}

We can do same for encryptSeed as well. Can this be done?

Could not find com.github.MEiDIK:Cipher.so:dev-SNAPSHOT.
Searched in the following locations:
https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/maven-metadata.xml
https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.pom
https://dl.google.com/dl/android/maven2/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.jar
https://jcenter.bintray.com/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/maven-metadata.xml
https://jcenter.bintray.com/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.pom
https://jcenter.bintray.com/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-SNAPSHOT.jar
Required by:
project :

Using this lib from last few years but today facing issue "Could not find com.github.MEiDIK:Cipher.so:dev-SNAPSHOT." (Jul 12, 2021)

is this library moved? Or Any update?

When I try to run a project from Android Studio, an app is running, but not installed before.

Next command is called (without installation part)

$ adb shell am start -n "com.simplepractice.simple/com.simplepractice.simple.module.launch.LaunchActivity" -a android.intent.action.MAIN -c android.intent.category.LAUNCHER

Nothing changed in pre-launch config

Gradle build is not building the project.

External Native Build Issues
Build command failed.
Error while executing process C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\cmake\3.6.4111459\bin\cmake.exe with arguments {-HC:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\cipher.so\cmake -BC:\Users\DavidSonNguyen\Desktop\TestCipher\app\outputs\cmake\cmake\debug\armeabi-v7a -DANDROID_ABI=armeabi-v7a -DANDROID_PLATFORM=android-15 -DCMAKE_LIBRARY_OUTPUT_DIRECTORY=C:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\intermediates\cmake\debug\obj\armeabi-v7a -DCMAKE_BUILD_TYPE=Debug -DANDROID_NDK=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\ndk-bundle -DCMAKE_CXX_FLAGS= -DCMAKE_TOOLCHAIN_FILE=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\ndk-bundle\build\cmake\android.toolchain.cmake -DCMAKE_MAKE_PROGRAM=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\cmake\3.6.4111459\bin\ninja.exe -GAndroid Gradle - Ninja}
-- Check for working C compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang.exe
-- Check for working C compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang++.exe
-- Check for working CXX compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang++.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
CMake Error at CMakeLists.txt:5 (add_subdirectory):
C:/Users/DavidSonNguyen/Desktop/TestCipher/app/build/cipher.so/cmake/CMakeLists.txt:5
when parsing string
C:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\cipher.so
Invalid character escape '\U'.
-- Configuring incomplete, errors occurred!
See also "C:/Users/DavidSonNguyen/Desktop/TestCipher/app/outputs/cmake/cmake/debug/armeabi-v7a/CMakeFiles/CMakeOutput.log".
Build command failed.
Error while executing process C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\cmake\3.6.4111459\bin\cmake.exe with arguments {-HC:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\cipher.so\cmake -BC:\Users\DavidSonNguyen\Desktop\TestCipher\app\outputs\cmake\cmake\release\armeabi-v7a -DANDROID_ABI=armeabi-v7a -DANDROID_PLATFORM=android-15 -DCMAKE_LIBRARY_OUTPUT_DIRECTORY=C:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\intermediates\cmake\release\obj\armeabi-v7a -DCMAKE_BUILD_TYPE=Release -DANDROID_NDK=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\ndk-bundle -DCMAKE_CXX_FLAGS= -DCMAKE_TOOLCHAIN_FILE=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\ndk-bundle\build\cmake\android.toolchain.cmake -DCMAKE_MAKE_PROGRAM=C:\Users\DavidSonNguyen\AppData\Local\Android\Sdk\cmake\3.6.4111459\bin\ninja.exe -GAndroid Gradle - Ninja}
-- Check for working C compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang.exe
-- Check for working C compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang.exe -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang++.exe
-- Check for working CXX compiler: C:/Users/DavidSonNguyen/AppData/Local/Android/Sdk/ndk-bundle/toolchains/llvm/prebuilt/windows-x86_64/bin/clang++.exe -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
CMake Error at CMakeLists.txt:5 (add_subdirectory):
C:/Users/DavidSonNguyen/Desktop/TestCipher/app/build/cipher.so/cmake/CMakeLists.txt:5
when parsing string
C:\Users\DavidSonNguyen\Desktop\TestCipher\app\build\cipher.so
Invalid character escape '\U'.
-- Configuring incomplete, errors occurred!
See also "C:/Users/DavidSonNguyen/Desktop/TestCipher/app/outputs/cmake/cmake/release/armeabi-v7a/CMakeFiles/CMakeOutput.log".
C:\Users\DavidSonNguyen\AppData\Local\Android\sdk\ndk-bundle\build\cmake\android.toolchain.cmake
Warning:(63, 98) (include) CMakeLists.txt
Warning:(63, 98) (include) CMakeLists.txt

having issues while running the app in release

I got this message when trying to build the project :(
Gradle project cmake.path is /.../app/build/cipher.so/cmake/CMakeLists.txt but that file doesn't exist

1，通过反射JAVA层AES来实现解密，解密方法在JAVA层，显然是极易被破解的
2，密钥固定死了，谁都知道是Cipher.so@DEFAULT
3，反射Packagemanager的签名校验可以有，即使在NDK层同样会被破解，作用不大

I try install the dependency follow the instructions but Android Studio present allways the message:
"External build files have changed since last project sync. A project sync may be necessary for the IDE work properly."
If rebuild project this error prints:

A problem was found with the configuration of task ':app:generateJsonModelRelease'.

File '/app/build/cipher.so/cmake/CMakeLists.txt' specified for property 'externalNativeJsonGenerator.makefile' does not exist.

Error:Android tasks have already been created.
This happens when calling android.applicationVariants,
android.libraryVariants or android.testVariants.
Once these methods are called, it is not possible to
continue configuring the model.

告诉我我不是一个人……之前2分多，现在8分多

Could not resolve com.github.MEiDIK:Cipher.so:dev-SNAPSHOT

Could not get resource 'https://jitpack.io/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-v0.0.4-g8581777-15.pom'.
Could not HEAD 'https://jitpack.io/com/github/MEiDIK/Cipher.so/dev-SNAPSHOT/Cipher.so-dev-v0.0.4-g8581777-15.pom'.
Read timed out

仅仅是 base64 了一下直接放在 so 里的，用记事本打开一样看得到

java.lang.NullPointerException (no error message)
when add apply plugin: 'cipher.so'

When I use this library I always got that message even I already sync it, the message always shown, anybody has this issue?

Why get key can only be UI thread , otherwise will be crashed

This library is going to be super useful from android pie onwards, Because android Pie comes with strongbox, so modifying this library to store encryption keys in strongbox and all other strings as dynamic library will be super awesome. This library can be used for storing encrypted values of hundreds of urls and other private data which needs to be shipped along with the app as dynamic library using strongbox from android pie. So this library is going to be super useful from android pie onwards. We will have an unhackable secure data storage option. Please keep further development of this library and support for android pie. kudos for your great work. More developers will be able to help you also.

A problem occurred configuring project ':app'.
This started happening after upgrading to Android Studio 3.1 sometime last week.

我引入了这个包之后，android6.0系统安装不上，请问这个项目最低支持到安卓什么版本？

Getting below error while trying to use below version of library. Please let me know any issues with this version.
repositories {
maven { url 'https://jitpack.io' }
}
dependencies {
classpath 'com.github.linisme:Cipher.so:0.0.4'
}

Logs:

• What went wrong:
  A problem occurred evaluating project ':app'.

Could not set unknown property 'encryptSeed' for SoExt{keys=[KeyExt{name='ek', value='-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,CA588D9290D69EBB