Reputation: 15246
Identify Calling Application in Android NDK
I have a native android library (.so) I am bundling with some application. In the native code I want to verify the signer/package name of the calling application.
The reason is, currently anyone can open up the .apk file take my .so file and use it to built their own applications.
Is there a way to securely identify the calling application from Java side? This could be package name, signature or anything else that can identify the Android application in a unique way.
Upvotes: 4
Views: 1283
Answers (2)
Reputation: 2283
In the native code I want to verify the signer/package name of the calling application.
how about this?
#include <jni.h>
#include <string>
extern "C"
JNIEXPORT jstring JNICALL
Java_com_x_y_TestActivity_stringFromJNI(JNIEnv *env, jobject thiz)
{
jclass jActivity_class = env->GetObjectClass(thiz);
jmethodID jMethod_id_pn = env->GetMethodID(jActivity_class,"getPackageName","()Ljava/lang/String;");
jstring package_name = (jstring) env->CallObjectMethod(thiz,jMethod_id_pn);
return package_name;
}
Upvotes: 0
Reputation: 11541
JNI code is coupled with Java package name, and can be called only from the same package and class. To improve security further, you can check some Java private static final field from the JNI code.
Upvotes: 2
Related Questions
- How to check the device running API level using c code via NDK?
- Determine by which process Application.onCreate() is called
- How to obtain the current ABI of the app?
- Detect and get name of an app launched
- get application name from NDK
- Getting package name and signatures from uid/pid of application in native client
- Finding all calls to a specific android sdk level
- get name of application when user launch this app
- android: how to know whether app was called by another app
- Android NDK running native processes