Is It Necessary To Secure The Secret (e.g., Key) In The .so File?
A private key has been #define in the C code of .so file. This key is used for the customized authentication process between client-server.
In some video and blog, people show how to disassemble .so file using IDA as well as extract function information. The output should be assembly language. How difficult to extract the key value from such output?
If the answer is the key defined in .so also needs protection, do I need to apply obfuscation on the C code before converting it to .so? Whether the normal algorithm will be affected for C?
It is possible and for skilled reverse engineer it is more or less easy. Obfuscating the secret key only slows down the hacker, but don't give you 100% protection. Consider using certificates signed by some authority.
- → should I choose reactjs+f7 or f7+vue.js?
- → Phonegap Android write to sd card
- → Local reference jquery script in nanohttpd (Android)
- → Click to navigate on mobile devices
- → How to allow api access to android or ios app only(laravel)?
- → Access the Camera and CameraRoll on Android using React Native?
- → React native change listening port
- → What is the default unit of style in React Native?
- → Google play market autocomplete icon
- → Warning: Each child in an array or iterator should have a unique "key" prop. Check the render method of `ListView`
- → Using Laravel with Genymotion
- → react native using like web-based ajax function
- → react native pdf View