B4J Question [SOLVED] Obfuscating of library methods

JackKirk

Well-Known Member
Licensed User
Longtime User
This question has relevance across B4J and B4A.

I am doing some security enhancements for some apps that use B4J libraries.

One of the things I am doing is reading some hex strings from a file, converting to bytes then decrypting.

I compile the app with obfuscation then use a java decompiler to look at the resulting .jar

The trouble is that, when using the java decompiler, if I search for "Decrypt" (a method in the jB4XEncryption library) it pops up large as life - pointing to the (obfuscated) variable that is the encryption key.

If I could obfuscate "Decrypt" it would make it considerably harder for a hacker.

I am not adverse to modifying the jB4XEncryption library if necessary - if I knew how.

Any suggestions?

Thanks in anticipation...
 

MathiasM

Active Member
Licensed User
Wait, you store the encryption key inside your code and are trying to hide it?
This won't work at all. There is no way this would even hold back a script kiddie.

I think there more of design flaw here.
 
Upvote 0

JackKirk

Well-Known Member
Licensed User
Longtime User
Wait, you store the encryption key inside your code and are trying to hide it?
This won't work at all. There is no way this would even hold back a script kiddie.

I think there more of design flaw here.
I have sent you a PM.
 
Upvote 0
Top