The DashO 10.2 release introduces a major new feature: Resource Encryption for Android. It’s currently in beta, but is fully supported for production use. It allows you to encrypt the resources embedded in your APK, better protecting your Android application against static attacks.
This functionality integrates directly with your existing Gradle build, encrypting the resources during the standard build process. DashO then injects code into your protected application that will decrypt those resources at runtime.
Resource Encryption is off
by default, but can be easily enabled in the DashO UI. The UI makes it easy to enable, or disable, the encryption of specific resources via drag and drop. It currently supports encrypting both assets and raw resources.
Once you install DashO 10.2, using this feature is easy.
If you are not currently using Android Mode, introduced in DashO 10.0, please upgrade your project.
First, make sure you are using version 1.1.+
of the DashO Gradle Plugin for Android in your build.gradle
file. The previous version does not support Resource Encryption. Next, open your configuration file (e.g. project.dox
) in the DashO UI and enable Resource Encryption.
Use the wizard to integrate DashO into your application’s build process. This will add version 1.1.+
of the DashO Grade Plugin for Android, which supports Resource Encryption. Next, enable Resource Encryption in the DashO UI.
This is a beta feature and there are some limitations. It targets select Android resource APIs. Specifically, DashO automatically injects code to decrypt streams produced by the following method calls:
AssetManager.open(String)
AssetManager.open(String, int)
Resources.openRawResource(int)
Resources.openRawResource(int, TypedValue)
Note: If you know certain resources are not read using one of these APIs, you will need to exclude those particular resources from this encryption feature.
Once this feature is enabled, DashO by default will encrypt all the assets and raw resources in your application. However, this can be easily configured.
Run a Gradle build then open or refresh the configuration file in the DashO UI. You should see the resources under Resource Encryption -> [Asset|Raw] -> [Include|Exclude].
Depending on how your resources are used, you can either choose to include ones that use the supported APIs or exclude ones that do not. Simply drag the file(s) from the left-hand side to the right-hand side.
More information about this feature can be found in the User Guide. We are working on improving this functionality. If you run into any issues or if there are additional Android resource APIs that your application uses, please contact us.