在快速项目中混淆字符串常量秘密

Question

我有一个正在构建的应用程序，并且其中包含一些敏感的字符串，我希望没有人能够通过在二进制文件中查找字符串等轻松地找到答案。

例如这个

public class AACEncoder {
    final String TAG = "UEncoder Processor";

    final int sampleRate;
    File outputFile;

    FileOutputStream fos;

    final int TIMEOUT_USEC = 10000 ;

    MediaCodec encoder;
    boolean isEncoderRunning = false;
    boolean outputDone = false;

    MediaCodec.BufferInfo info;

    public AACEncoder(final int sampleRate, File outputFile) {
        this.sampleRate = sampleRate;
        this.info = new MediaCodec.BufferInfo();
        this.outputFile = outputFile;

        openFileStream();
        initEncoder();
    }

    /**
     * Initializes CrappyEncoder for AAC-LC (Low complexity)
     * @throws Exception
     */
    public void initEncoder() {
        try {
            encoder = MediaCodec.createEncoderByType("audio/mp4a-latm");
            MediaFormat format = new MediaFormat();
            format.setString(MediaFormat.KEY_MIME, "audio/mp4a-latm");
            format.setInteger(MediaFormat.KEY_CHANNEL_COUNT, 1);
            format.setInteger(MediaFormat.KEY_SAMPLE_RATE, sampleRate);
            format.setInteger(MediaFormat.KEY_BIT_RATE, 128000);
            format.setInteger(MediaFormat.KEY_AAC_PROFILE, MediaCodecInfo.CodecProfileLevel.AACObjectLC);
            encoder.configure(format, null, null, MediaCodec.CONFIGURE_FLAG_ENCODE);
        } catch (IOException ex) {
            Log.e(TAG, "Failed to create CrappyEncoder");
            ex.printStackTrace();
        }
    }

    int generateIndex = 0;

    public void encodeAudioFrameToAAC(byte[] frameData) {

        if (encoder == null) return;

        if (!isEncoderRunning) {
            encoder.start();
            isEncoderRunning = true;
        }

        ByteBuffer[] encoderInputBuffers = encoder.getInputBuffers();
        if (fos != null) {
            int inputBufIndex = encoder.dequeueInputBuffer(TIMEOUT_USEC);

            if (inputBufIndex >= 0) {
                long ptsUsec = (System.currentTimeMillis() * 1000) / 10000;
                if (outputDone) {
                    encoder.queueInputBuffer(inputBufIndex, 0, 0, ptsUsec,
                            MediaCodec.BUFFER_FLAG_END_OF_STREAM);
                } else {
                    ByteBuffer inputBuf = encoderInputBuffers[inputBufIndex];
                    inputBuf.clear();
                    inputBuf.put(frameData);
                    encoder.queueInputBuffer(inputBufIndex, 0, frameData.length, ptsUsec, 0);
                }
                generateIndex++;
            }
            tryEncodeOutputBuffer();
        }
        checkIfOutputDone();
    }

    /**
     * Gets data from output buffer and encodes it to
     * AAC-LC encoding with ADTS header attached before every frame
     */
    private void tryEncodeOutputBuffer() {

        ByteBuffer[] encoderOutputBuffers = encoder.getOutputBuffers();
        //If >= 0 then valid response
        int encoderStatus = encoder.dequeueOutputBuffer(info, TIMEOUT_USEC);
        if (encoderStatus >= 0) {
            ByteBuffer encodedData = encoderOutputBuffers[encoderStatus];

            encodedData.position(info.offset);
            encodedData.limit(info.offset + info.size + 7);

            byte[] data = new byte[info.size + 7];
            addADTStoPacket(data, info.size + 7);
            encodedData.get(data, 7, info.size);

            encodedData.position(info.offset);
            writeIntoOutputfile(data);
            encoder.releaseOutputBuffer(encoderStatus, false);
        }
    }

    private void checkIfOutputDone() {
        if (outputDone) {
            if (fos != null) {
                try {
                    fos.close();
                } catch (IOException ioe) {
                    Log.w(TAG, "failed closing debug file");
                    throw new RuntimeException(ioe);
                }
                fos = null;
            }
        }
    }

    /**
     *  Add ADTS header at the beginning of each and every AAC packet.
     *  This is needed as MediaCodec CrappyEncoder generates a packet of raw
     *  AAC data.
     *
     *  Note the packetLen must count in the ADTS header itself.
     **/
    private void addADTStoPacket(byte[] packet, int packetLen) {
        int profile = 2;  //AAC LC
        //39=MediaCodecInfo.CodecProfileLevel.AACObjectELD;
        int freqIdx = 4;  //44.1KHz
        int chanCfg = 2;  //CPE

        // fill in ADTS data
        packet[0] = (byte)0xFF;
        packet[1] = (byte)0xF9;
        packet[2] = (byte)(((profile-1)<<6) + (freqIdx<<2) +(chanCfg>>2));
        packet[3] = (byte)(((chanCfg&3)<<6) + (packetLen>>11));
        packet[4] = (byte)((packetLen&0x7FF) >> 3);
        packet[5] = (byte)(((packetLen&7)<<5) + 0x1F);
        packet[6] = (byte)0xFC;
    }

    private void openFileStream() {
        fos = null;
        try {
            fos = new FileOutputStream(outputFile, false);
        } catch (FileNotFoundException e) {
            Log.e("AudioRecorder", e.getMessage());
        }
    }

    /**
     * Writes data into file
     * @param data
     */
    public void writeIntoOutputfile(byte[] data) {
        try {
            fos.write(data);
        } catch (IOException ioe) {
            Log.w(TAG, "failed writing debug data to file");
            throw new RuntimeException(ioe);
        }
    }

    public void stopEncoding() {
        isEncoderRunning = false;
        encoder.stop();
        closeStream();
    }

    private void closeStream() {
        try {
            if (fos != null) {
                fos.close();
            }
        } catch (IOException e) {
            Log.e("AudioRecorder", e.getMessage());
        }
    }
}

在项目内部隐藏此字符串的正确方法是什么？

Answer 1

在大多数大公司中，他们处理此问题的方法不是在代码内保留秘密。相反，您通常会看到以下三种路线之一：

1. 从必须设置运行软件的环境变量中读取机密
2. 从配置文件中读取机密
3. 通过与本地秘密经纪人交谈来读取秘密

这三个都可以很好地工作。