Problem with app building - Web App Development

Hello,
I have decrypted an app, and now i am trying to firm as an apk file. However, it says this message "Illegal resource reference: @*android resources are private and not always present
Issue: Looks for references to private resources
Id: PrivateResource
Private resources should not be referenced; the may not be present everywhere, and even where they are they may disappear without notice.
To fix this, copy the resource into your own project. You can find the platform resources under $ANDROID_SK/platforms/android-$VERSION/data/res/."
I don't know how to include these resources into the project. Any help?
Than you in advance

Related

[Q] Microsoft.Phone.Data.Internal ?

Hi
Trying to perform unittesting (NUnit) on a new WP7 application (Mango bits); I'm running into this obstacle. When running the unittest - it keeps failing saying it can't find the assembly: Could not load file or assembly 'Microsoft.Phone.Data.Internal, Version=7.0.0.0, Culture=neutral, PublicKeyToken=24eec0d8c86cda1e' or one of its dependencies. The system cannot find the file specified..
I'm positive it is related to SQL CE, but for the life of me - where is this assembly???
Thanks in advance!
Is it in your reference list? If so click on it and see where it is.
Otherwise, it might be a namespace marked Internal, or just something we can't access.
If it helps, all the libs are in C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\Silverlight\v4.0\Profile\WindowsPhone

Making modifications & mergesmali

This is a new thread on the subject of modifying the system or
applications on the Nook. I'd like to see a separate thread on
modifying the kernel, but let's keep that off this.
The Basics
A bit of the system or an app is usually written in Java. Different
tools are used to compile and process it to the final product.
The Java Runtime Environment (JRE) is what allows you to run various tools and program on your host computer.
The Java Development Kit (JDK), version 6, update 33 contains the tools you need to work with Java
javac - the Java compiler
jarsigner - a tool for signing products
Android Software Development Kit (SDK), with downloads for Level 7 API.
Android Asset Packaging Tool (AAPT) - processes resources like images and layouts
Android Debug Bridge (ADB) - allows connection and debugging to your device
The final product is either an APK file or a JAR file, both of which
are basically ZIP files. Both of these contain a file called
classes.dex which contain the executable code. An APK file also
contains resources in a directory hierarchy. Some of these items,
like regular PNG graphics are exactly as you'd find them anywhere.
Other items, like "9 patch files" (9.png), are modified and others,
like XML files, are compressed. An APK file also contains a file
called AndroidManifest.xml that describes the product. Both APK
and JAR files can also contain signatures in the META-INF
directory.
Reverse Engineering
In the best of all worlds, you would have the original Java code that
the developers used to make the product. This is seldom available.
To work around this you need to backwards step the entire
process to get back to the original Java code. There is a problem,
the backwards process is not unambiguous. Yes, you can
backtrack to some Java code, that if compiled would work the
same as the original, but it would not look the same. Often the
intent of a piece of software is apparent from its layout. Also, you
will have none of the comments in the original code.
We can easily backtrack to an intermediate place between source
Java code and the final product. This is a place that does not really
exist in the original product generation process. We can take the
raw executable code out of a product and display it in a human
readable (and editable) form. "Smali" is the name of this
representation. It is analogous to assembly code. As stated, it
really does not exist as a language in the original compilation.
There is a software tool for taking apart a product and dissecting
it into the Smali code and the resources (if any). This tool also can
be used for compiling the Smali code back into the modified
product.
apktool, a tool for reverse engineering Android files
One of the main actions of the apktool is to take apart classes.dex
and generate a whole tree of files that end in the extension ".smali".
These files will have names like:
\NeatoApp\smali\com\bigcompany\neatoapp\MainView$23.smali
Modifying a Product
So, we can take a finished product, use apktool on it to take it apart
to pieces, modify some piece, then put it back together with
apktool. Modifying a resource like a graphic is easy, just modify
it (except 9.png, more later). Changing the wording of a popup
message is also easy. Changing the language of the interface
takes a bit more care to do it correctly. Modifying the Smali code
takes a bit of knowledge and done incorrectly can even brick your
device (repairable with a backup). If you have a chunk of Smali
code that someone modified for some reason, it's not too difficult
to open up your extracted Smali file, edit in the chunk, save it and
run apktool to put everything back together.
The Problem
We see this problem with kernels all the time, that some users want
a kernel with A, B, C and others want it with C, D, E. The number
of competing configuration gets out of hand. Moreover if you
come up with feature F, then you have to find a way to package
it up with A, B, C, for the first user and D, E for the second user.
A Solution
One possible solution is to let the user decide. You can distribute
options A-F independently and let the user install them themselves.
In principle, this means the user takes whatever version of
something they have on their device, apply a specific patch, then
reinstall it on their device. This would also open things up to
modifying different versions (for example Nook Touch vs. Nook
Glow) with the same mod.
mergesmali
mergesmali is a new tool for managing modifications to Smali
code. There is no particular magic behind it. It simply can replace
sections of Smali in a text file. It is agile enough to not rely on line
numbers or exact specifics of the Smali file. Here is a simple
example how you would use it to modify something:
Code:
adb pull /system/framework/android.policy.jar
apktool d android.policy.jar \Policy
mergesmali /v \Policy\smali\com\android\internal\policy\impl\LockScreen.smali landscapemod.smali
apktool b \Policy android.policy.jar
adb push android.policy.jar /system/framework
Mod Developers
We'll get to how to make the modification files for Smali soon...
Renate,
Great post! :good:
Could you add few words on logcat/ddms to help with troubleshooting, if a mod doesn’t work as expected, please?
Yes, I'm still working on this.
I've been patching the stock reader for dictionary and other things.
I was doing the patches on the 1.1.2 Reader.apk and it worked fine.
I just switched over to the 1.1.5 Reader.apk and it patched it fine without any changes.
This post addresses the developer side of things.
It is possible to patch Smali by hand.
For quick and dirty, this is not a bad solution.
The problem is that one must be aware of how many registers are used and for what.
In the first instance, if I need another register for my mod, that can push register references on other instructions out of the 4 bit range.
Also, if the stock code is revised later that can also change register references.
Even the simple addition of a debug print statement (Log.d) can affect things.
The solution is to always replace entire methods.
That way you are not fighting with conflicting code.
The logical place to keep your patches is in Java.
Obviously you can't have a standalone method, there has to be a class.
For instance, the stock Reader.apk has a place where it validates EAN (ISBN).
It checks for all digits, which bombs on sequences with dashes.
We want to replace that, easy enough, but we have to wrap it in the class.
Code:
package com.bn.nook.model.product;
public class Products
{
public static boolean isValidEan(String ean)
{
return(true);
}
}
Obviously this does not fully implement the class, but it has enough for our little method.
We do a normal compile of this, then apktool d it to the smali.
mergesmali can then scan through this smali and edit the stock smali from the apktool d'ed stock app.
A final apktool b, jarsigning and zipaligning puts it all back together.
But what if the method that we want to replace called some other method?
We would have to put something in our class to prevent compilation errors and to ensure that the smali code for our method did the correct invocation.
We end up writing stubs for these methods that do nothing.
If it's a void method, the body of the method is simply {}, for boolean types {return(false);}, etc.
But how do we make sure that mergesmali does not substitute these stub methods for the good methods already in stock?
Annotations.
By putting Annotations before each method, we can tell mergesmali what to do.
These annotations are preserved in the decoded smali.
They are subsequently deleted when mergesmali merges the smali.
Expanding our original example (this is just an example, not realistic):
Code:
package com.bn.nook.model.product;
import com.whoever.MergeSmali.*;
public class Products
{
@Ignore
public Products() {}
@Ignore
public static double complicatedOtherMethod(String ean, String msg)
{ return(0.0); }
@Replace
public static boolean isValidEan(String ean)
{
if (complicatedOtherMethod(ean, "Hello")<2.3) return(false);
return(true);
}
}
The @Replace tells mergesmali to replace this method.
The @Ignore tells mergesmali not to replace this method.
We need to have the stub for complicatedOtherMethod in the source.
Well, why is the constructor in there?
The compiler will generate a default constructor if we don't write one and it would have no annotation.
mergesmali prints an error if any method does not have an annotation;
There is also @Append for new methods that are not in the stock.
There is also @Delete to delete methods (that either have a super or not being used at all with the rewritten methods).
What's in com.whoever.MergeSmali.* ?
Code:
package com.whoever;
public class MergeSmali
{
public @interface Ignore {}
public @interface Replace {}
public @interface Append {}
public @interface Delete {}
}
The package is not important as long as it's an Annotation and the class/subclasses are as indicated.
collaboration?
Maybe we could start some sort of work distribution (and knowledge) towards fullfiiling some common goal for the NST.
Here's the Windows (command line) executable for mergesmali.
The basic usage is:
Code:
mergesmali /v [i]stock.smali[/i] [i]patch.smali[/i]
And here's the commands to integrate the new dictionary app to the stock Reader.
Code:
apktool.bat d Reader.apk \Reader
mergesmali /v \Reader\smali\com\bn\nook\reader\ui\ReaderMainView.smali ReaderMainView.smali
apktool.bat b \Reader NewReader.apk
It should generate the following message:
Code:
Replaced: public showLookupView()V
At this point you only have the question of how you are going to sign the modified Reader.
If you have resigned your whole system already, you can just resign with that and install.
You could also edit AndroidManifest.xml before the apktool b and delete the sharedid.
Then you could install it as a regular app after deleting the system app.
Renate NST said:
At this point you only have the question of how you are going to sign the modified Reader.
If you have resigned your whole system already
Click to expand...
Click to collapse
I guess no one did it... yet.
Renate NST said:
You could also edit AndroidManifest.xml before the apktool b and delete the sharedid.
Then you could install it as a regular app after deleting the system app.
Click to expand...
Click to collapse
I don’t understand Android security well enough.
There a discrepancy between documentation and how it works or maybe I don’t understand it at all.
Anyway – if Reader.apk is resigned, it should run under different user, thus loose access to shared databases (internal, annotations, bookmarks, etc.)
Do we need to fix permission to make them RW for everyone?
Could you check (ps) what user(s) "home", "library" and "patched reader" use on you nook now, please?
Annotations, bookmarks, last reading point are all providers implemented and used in Reader.apk.
As far as I can tell, there is no particular reason why Reader.apk uses a sharedId.
I don't have stock Home or Library running on my Nook.
I forget where I have Reader.apk installed right now.
It's been in /system/app or /data/app and worked fine in either place.
Resigning does not change user.
Renate NST said:
Annotations, bookmarks, last reading point are all providers implemented and used in Reader.apk.
Click to expand...
Click to collapse
I would expect the provider for Annotations, bookmarks is Reader.apk
They are not used anywhere else.
last reading point is used in Home.apk too.
Out of curiosity, where Annotations, bookmarks and last reading point providers are implemented?
In framework itself?
Renate NST said:
Resigning does not change user.
Click to expand...
Click to collapse
Ouch.
Stock reader runs as shared user.
If we resign it – it has to run as different one, according to security docs...
And it doesn’t matter if shared id is in manifest still or not.
I guess, I need to do some testing…
Ok, I meant resigning it with the system signature it can keep the same sharedId.
If you don't sign it with the same signature then you have to get rid of the sharedId.
It will then have a normal application user ID.
As far as I can tell, this should make no difference in anything.
But I have gutted most of the B&N stuff so I can't guarantee that in-store browsing or something else won't be affected.
Renate,
Could you answer this one:
ApokrifX said:
Out of curiosity, where Annotations, bookmarks and last reading point providers are implemented?
In framework itself?
Click to expand...
Click to collapse
And one more:
Is it difficult to mod and stock side-by-side?
Change app name + package for every class?
In Reader.apk
com.bn.nook.reader.providers.AnnotationsProvider
com.bn.nook.reader.providers.BaseDictionaryProvider
com.bn.nook.reader.providers.BookmarksProvider
com.bn.nook.reader.providers.LastReadingPointProvider
com.bn.nook.reader.providers.ReaderLocalProvider
(I'd like to know some time why the forums breaks words up.)
On your second question, that's an interesting one.
You'd have to change the package name all over the place,
not just in the manifest, but every smali file and every function call.
But sure, it could be done.
Renate NST said:
In Reader.apk
com.bn.nook.reader.providers.AnnotationsProvider
com.bn.nook.reader.providers.BaseDictionaryProvider
com.bn.nook.reader.providers.BookmarksProvider
com.bn.nook.reader.providers.LastReadingPointProvider
com.bn.nook.reader.providers.ReaderLocalProvider
Click to expand...
Click to collapse
Thank you!
Renate NST said:
(I'd like to know some time why the forums breaks words up.)
Click to expand...
Click to collapse
No idea…
Renate NST said:
Annotations, bookmarks, last reading point are all providers implemented and used in Reader.apk.
As far as I can tell, there is no particular reason why Reader.apk uses a sharedId.
Click to expand...
Click to collapse
Looking at B&N coding style, I won’t be surprised if Home.apk uses its own provider to read the "last reading point".
If this is the case sharedId in a must.
Renate NST said:
On your second question, that's an interesting one.
You'd have to change the package name all over the place,
not just in the manifest, but every smali file and every function call.
But sure, it could be done.
Click to expand...
Click to collapse
and every function call But it can be automated easily, right?
ApokrifX said:
If this is the case sharedId in a must.
Click to expand...
Click to collapse
No.
The "Last read" icon in the upper left corner broadcasts com.bn.nook.launch.LAST_BOOK
This is usually received by Home.apk, which uses the LRP provider in Reader.apk to get the EAN of the last book.
Home.apk then sends the intent android.intent.action.VIEW to Reader.apk with the path of the book.
Reader.apk then uses it's own LRP provider to get the actual LRP in the book.
None of this requires sharedIDs.
#2 Sure, that could be automated.
Renate NST said:
No.
The "Last read" icon in the upper left corner broadcasts com.bn.nook.launch.LAST_BOOK
This is usually received by Home.apk, which uses the LRP provider in Reader.apk to get the EAN of the last book.
Home.apk then sends the intent android.intent.action.VIEW to Reader.apk with the path of the book.
Reader.apk then uses it's own LRP provider to get the actual LRP in the book.
None of this requires sharedIDs.
Click to expand...
Click to collapse
Home shows "last book thumbnail" + on page #XYZ of #ABC also.
I recall you have deleted Home.apk.
Renate NST said:
#2 Sure, that could be automated.
Click to expand...
Click to collapse
Ok. I gotta take a look.Will try to do later today.
ApokrifX said:
Home shows "last book thumbnail" + on page #XYZ of #ABC also.
I recall you have deleted Home.apk.
Click to expand...
Click to collapse
Yes, my Library.apk replacement has a receiver for the com.bn.nook.launch.LAST_BOOK intent.
Even though Home.apk uses the Reader.apk to find LB & LRP for the preview,
it only uses LB to tell the Reader.apk what to open.
Reader.apk does its own homework checking LRP for the desired book.
This can easily be verified by opening a few books with a file manager.
Renate NST said:
Yes, my Library.apk replacement has a receiver for the com.bn.nook.launch.LAST_BOOK intent.
Even though Home.apk uses the Reader.apk to find LB & LRP for the preview,
it only uses LB to tell the Reader.apk what to open.
Reader.apk does its own homework checking LRP for the desired book.
This can easily be verified by opening a few books with a file manager.
Click to expand...
Click to collapse
Ok. I.e. it shouldn't be a problem to run side-by-side readers, right?
They both modify LRP, and Home will be able to pull it via stock reader.
Same idiotic question: do we need to need to change any permissions to let both readers access media databases?
As it stands, if I understand what you want to do,
you'd have to disable the providers in one of the Readers.
You can't have two providers responding to the same intents.
Is there some overwhelming reason why you want to do all this?
Renate NST said:
As it stands, if I understand what you want to do,
you'd have to disable the providers in one of the Readers.
You can't have two providers responding to the same intents.
Click to expand...
Click to collapse
I didn't realize until now, provider responds to URI, so better have one only to avoid problems...
Renate NST said:
Is there some overwhelming reason why you want to do all this?
Click to expand...
Click to collapse
To "not break existing functionality"
I see, it'll be too difficult to have both, too many changes are needed...
Just a bump, old posts don't have signatures.
mergesmali & other stuff can be downloaded from my signature blob.

Resource Redirection of R.xml

I'm finally updating my Google Keyboard Custom Smilies module, but the new version of Google Keyboard uses a new system, it has all the stuff in R.xml. It looks like I can actually make the module far better, with a whole new page for the custom smiles, but I've hit a problem, I can't get Xposed to redirect XML:
Code:
resparam.res.setReplacement("com.google.android.inputmethod.latin", "xml", "softkeys_body_smiley", modRes.fwd(R.xml.softkeys_body_smiley));
Does not work, shows no errors or anything in the log, just does nothing
Is there some error here? Does Xposed not support redirecting XML?
Also, if I CAN redirect XML, can I redirect it to a string, where the string simply contains XML? Else it won't be very "custom"
Cheers
haven't tested but looks like it does, and that you can also hook XResources

create Lookup provider like auskunft [Libra]

Hello, basically what I want to achive is to create my own lookup provider similar to already built in Auskunft but as an apk so it is possible in future to install it on any rom.
Due to that I have questions about adding external libraries to lineageOs like ezVcard in .jar fromat, as well as how to achive a lookup provider as an apk. I would appreciate a lot anything helpfull that I should read about those topics.
(I already created simple classes to get vcards via https request and to parse them)
Kind regards!

How can I write on web app development forum, when I just joined?

I have a question regarding cordova, my guess is that this is the right place: https://forum.xda-developers.com/coding/web-apps but when I try to create a new post I see this:
"To prevent spam, you must have a higher post count in order to make a new thread in this development section.�But feel free to make new thread in the non-development sections like General, Q&A, etc. Thanks for your understanding! "
I've just registered, so what should I do now?
Anyway, I have a question about cordova. In the app I'm responsible for (I didn't make it) I have the following error:
```
Android resource linking failed
app/platforms/android/app/src/main/res/xml/config.xml:34: AAPT: error: resource drawable/icon (aka pl.example.exampleLdrawable/icon) not found.
```
in the app/config.xml file, I have this: android:icon="@drawable/icon"
But what is this location, I mean, where in the app should I put the icon? I tried app/platforms/android/res/drawable but that doesn't work.
I do have the files (icons) in dirs like drawable or drawable-hdpi-v4 but I have no idea where I should put them.
Can you help me please with that?
Moved it to the web app forum for you :good:
Thank you
@konrados2
This are the docs for icon.
https://cordova.apache.org/docs/en/latest/config_ref/images.html
You can use this tool to autogenerate icons
https://www.npmjs.com/package/cordova-res

Categories

Resources