Anything about Android

The Structure of .APK Files

An .apk file is actually a zip compression package, which can be easily decompressed with decompression tools. The following is what we can see after the helloworld.apk file is decompressed using any Zip utility. We can see that its structure is somewhat similar to that of the new project. 
|-- AndroidManifest.xml
|   |-- CERT.RSA
|   |-- CERT.SF
|-- classes.dex
|-- res
|   |-- drawable
|   |   `-- icon.png
|   `-- layout
|       `-- main.xml
`-- resources.arsc

3.1 Manifest File
AndroidManifest.xml is a required file for any application. It describes the name, version, access rights, referenced library files, and other information [ , ] of the application. If you intend to upload the .apk file to Google Market, you need to configure this .xml file. Here we skip it since there are too many references on this topic on the Internet.
The AndroidManifest.xml contained in the .apk file has been compressed. It can be decompressed using AXMLPrinter2 [ , ]. The command used is as follows:
java -jar AXMLPrinter2.jar AndroidManifest.xml

3.2 META-INF Directory
META-INF Directory, where signature data is stored, is used to ensure the integrality of the .apk package and system security. When using eclipse to create an API package, a check calculation is performed against all files to be packed. The calculation results are stored in the META-INF directory. When installing an .apk package on OPhone, the application manager will implement the same procedure above. If the result is different from that under the META-INF directory, the system will not install the .apk file. This helps ensure that the files contained in the .apk package will not be replaced randomly. For example, it is basically impossible to replace any picture, code fragment, or copyright data in the .apk package by directly decompressing the file, replacing such content, and then repacking it. Therefore, this may protect the system from virus infection and malicious modification, increasing the system security.

3.3 Classes.dex File
Classes.dex is a java byte code file generated after the compilation using java source codes. The Dalvik virtual machine used by Android is not compatible with typical java virtual machine. Therefore, the structure and opcode of .dex files are different from .class files. All java decompilers available now can not process .dex files. 
Android emulator provides a decompilation tool, dexdump, which can be used to decompile .dex files. First, start the Android emulator, and upload the .dex file into the emulator through Adb push. Find the .dex file after logging in through Adb shell. Implement the following command: dexdump xxx.dex.
Here we use the Hello World as an example as well.

view plaincopy to clipboardprint?

  1. # dexdump classes.dex  
  2. Processing 'classes.dex'...  
  3. Opened 'classes.dex', DEX version '035'  
  4. Class #            -  
  5. Class descriptor  : 'Lhello/world/R$attr;'  
  6. …  
  7. Class #5            -  
  8. Class descriptor  : 'Lhello/world/hello;'  
  9. Access flags      : 0x0001 (PUBLIC)  
  10. Superclass        : 'Landroid/app/Activity;'  
  11. Interfaces        -  
  12. Static fields     -  
  13. Instance fields   -  
  14. Direct methods    -  
  15. #              : (in Lhello/world/hello;)  
  16. name          : '<init>'  
  17. type          : '()V'  
  18. access        : 0x10001 (PUBLIC CONSTRUCTOR)  
  19. code          -  
  20. registers     : 1  
  21. ins           : 1  
  22. outs          : 1  
  23. insns size    : 4 16-bit code units  
  24. catches       : (none)  
  25. positions     :   
  26. 0x0000 line=7  
  27. locals        :   
  28. 0x0000 - 0x0004 reg= this Lhello/world/hello;   
  29. Virtual methods   -  
  30. #              : (in Lhello/world/hello;)  
  31. name          : 'onCreate'  
  32. type          : '(Landroid/os/Bundle;)V'  
  33. access        : 0x0001 (PUBLIC)  
  34. code          -  
  35. registers     : 4  
  36. ins           : 2  
  37. outs          : 2  
  38. insns size    : 17 16-bit code units  
  39. catches       : (none)  
  40. positions     :   
  41. 0x0000 line=11  
  42. 0x0003 line=13  
  43. 0x0008 line=14  
  44. 0x000d line=15  
  45. 0x0010 line=16  
  46. locals        :   
  47. 0x0008 - 0x0011 reg= test Landroid/widget/TextView;   
  48. 0x0000 - 0x0011 reg=2 this Lhello/world/hello;   
  49. 0x0000 - 0x0011 reg=3 savedInstanceState Landroid/os/Bundle;   
  50. source_file_idx   : 27 (  

The results show that 6 class files (class0 to class5) are found, corresponding to the number of the .class under the directory /bin. We can tell from this that all .class files are included in the .dex file. However, it is very hard to find out the modification that has been made from the decompilation results of in Class #5. So, how to output "Hello, OPhone" becomes a problem. If the decompilation of branch jump table is incomplete, the dump is also incomplete. This problem also exists with fill-array data table. Besides, there are many other disadvantages. In a word, the decompilation results of dexdump are hard to read.
Dedexer is another tool available on the Internet at present. It can read .dex files with output in assembly-like language. The output is similar to jasmin[ ] output, but includes Dalvik byte codes. More details about Dedexer will be given in the next section.

3.4 Res Directory
Res directory is used to store resource files. For details about resource manager in .apk files, please refer to related articles on the OPhone SDN website.

3.5 resources.arsc
It is a binary resource file after compilation.

Anything about Android