├── .gitignore
├── .idea
└── vcs.xml
├── README.md
├── app
├── .gitignore
├── build.gradle
├── proguard-rules.pro
├── release
│ ├── app-release.apk
│ └── output-metadata.json
└── src
│ ├── androidTest
│ └── java
│ │ └── com
│ │ └── shocker
│ │ └── hideapk
│ │ └── ExampleInstrumentedTest.kt
│ ├── main
│ ├── AndroidManifest.xml
│ ├── cpp
│ │ ├── CMakeLists.txt
│ │ └── native-lib.cpp
│ ├── java
│ │ └── com
│ │ │ └── shocker
│ │ │ ├── hideapk
│ │ │ ├── hide
│ │ │ │ └── HideAPK.kt
│ │ │ ├── signing
│ │ │ │ ├── ApkSignerV2.java
│ │ │ │ ├── ByteArrayStream.java
│ │ │ │ ├── CryptoUtils.java
│ │ │ │ ├── JarMap.java
│ │ │ │ ├── SignApk.java
│ │ │ │ └── ZipUtils.java
│ │ │ └── utils
│ │ │ │ ├── AXML.kt
│ │ │ │ └── Keygen.kt
│ │ │ └── ui
│ │ │ └── MainActivity.kt
│ └── res
│ │ ├── drawable-v24
│ │ └── ic_launcher_foreground.xml
│ │ ├── drawable
│ │ └── ic_launcher_background.xml
│ │ ├── layout
│ │ └── activity_main.xml
│ │ ├── mipmap-anydpi-v26
│ │ ├── ic_launcher.xml
│ │ └── ic_launcher_round.xml
│ │ ├── mipmap-hdpi
│ │ ├── ic_launcher.webp
│ │ └── ic_launcher_round.webp
│ │ ├── mipmap-mdpi
│ │ ├── ic_launcher.webp
│ │ └── ic_launcher_round.webp
│ │ ├── mipmap-xhdpi
│ │ ├── ic_launcher.webp
│ │ └── ic_launcher_round.webp
│ │ ├── mipmap-xxhdpi
│ │ ├── ic_launcher.webp
│ │ └── ic_launcher_round.webp
│ │ ├── mipmap-xxxhdpi
│ │ ├── ic_launcher.webp
│ │ └── ic_launcher_round.webp
│ │ ├── values-night
│ │ └── themes.xml
│ │ └── values
│ │ ├── colors.xml
│ │ ├── strings.xml
│ │ └── themes.xml
│ └── test
│ └── java
│ └── com
│ └── shocker
│ └── hideapk
│ └── ExampleUnitTest.kt
├── build.gradle
├── gradle.properties
├── gradle
└── wrapper
│ ├── gradle-wrapper.jar
│ └── gradle-wrapper.properties
├── gradlew
├── gradlew.bat
└── settings.gradle
/.gitignore:
--------------------------------------------------------------------------------
1 | *.iml
2 | .gradle
3 | /local.properties
4 | /.idea/caches
5 | /.idea/libraries
6 | /.idea/modules.xml
7 | /.idea/workspace.xml
8 | /.idea/navEditor.xml
9 | /.idea/assetWizardSettings.xml
10 | .DS_Store
11 | /build
12 | /captures
13 | .externalNativeBuild
14 | .cxx
15 | local.properties
16 | .idea
--------------------------------------------------------------------------------
/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | app随机包名demo,大部分代码来源于Magisk
2 |
3 | https://pshocker.github.io/2022/06/26/Android-%E9%9A%8F%E6%9C%BA%E5%8C%85%E5%90%8D/
--------------------------------------------------------------------------------
/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build
--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
1 | plugins {
2 | id 'com.android.application'
3 | id 'org.jetbrains.kotlin.android'
4 | }
5 | apply plugin: 'kotlin-android'
6 |
7 | ext {
8 | sourceCompatibility = JavaVersion.VERSION_11
9 | }
10 |
11 | android {
12 | compileSdk 32
13 |
14 | defaultConfig {
15 | applicationId "com.shocker.hideapk"
16 | minSdk 21
17 | targetSdk 32
18 | versionCode 1
19 | versionName "1.0"
20 |
21 | testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
22 | externalNativeBuild {
23 | cmake {
24 | cppFlags ''
25 | }
26 | }
27 | }
28 |
29 | buildTypes {
30 | release {
31 | minifyEnabled false
32 | proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
33 | }
34 | }
35 | compileOptions {
36 | targetCompatibility targetCompatibility1
37 | sourceCompatibility targetCompatibility1
38 | }
39 | kotlinOptions {
40 | jvmTarget = '1.8'
41 | }
42 | externalNativeBuild {
43 | cmake {
44 | path file('src/main/cpp/CMakeLists.txt')
45 | version '3.18.1'
46 | }
47 | }
48 | buildFeatures {
49 | viewBinding true
50 | }
51 | }
52 |
53 | dependencies {
54 | def libsuVersion = '5.0.2'
55 | // The core module is used by all other components
56 | implementation "com.github.topjohnwu.libsu:core:${libsuVersion}"
57 | // Optional: APIs for creating root services
58 | implementation "com.github.topjohnwu.libsu:service:${libsuVersion}"
59 | // Optional: For com.topjohnwu.superuser.io classes
60 | implementation "com.github.topjohnwu.libsu:io:${libsuVersion}"
61 |
62 | implementation "org.bouncycastle:bcpkix-jdk15on:1.70"
63 | implementation "com.jakewharton.timber:timber:4.7.1"
64 | implementation 'org.jetbrains.kotlinx:kotlinx-coroutines-android:1.3.9'
65 |
66 | implementation 'androidx.core:core-ktx:1.7.0'
67 | implementation 'androidx.appcompat:appcompat:1.3.0'
68 | implementation 'com.google.android.material:material:1.4.0'
69 | implementation 'androidx.constraintlayout:constraintlayout:2.0.4'
70 | testImplementation 'junit:junit:4.13.2'
71 | androidTestImplementation 'androidx.test.ext:junit:1.1.3'
72 | androidTestImplementation 'androidx.test.espresso:espresso-core:3.4.0'
73 | implementation "androidx.core:core-ktx:+"
74 | }
75 |
--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
1 | # Add project specific ProGuard rules here.
2 | # You can control the set of applied configuration files using the
3 | # proguardFiles setting in build.gradle.
4 | #
5 | # For more details, see
6 | # http://developer.android.com/guide/developing/tools/proguard.html
7 |
8 | # If your project uses WebView with JS, uncomment the following
9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | # public *;
13 | #}
14 |
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 |
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile
--------------------------------------------------------------------------------
/app/release/app-release.apk:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/PShocker/HideAPK/bedcf3692c9d9afdfb8dec6c00a61c894cdd9688/app/release/app-release.apk
--------------------------------------------------------------------------------
/app/release/output-metadata.json:
--------------------------------------------------------------------------------
1 | {
2 | "version": 3,
3 | "artifactType": {
4 | "type": "APK",
5 | "kind": "Directory"
6 | },
7 | "applicationId": "com.shocker.hideapk",
8 | "variantName": "release",
9 | "elements": [
10 | {
11 | "type": "SINGLE",
12 | "filters": [],
13 | "attributes": [],
14 | "versionCode": 1,
15 | "versionName": "1.0",
16 | "outputFile": "app-release.apk"
17 | }
18 | ],
19 | "elementType": "File"
20 | }
--------------------------------------------------------------------------------
/app/src/androidTest/java/com/shocker/hideapk/ExampleInstrumentedTest.kt:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk
2 |
3 | import androidx.test.platform.app.InstrumentationRegistry
4 | import androidx.test.ext.junit.runners.AndroidJUnit4
5 |
6 | import org.junit.Test
7 | import org.junit.runner.RunWith
8 |
9 | import org.junit.Assert.*
10 |
11 | /**
12 | * Instrumented test, which will execute on an Android device.
13 | *
14 | * See [testing documentation](http://d.android.com/tools/testing).
15 | */
16 | @RunWith(AndroidJUnit4::class)
17 | class ExampleInstrumentedTest {
18 | @Test
19 | fun useAppContext() {
20 | // Context of the app under test.
21 | val appContext = InstrumentationRegistry.getInstrumentation().targetContext
22 | assertEquals("com.shocker.hideapk", appContext.packageName)
23 | }
24 | }
--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
12 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/app/src/main/cpp/CMakeLists.txt:
--------------------------------------------------------------------------------
1 | # For more information about using CMake with Android Studio, read the
2 | # documentation: https://d.android.com/studio/projects/add-native-code.html
3 |
4 | # Sets the minimum version of CMake required to build the native library.
5 |
6 | cmake_minimum_required(VERSION 3.18.1)
7 |
8 | # Declares and names the project.
9 |
10 | project("hideapk")
11 |
12 | # Creates and names a library, sets it as either STATIC
13 | # or SHARED, and provides the relative paths to its source code.
14 | # You can define multiple libraries, and CMake builds them for you.
15 | # Gradle automatically packages shared libraries with your APK.
16 |
17 | add_library( # Sets the name of the library.
18 | hideapk
19 |
20 | # Sets the library as a shared library.
21 | SHARED
22 |
23 | # Provides a relative path to your source file(s).
24 | native-lib.cpp)
25 |
26 | # Searches for a specified prebuilt library and stores the path as a
27 | # variable. Because CMake includes system libraries in the search path by
28 | # default, you only need to specify the name of the public NDK library
29 | # you want to add. CMake verifies that the library exists before
30 | # completing its build.
31 |
32 | find_library( # Sets the name of the path variable.
33 | log-lib
34 |
35 | # Specifies the name of the NDK library that
36 | # you want CMake to locate.
37 | log)
38 |
39 | # Specifies libraries CMake should link to your target library. You
40 | # can link multiple libraries, such as libraries you define in this
41 | # build script, prebuilt third-party libraries, or system libraries.
42 |
43 | target_link_libraries( # Specifies the target library.
44 | hideapk
45 |
46 | # Links the target library to the log library
47 | # included in the NDK.
48 | ${log-lib})
--------------------------------------------------------------------------------
/app/src/main/cpp/native-lib.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 |
4 | extern "C"
5 | JNIEXPORT jstring JNICALL
6 | Java_com_shocker_ui_MainActivity_stringFromJNI(JNIEnv *env, jobject thiz) {
7 | // TODO: implement stringFromJNI()
8 | std::string hello = "Hello from C++";
9 | return env->NewStringUTF(hello.c_str());
10 | }
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/hide/HideAPK.kt:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.hide
2 |
3 | import android.app.Activity
4 | import android.content.Context
5 | import android.content.Intent
6 | import android.widget.Toast
7 | import com.shocker.hideapk.BuildConfig.APPLICATION_ID
8 | import com.shocker.hideapk.signing.JarMap
9 | import com.shocker.hideapk.signing.SignApk
10 | import com.shocker.hideapk.utils.AXML
11 | import com.shocker.hideapk.utils.Keygen
12 | import com.topjohnwu.superuser.Shell
13 | import com.topjohnwu.superuser.internal.UiThreadHandler
14 | import kotlinx.coroutines.Dispatchers
15 | import kotlinx.coroutines.withContext
16 | import timber.log.Timber
17 | import java.io.File
18 | import java.io.FileOutputStream
19 | import java.io.OutputStream
20 | import java.security.SecureRandom
21 |
22 | object HideAPK {
23 |
24 | private const val ALPHA = "abcdefghijklmnopqrstuvwxyz"
25 | private const val ALPHADOTS = "$ALPHA....."
26 | private const val ANDROID_MANIFEST = "AndroidManifest.xml"
27 |
28 |
29 |
30 | private fun genPackageName(): String {
31 | val random = SecureRandom()
32 | val len = 5 + random.nextInt(15)
33 | val builder = StringBuilder(len)
34 | var next: Char
35 | var prev = 0.toChar()
36 | for (i in 0 until len) {
37 | next = if (prev == '.' || i == 0 || i == len - 1) {
38 | ALPHA[random.nextInt(ALPHA.length)]
39 | } else {
40 | ALPHADOTS[random.nextInt(ALPHADOTS.length)]
41 | }
42 | builder.append(next)
43 | prev = next
44 | }
45 | if (!builder.contains('.')) {
46 | // Pick a random index and set it as dot
47 | val idx = random.nextInt(len - 2)
48 | builder[idx + 1] = '.'
49 | }
50 | return builder.toString()
51 | }
52 |
53 | fun patch(
54 | context: Context,
55 | apk: File, out: OutputStream,
56 | pkg: String, label: CharSequence
57 | ): Boolean {
58 | val info = context.packageManager.getPackageArchiveInfo(apk.path, 0) ?: return false
59 | val name = info.applicationInfo.nonLocalizedLabel.toString()
60 | try {
61 | JarMap.open(apk, true).use { jar ->
62 | val je = jar.getJarEntry(ANDROID_MANIFEST)
63 | val xml = AXML(jar.getRawData(je))
64 |
65 | if (!xml.findAndPatch(APPLICATION_ID to pkg, name to label.toString()))
66 | return false
67 |
68 | // Write apk changes
69 | jar.getOutputStream(je).use { it.write(xml.bytes) }
70 | val keys = Keygen(context)
71 | SignApk.sign(keys.cert, keys.key, jar, out)
72 | return true
73 | }
74 | } catch (e: Exception) {
75 | Timber.e(e)
76 | return false
77 | }
78 | }
79 |
80 | private suspend fun patchAndHide(
81 | activity: Activity,
82 | label: String,
83 | onFailure: Runnable,
84 | path: String
85 | ): Boolean {
86 | // val stub = File(activity.cacheDir, "stub.apk")
87 | val stub = File(path)
88 |
89 | // Generate a new random package name and signature
90 | val repack = File(activity.cacheDir, "patched.apk")
91 |
92 | val pkg = genPackageName()
93 |
94 | if (!patch(activity, stub, FileOutputStream(repack), pkg, label))
95 | return false
96 |
97 | // Install
98 | val cmd = "pm install ${repack.absolutePath}"
99 | return if(Shell.su(cmd).exec().isSuccess){
100 | UiThreadHandler.run { Toast.makeText(activity, "随机包名安装成功,应用名:${label}", Toast.LENGTH_LONG).show() }
101 | true
102 | }else{
103 | UiThreadHandler.run { Toast.makeText(activity, "随机包名安装失败", Toast.LENGTH_LONG).show() }
104 | false
105 | }
106 |
107 | }
108 |
109 | //label:应用的名称
110 | //path:原apk安装包路径
111 | @Suppress("DEPRECATION")
112 | suspend fun hide(activity: Activity, label: String, path: String) {
113 | val onFailure = Runnable {
114 |
115 | }
116 | val success = withContext(Dispatchers.IO) {
117 | patchAndHide(activity, label, onFailure,path)
118 | }
119 | if (!success) onFailure.run()
120 | }
121 |
122 | }
123 |
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/signing/ApkSignerV2.java:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.signing;
2 |
3 | import java.nio.BufferUnderflowException;
4 | import java.nio.ByteBuffer;
5 | import java.nio.ByteOrder;
6 | import java.security.DigestException;
7 | import java.security.InvalidAlgorithmParameterException;
8 | import java.security.InvalidKeyException;
9 | import java.security.KeyFactory;
10 | import java.security.MessageDigest;
11 | import java.security.NoSuchAlgorithmException;
12 | import java.security.PrivateKey;
13 | import java.security.PublicKey;
14 | import java.security.Signature;
15 | import java.security.SignatureException;
16 | import java.security.cert.CertificateEncodingException;
17 | import java.security.cert.X509Certificate;
18 | import java.security.spec.AlgorithmParameterSpec;
19 | import java.security.spec.InvalidKeySpecException;
20 | import java.security.spec.MGF1ParameterSpec;
21 | import java.security.spec.PSSParameterSpec;
22 | import java.security.spec.X509EncodedKeySpec;
23 | import java.util.ArrayList;
24 | import java.util.HashMap;
25 | import java.util.HashSet;
26 | import java.util.List;
27 | import java.util.Map;
28 | import java.util.Set;
29 |
30 | /**
31 | * APK Signature Scheme v2 signer.
32 | *
33 | *
APK Signature Scheme v2 is a whole-file signature scheme which aims to protect every single
34 | * bit of the APK, as opposed to the JAR Signature Scheme which protects only the names and
35 | * uncompressed contents of ZIP entries.
36 | */
37 | public abstract class ApkSignerV2 {
38 | /*
39 | * The two main goals of APK Signature Scheme v2 are:
40 | * 1. Detect any unauthorized modifications to the APK. This is achieved by making the signature
41 | * cover every byte of the APK being signed.
42 | * 2. Enable much faster signature and integrity verification. This is achieved by requiring
43 | * only a minimal amount of APK parsing before the signature is verified, thus completely
44 | * bypassing ZIP entry decompression and by making integrity verification parallelizable by
45 | * employing a hash tree.
46 | *
47 | * The generated signature block is wrapped into an APK Signing Block and inserted into the
48 | * original APK immediately before the start of ZIP Central Directory. This is to ensure that
49 | * JAR and ZIP parsers continue to work on the signed APK. The APK Signing Block is designed for
50 | * extensibility. For example, a future signature scheme could insert its signatures there as
51 | * well. The contract of the APK Signing Block is that all contents outside of the block must be
52 | * protected by signatures inside the block.
53 | */
54 |
55 | public static final int SIGNATURE_RSA_PSS_WITH_SHA256 = 0x0101;
56 | public static final int SIGNATURE_RSA_PSS_WITH_SHA512 = 0x0102;
57 | public static final int SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA256 = 0x0103;
58 | public static final int SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512 = 0x0104;
59 | public static final int SIGNATURE_ECDSA_WITH_SHA256 = 0x0201;
60 | public static final int SIGNATURE_ECDSA_WITH_SHA512 = 0x0202;
61 | public static final int SIGNATURE_DSA_WITH_SHA256 = 0x0301;
62 | public static final int SIGNATURE_DSA_WITH_SHA512 = 0x0302;
63 |
64 | /**
65 | * {@code .SF} file header section attribute indicating that the APK is signed not just with
66 | * JAR signature scheme but also with APK Signature Scheme v2 or newer. This attribute
67 | * facilitates v2 signature stripping detection.
68 | *
69 | *
The attribute contains a comma-separated set of signature scheme IDs.
70 | */
71 | public static final String SF_ATTRIBUTE_ANDROID_APK_SIGNED_NAME = "X-Android-APK-Signed";
72 | public static final String SF_ATTRIBUTE_ANDROID_APK_SIGNED_VALUE = "2";
73 |
74 | private static final int CONTENT_DIGEST_CHUNKED_SHA256 = 0;
75 | private static final int CONTENT_DIGEST_CHUNKED_SHA512 = 1;
76 |
77 | private static final int CONTENT_DIGESTED_CHUNK_MAX_SIZE_BYTES = 1024 * 1024;
78 |
79 | private static final byte[] APK_SIGNING_BLOCK_MAGIC =
80 | new byte[] {
81 | 0x41, 0x50, 0x4b, 0x20, 0x53, 0x69, 0x67, 0x20,
82 | 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x20, 0x34, 0x32,
83 | };
84 | private static final int APK_SIGNATURE_SCHEME_V2_BLOCK_ID = 0x7109871a;
85 |
86 | private ApkSignerV2() {}
87 |
88 | /**
89 | * Signer configuration.
90 | */
91 | public static final class SignerConfig {
92 | /** Private key. */
93 | public PrivateKey privateKey;
94 |
95 | /**
96 | * Certificates, with the first certificate containing the public key corresponding to
97 | * {@link #privateKey}.
98 | */
99 | public List certificates;
100 |
101 | /**
102 | * List of signature algorithms with which to sign (see {@code SIGNATURE_...} constants).
103 | */
104 | public List signatureAlgorithms;
105 | }
106 |
107 | /**
108 | * Signs the provided APK using APK Signature Scheme v2 and returns the signed APK as a list of
109 | * consecutive chunks.
110 | *
111 | *
NOTE: To enable APK signature verifier to detect v2 signature stripping, header sections
112 | * of META-INF/*.SF files of APK being signed must contain the
113 | * {@code X-Android-APK-Signed: true} attribute.
114 | *
115 | * @param inputApk contents of the APK to be signed. The APK starts at the current position
116 | * of the buffer and ends at the limit of the buffer.
117 | * @param signerConfigs signer configurations, one for each signer.
118 | *
119 | * @throws ApkParseException if the APK cannot be parsed.
120 | * @throws InvalidKeyException if a signing key is not suitable for this signature scheme or
121 | * cannot be used in general.
122 | * @throws SignatureException if an error occurs when computing digests of generating
123 | * signatures.
124 | */
125 | public static ByteBuffer[] sign(
126 | ByteBuffer inputApk,
127 | List signerConfigs)
128 | throws ApkParseException, InvalidKeyException, SignatureException {
129 | // Slice/create a view in the inputApk to make sure that:
130 | // 1. inputApk is what's between position and limit of the original inputApk, and
131 | // 2. changes to position, limit, and byte order are not reflected in the original.
132 | ByteBuffer originalInputApk = inputApk;
133 | inputApk = originalInputApk.slice();
134 | inputApk.order(ByteOrder.LITTLE_ENDIAN);
135 |
136 | // Locate ZIP End of Central Directory (EoCD), Central Directory, and check that Central
137 | // Directory is immediately followed by the ZIP End of Central Directory.
138 | int eocdOffset = ZipUtils.findZipEndOfCentralDirectoryRecord(inputApk);
139 | if (eocdOffset == -1) {
140 | throw new ApkParseException("Failed to locate ZIP End of Central Directory");
141 | }
142 | if (ZipUtils.isZip64EndOfCentralDirectoryLocatorPresent(inputApk, eocdOffset)) {
143 | throw new ApkParseException("ZIP64 format not supported");
144 | }
145 | inputApk.position(eocdOffset);
146 | long centralDirSizeLong = ZipUtils.getZipEocdCentralDirectorySizeBytes(inputApk);
147 | if (centralDirSizeLong > Integer.MAX_VALUE) {
148 | throw new ApkParseException(
149 | "ZIP Central Directory size out of range: " + centralDirSizeLong);
150 | }
151 | int centralDirSize = (int) centralDirSizeLong;
152 | long centralDirOffsetLong = ZipUtils.getZipEocdCentralDirectoryOffset(inputApk);
153 | if (centralDirOffsetLong > Integer.MAX_VALUE) {
154 | throw new ApkParseException(
155 | "ZIP Central Directory offset in file out of range: " + centralDirOffsetLong);
156 | }
157 | int centralDirOffset = (int) centralDirOffsetLong;
158 | int expectedEocdOffset = centralDirOffset + centralDirSize;
159 | if (expectedEocdOffset < centralDirOffset) {
160 | throw new ApkParseException(
161 | "ZIP Central Directory extent too large. Offset: " + centralDirOffset
162 | + ", size: " + centralDirSize);
163 | }
164 | if (eocdOffset != expectedEocdOffset) {
165 | throw new ApkParseException(
166 | "ZIP Central Directory not immeiately followed by ZIP End of"
167 | + " Central Directory. CD end: " + expectedEocdOffset
168 | + ", EoCD start: " + eocdOffset);
169 | }
170 |
171 | // Create ByteBuffers holding the contents of everything before ZIP Central Directory,
172 | // ZIP Central Directory, and ZIP End of Central Directory.
173 | inputApk.clear();
174 | ByteBuffer beforeCentralDir = getByteBuffer(inputApk, centralDirOffset);
175 | ByteBuffer centralDir = getByteBuffer(inputApk, eocdOffset - centralDirOffset);
176 | // Create a copy of End of Central Directory because we'll need modify its contents later.
177 | byte[] eocdBytes = new byte[inputApk.remaining()];
178 | inputApk.get(eocdBytes);
179 | ByteBuffer eocd = ByteBuffer.wrap(eocdBytes);
180 | eocd.order(inputApk.order());
181 |
182 | // Figure which which digests to use for APK contents.
183 | Set contentDigestAlgorithms = new HashSet<>();
184 | for (SignerConfig signerConfig : signerConfigs) {
185 | for (int signatureAlgorithm : signerConfig.signatureAlgorithms) {
186 | contentDigestAlgorithms.add(
187 | getSignatureAlgorithmContentDigestAlgorithm(signatureAlgorithm));
188 | }
189 | }
190 |
191 | // Compute digests of APK contents.
192 | Map contentDigests; // digest algorithm ID -> digest
193 | try {
194 | contentDigests =
195 | computeContentDigests(
196 | contentDigestAlgorithms,
197 | new ByteBuffer[] {beforeCentralDir, centralDir, eocd});
198 | } catch (DigestException e) {
199 | throw new SignatureException("Failed to compute digests of APK", e);
200 | }
201 |
202 | // Sign the digests and wrap the signatures and signer info into an APK Signing Block.
203 | ByteBuffer apkSigningBlock =
204 | ByteBuffer.wrap(generateApkSigningBlock(signerConfigs, contentDigests));
205 |
206 | // Update Central Directory Offset in End of Central Directory Record. Central Directory
207 | // follows the APK Signing Block and thus is shifted by the size of the APK Signing Block.
208 | centralDirOffset += apkSigningBlock.remaining();
209 | eocd.clear();
210 | ZipUtils.setZipEocdCentralDirectoryOffset(eocd, centralDirOffset);
211 |
212 | // Follow the Java NIO pattern for ByteBuffer whose contents have been consumed.
213 | originalInputApk.position(originalInputApk.limit());
214 |
215 | // Reset positions (to 0) and limits (to capacity) in the ByteBuffers below to follow the
216 | // Java NIO pattern for ByteBuffers which are ready for their contents to be read by caller.
217 | // Contrary to the name, this does not clear the contents of these ByteBuffer.
218 | beforeCentralDir.clear();
219 | centralDir.clear();
220 | eocd.clear();
221 |
222 | // Insert APK Signing Block immediately before the ZIP Central Directory.
223 | return new ByteBuffer[] {
224 | beforeCentralDir,
225 | apkSigningBlock,
226 | centralDir,
227 | eocd,
228 | };
229 | }
230 |
231 | private static Map computeContentDigests(
232 | Set digestAlgorithms,
233 | ByteBuffer[] contents) throws DigestException {
234 | // For each digest algorithm the result is computed as follows:
235 | // 1. Each segment of contents is split into consecutive chunks of 1 MB in size.
236 | // The final chunk will be shorter iff the length of segment is not a multiple of 1 MB.
237 | // No chunks are produced for empty (zero length) segments.
238 | // 2. The digest of each chunk is computed over the concatenation of byte 0xa5, the chunk's
239 | // length in bytes (uint32 little-endian) and the chunk's contents.
240 | // 3. The output digest is computed over the concatenation of the byte 0x5a, the number of
241 | // chunks (uint32 little-endian) and the concatenation of digests of chunks of all
242 | // segments in-order.
243 |
244 | int chunkCount = 0;
245 | for (ByteBuffer input : contents) {
246 | chunkCount += getChunkCount(input.remaining(), CONTENT_DIGESTED_CHUNK_MAX_SIZE_BYTES);
247 | }
248 |
249 | final Map digestsOfChunks = new HashMap<>(digestAlgorithms.size());
250 | for (int digestAlgorithm : digestAlgorithms) {
251 | int digestOutputSizeBytes = getContentDigestAlgorithmOutputSizeBytes(digestAlgorithm);
252 | byte[] concatenationOfChunkCountAndChunkDigests =
253 | new byte[5 + chunkCount * digestOutputSizeBytes];
254 | concatenationOfChunkCountAndChunkDigests[0] = 0x5a;
255 | setUnsignedInt32LittleEngian(
256 | chunkCount, concatenationOfChunkCountAndChunkDigests, 1);
257 | digestsOfChunks.put(digestAlgorithm, concatenationOfChunkCountAndChunkDigests);
258 | }
259 |
260 | int chunkIndex = 0;
261 | byte[] chunkContentPrefix = new byte[5];
262 | chunkContentPrefix[0] = (byte) 0xa5;
263 | // Optimization opportunity: digests of chunks can be computed in parallel.
264 | for (ByteBuffer input : contents) {
265 | while (input.hasRemaining()) {
266 | int chunkSize =
267 | Math.min(input.remaining(), CONTENT_DIGESTED_CHUNK_MAX_SIZE_BYTES);
268 | final ByteBuffer chunk = getByteBuffer(input, chunkSize);
269 | for (int digestAlgorithm : digestAlgorithms) {
270 | String jcaAlgorithmName =
271 | getContentDigestAlgorithmJcaDigestAlgorithm(digestAlgorithm);
272 | MessageDigest md;
273 | try {
274 | md = MessageDigest.getInstance(jcaAlgorithmName);
275 | } catch (NoSuchAlgorithmException e) {
276 | throw new DigestException(
277 | jcaAlgorithmName + " MessageDigest not supported", e);
278 | }
279 | // Reset position to 0 and limit to capacity. Position would've been modified
280 | // by the preceding iteration of this loop. NOTE: Contrary to the method name,
281 | // this does not modify the contents of the chunk.
282 | chunk.clear();
283 | setUnsignedInt32LittleEngian(chunk.remaining(), chunkContentPrefix, 1);
284 | md.update(chunkContentPrefix);
285 | md.update(chunk);
286 | byte[] concatenationOfChunkCountAndChunkDigests =
287 | digestsOfChunks.get(digestAlgorithm);
288 | int expectedDigestSizeBytes =
289 | getContentDigestAlgorithmOutputSizeBytes(digestAlgorithm);
290 | int actualDigestSizeBytes =
291 | md.digest(
292 | concatenationOfChunkCountAndChunkDigests,
293 | 5 + chunkIndex * expectedDigestSizeBytes,
294 | expectedDigestSizeBytes);
295 | if (actualDigestSizeBytes != expectedDigestSizeBytes) {
296 | throw new DigestException(
297 | "Unexpected output size of " + md.getAlgorithm()
298 | + " digest: " + actualDigestSizeBytes);
299 | }
300 | }
301 | chunkIndex++;
302 | }
303 | }
304 |
305 | Map result = new HashMap<>(digestAlgorithms.size());
306 | for (Map.Entry entry : digestsOfChunks.entrySet()) {
307 | int digestAlgorithm = entry.getKey();
308 | byte[] concatenationOfChunkCountAndChunkDigests = entry.getValue();
309 | String jcaAlgorithmName = getContentDigestAlgorithmJcaDigestAlgorithm(digestAlgorithm);
310 | MessageDigest md;
311 | try {
312 | md = MessageDigest.getInstance(jcaAlgorithmName);
313 | } catch (NoSuchAlgorithmException e) {
314 | throw new DigestException(jcaAlgorithmName + " MessageDigest not supported", e);
315 | }
316 | result.put(digestAlgorithm, md.digest(concatenationOfChunkCountAndChunkDigests));
317 | }
318 | return result;
319 | }
320 |
321 | private static int getChunkCount(int inputSize, int chunkSize) {
322 | return (inputSize + chunkSize - 1) / chunkSize;
323 | }
324 |
325 | private static void setUnsignedInt32LittleEngian(int value, byte[] result, int offset) {
326 | result[offset] = (byte) (value & 0xff);
327 | result[offset + 1] = (byte) ((value >> 8) & 0xff);
328 | result[offset + 2] = (byte) ((value >> 16) & 0xff);
329 | result[offset + 3] = (byte) ((value >> 24) & 0xff);
330 | }
331 |
332 | private static byte[] generateApkSigningBlock(
333 | List signerConfigs,
334 | Map contentDigests) throws InvalidKeyException, SignatureException {
335 | byte[] apkSignatureSchemeV2Block =
336 | generateApkSignatureSchemeV2Block(signerConfigs, contentDigests);
337 | return generateApkSigningBlock(apkSignatureSchemeV2Block);
338 | }
339 |
340 | private static byte[] generateApkSigningBlock(byte[] apkSignatureSchemeV2Block) {
341 | // FORMAT:
342 | // uint64: size (excluding this field)
343 | // repeated ID-value pairs:
344 | // uint64: size (excluding this field)
345 | // uint32: ID
346 | // (size - 4) bytes: value
347 | // uint64: size (same as the one above)
348 | // uint128: magic
349 |
350 | int resultSize =
351 | 8 // size
352 | + 8 + 4 + apkSignatureSchemeV2Block.length // v2Block as ID-value pair
353 | + 8 // size
354 | + 16 // magic
355 | ;
356 | ByteBuffer result = ByteBuffer.allocate(resultSize);
357 | result.order(ByteOrder.LITTLE_ENDIAN);
358 | long blockSizeFieldValue = resultSize - 8;
359 | result.putLong(blockSizeFieldValue);
360 |
361 | long pairSizeFieldValue = 4 + apkSignatureSchemeV2Block.length;
362 | result.putLong(pairSizeFieldValue);
363 | result.putInt(APK_SIGNATURE_SCHEME_V2_BLOCK_ID);
364 | result.put(apkSignatureSchemeV2Block);
365 |
366 | result.putLong(blockSizeFieldValue);
367 | result.put(APK_SIGNING_BLOCK_MAGIC);
368 |
369 | return result.array();
370 | }
371 |
372 | private static byte[] generateApkSignatureSchemeV2Block(
373 | List signerConfigs,
374 | Map contentDigests) throws InvalidKeyException, SignatureException {
375 | // FORMAT:
376 | // * length-prefixed sequence of length-prefixed signer blocks.
377 |
378 | List signerBlocks = new ArrayList<>(signerConfigs.size());
379 | int signerNumber = 0;
380 | for (SignerConfig signerConfig : signerConfigs) {
381 | signerNumber++;
382 | byte[] signerBlock;
383 | try {
384 | signerBlock = generateSignerBlock(signerConfig, contentDigests);
385 | } catch (InvalidKeyException e) {
386 | throw new InvalidKeyException("Signer #" + signerNumber + " failed", e);
387 | } catch (SignatureException e) {
388 | throw new SignatureException("Signer #" + signerNumber + " failed", e);
389 | }
390 | signerBlocks.add(signerBlock);
391 | }
392 |
393 | return encodeAsSequenceOfLengthPrefixedElements(
394 | new byte[][] {
395 | encodeAsSequenceOfLengthPrefixedElements(signerBlocks),
396 | });
397 | }
398 |
399 | private static byte[] generateSignerBlock(
400 | SignerConfig signerConfig,
401 | Map contentDigests) throws InvalidKeyException, SignatureException {
402 | if (signerConfig.certificates.isEmpty()) {
403 | throw new SignatureException("No certificates configured for signer");
404 | }
405 | PublicKey publicKey = signerConfig.certificates.get(0).getPublicKey();
406 |
407 | byte[] encodedPublicKey = encodePublicKey(publicKey);
408 |
409 | V2SignatureSchemeBlock.SignedData signedData = new V2SignatureSchemeBlock.SignedData();
410 | try {
411 | signedData.certificates = encodeCertificates(signerConfig.certificates);
412 | } catch (CertificateEncodingException e) {
413 | throw new SignatureException("Failed to encode certificates", e);
414 | }
415 |
416 | List> digests =
417 | new ArrayList<>(signerConfig.signatureAlgorithms.size());
418 | for (int signatureAlgorithm : signerConfig.signatureAlgorithms) {
419 | int contentDigestAlgorithm =
420 | getSignatureAlgorithmContentDigestAlgorithm(signatureAlgorithm);
421 | byte[] contentDigest = contentDigests.get(contentDigestAlgorithm);
422 | if (contentDigest == null) {
423 | throw new RuntimeException(
424 | getContentDigestAlgorithmJcaDigestAlgorithm(contentDigestAlgorithm)
425 | + " content digest for "
426 | + getSignatureAlgorithmJcaSignatureAlgorithm(signatureAlgorithm)
427 | + " not computed");
428 | }
429 | digests.add(Pair.create(signatureAlgorithm, contentDigest));
430 | }
431 | signedData.digests = digests;
432 |
433 | V2SignatureSchemeBlock.Signer signer = new V2SignatureSchemeBlock.Signer();
434 | // FORMAT:
435 | // * length-prefixed sequence of length-prefixed digests:
436 | // * uint32: signature algorithm ID
437 | // * length-prefixed bytes: digest of contents
438 | // * length-prefixed sequence of certificates:
439 | // * length-prefixed bytes: X.509 certificate (ASN.1 DER encoded).
440 | // * length-prefixed sequence of length-prefixed additional attributes:
441 | // * uint32: ID
442 | // * (length - 4) bytes: value
443 | signer.signedData = encodeAsSequenceOfLengthPrefixedElements(new byte[][] {
444 | encodeAsSequenceOfLengthPrefixedPairsOfIntAndLengthPrefixedBytes(signedData.digests),
445 | encodeAsSequenceOfLengthPrefixedElements(signedData.certificates),
446 | // additional attributes
447 | new byte[0],
448 | });
449 | signer.publicKey = encodedPublicKey;
450 | signer.signatures = new ArrayList<>();
451 | for (int signatureAlgorithm : signerConfig.signatureAlgorithms) {
452 | Pair signatureParams =
453 | getSignatureAlgorithmJcaSignatureAlgorithm(signatureAlgorithm);
454 | String jcaSignatureAlgorithm = signatureParams.getFirst();
455 | AlgorithmParameterSpec jcaSignatureAlgorithmParams = signatureParams.getSecond();
456 | byte[] signatureBytes;
457 | try {
458 | Signature signature = Signature.getInstance(jcaSignatureAlgorithm);
459 | signature.initSign(signerConfig.privateKey);
460 | if (jcaSignatureAlgorithmParams != null) {
461 | signature.setParameter(jcaSignatureAlgorithmParams);
462 | }
463 | signature.update(signer.signedData);
464 | signatureBytes = signature.sign();
465 | } catch (InvalidKeyException e) {
466 | throw new InvalidKeyException("Failed sign using " + jcaSignatureAlgorithm, e);
467 | } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
468 | | SignatureException e) {
469 | throw new SignatureException("Failed sign using " + jcaSignatureAlgorithm, e);
470 | }
471 |
472 | try {
473 | Signature signature = Signature.getInstance(jcaSignatureAlgorithm);
474 | signature.initVerify(publicKey);
475 | if (jcaSignatureAlgorithmParams != null) {
476 | signature.setParameter(jcaSignatureAlgorithmParams);
477 | }
478 | signature.update(signer.signedData);
479 | if (!signature.verify(signatureBytes)) {
480 | throw new SignatureException("Signature did not verify");
481 | }
482 | } catch (InvalidKeyException e) {
483 | throw new InvalidKeyException("Failed to verify generated " + jcaSignatureAlgorithm
484 | + " signature using public key from certificate", e);
485 | } catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException
486 | | SignatureException e) {
487 | throw new SignatureException("Failed to verify generated " + jcaSignatureAlgorithm
488 | + " signature using public key from certificate", e);
489 | }
490 |
491 | signer.signatures.add(Pair.create(signatureAlgorithm, signatureBytes));
492 | }
493 |
494 | // FORMAT:
495 | // * length-prefixed signed data
496 | // * length-prefixed sequence of length-prefixed signatures:
497 | // * uint32: signature algorithm ID
498 | // * length-prefixed bytes: signature of signed data
499 | // * length-prefixed bytes: public key (X.509 SubjectPublicKeyInfo, ASN.1 DER encoded)
500 | return encodeAsSequenceOfLengthPrefixedElements(
501 | new byte[][] {
502 | signer.signedData,
503 | encodeAsSequenceOfLengthPrefixedPairsOfIntAndLengthPrefixedBytes(
504 | signer.signatures),
505 | signer.publicKey,
506 | });
507 | }
508 |
509 | private static final class V2SignatureSchemeBlock {
510 | private static final class Signer {
511 | public byte[] signedData;
512 | public List> signatures;
513 | public byte[] publicKey;
514 | }
515 |
516 | private static final class SignedData {
517 | public List> digests;
518 | public List certificates;
519 | }
520 | }
521 |
522 | private static byte[] encodePublicKey(PublicKey publicKey) throws InvalidKeyException {
523 | byte[] encodedPublicKey = null;
524 | if ("X.509".equals(publicKey.getFormat())) {
525 | encodedPublicKey = publicKey.getEncoded();
526 | }
527 | if (encodedPublicKey == null) {
528 | try {
529 | encodedPublicKey =
530 | KeyFactory.getInstance(publicKey.getAlgorithm())
531 | .getKeySpec(publicKey, X509EncodedKeySpec.class)
532 | .getEncoded();
533 | } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
534 | throw new InvalidKeyException(
535 | "Failed to obtain X.509 encoded form of public key " + publicKey
536 | + " of class " + publicKey.getClass().getName(),
537 | e);
538 | }
539 | }
540 | if ((encodedPublicKey == null) || (encodedPublicKey.length == 0)) {
541 | throw new InvalidKeyException(
542 | "Failed to obtain X.509 encoded form of public key " + publicKey
543 | + " of class " + publicKey.getClass().getName());
544 | }
545 | return encodedPublicKey;
546 | }
547 |
548 | public static List encodeCertificates(List certificates)
549 | throws CertificateEncodingException {
550 | List result = new ArrayList<>();
551 | for (X509Certificate certificate : certificates) {
552 | result.add(certificate.getEncoded());
553 | }
554 | return result;
555 | }
556 |
557 | private static byte[] encodeAsSequenceOfLengthPrefixedElements(List sequence) {
558 | return encodeAsSequenceOfLengthPrefixedElements(
559 | sequence.toArray(new byte[sequence.size()][]));
560 | }
561 |
562 | private static byte[] encodeAsSequenceOfLengthPrefixedElements(byte[][] sequence) {
563 | int payloadSize = 0;
564 | for (byte[] element : sequence) {
565 | payloadSize += 4 + element.length;
566 | }
567 | ByteBuffer result = ByteBuffer.allocate(payloadSize);
568 | result.order(ByteOrder.LITTLE_ENDIAN);
569 | for (byte[] element : sequence) {
570 | result.putInt(element.length);
571 | result.put(element);
572 | }
573 | return result.array();
574 | }
575 |
576 | private static byte[] encodeAsSequenceOfLengthPrefixedPairsOfIntAndLengthPrefixedBytes(
577 | List> sequence) {
578 | int resultSize = 0;
579 | for (Pair element : sequence) {
580 | resultSize += 12 + element.getSecond().length;
581 | }
582 | ByteBuffer result = ByteBuffer.allocate(resultSize);
583 | result.order(ByteOrder.LITTLE_ENDIAN);
584 | for (Pair element : sequence) {
585 | byte[] second = element.getSecond();
586 | result.putInt(8 + second.length);
587 | result.putInt(element.getFirst());
588 | result.putInt(second.length);
589 | result.put(second);
590 | }
591 | return result.array();
592 | }
593 |
594 | /**
595 | * Relative get method for reading {@code size} number of bytes from the current
596 | * position of this buffer.
597 | *
598 | *
This method reads the next {@code size} bytes at this buffer's current position,
599 | * returning them as a {@code ByteBuffer} with start set to 0, limit and capacity set to
600 | * {@code size}, byte order set to this buffer's byte order; and then increments the position by
601 | * {@code size}.
602 | */
603 | private static ByteBuffer getByteBuffer(ByteBuffer source, int size) {
604 | if (size < 0) {
605 | throw new IllegalArgumentException("size: " + size);
606 | }
607 | int originalLimit = source.limit();
608 | int position = source.position();
609 | int limit = position + size;
610 | if ((limit < position) || (limit > originalLimit)) {
611 | throw new BufferUnderflowException();
612 | }
613 | source.limit(limit);
614 | try {
615 | ByteBuffer result = source.slice();
616 | result.order(source.order());
617 | source.position(limit);
618 | return result;
619 | } finally {
620 | source.limit(originalLimit);
621 | }
622 | }
623 |
624 | private static Pair
625 | getSignatureAlgorithmJcaSignatureAlgorithm(int sigAlgorithm) {
626 | switch (sigAlgorithm) {
627 | case SIGNATURE_RSA_PSS_WITH_SHA256:
628 | return Pair.create(
629 | "SHA256withRSA/PSS",
630 | new PSSParameterSpec(
631 | "SHA-256", "MGF1", MGF1ParameterSpec.SHA256, 256 / 8, 1));
632 | case SIGNATURE_RSA_PSS_WITH_SHA512:
633 | return Pair.create(
634 | "SHA512withRSA/PSS",
635 | new PSSParameterSpec(
636 | "SHA-512", "MGF1", MGF1ParameterSpec.SHA512, 512 / 8, 1));
637 | case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA256:
638 | return Pair.create("SHA256withRSA", null);
639 | case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512:
640 | return Pair.create("SHA512withRSA", null);
641 | case SIGNATURE_ECDSA_WITH_SHA256:
642 | return Pair.create("SHA256withECDSA", null);
643 | case SIGNATURE_ECDSA_WITH_SHA512:
644 | return Pair.create("SHA512withECDSA", null);
645 | case SIGNATURE_DSA_WITH_SHA256:
646 | return Pair.create("SHA256withDSA", null);
647 | case SIGNATURE_DSA_WITH_SHA512:
648 | return Pair.create("SHA512withDSA", null);
649 | default:
650 | throw new IllegalArgumentException(
651 | "Unknown signature algorithm: 0x"
652 | + Long.toHexString(sigAlgorithm & 0xffffffff));
653 | }
654 | }
655 |
656 | private static int getSignatureAlgorithmContentDigestAlgorithm(int sigAlgorithm) {
657 | switch (sigAlgorithm) {
658 | case SIGNATURE_RSA_PSS_WITH_SHA256:
659 | case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA256:
660 | case SIGNATURE_ECDSA_WITH_SHA256:
661 | case SIGNATURE_DSA_WITH_SHA256:
662 | return CONTENT_DIGEST_CHUNKED_SHA256;
663 | case SIGNATURE_RSA_PSS_WITH_SHA512:
664 | case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512:
665 | case SIGNATURE_ECDSA_WITH_SHA512:
666 | case SIGNATURE_DSA_WITH_SHA512:
667 | return CONTENT_DIGEST_CHUNKED_SHA512;
668 | default:
669 | throw new IllegalArgumentException(
670 | "Unknown signature algorithm: 0x"
671 | + Long.toHexString(sigAlgorithm & 0xffffffff));
672 | }
673 | }
674 |
675 | private static String getContentDigestAlgorithmJcaDigestAlgorithm(int digestAlgorithm) {
676 | switch (digestAlgorithm) {
677 | case CONTENT_DIGEST_CHUNKED_SHA256:
678 | return "SHA-256";
679 | case CONTENT_DIGEST_CHUNKED_SHA512:
680 | return "SHA-512";
681 | default:
682 | throw new IllegalArgumentException(
683 | "Unknown content digest algorthm: " + digestAlgorithm);
684 | }
685 | }
686 |
687 | private static int getContentDigestAlgorithmOutputSizeBytes(int digestAlgorithm) {
688 | switch (digestAlgorithm) {
689 | case CONTENT_DIGEST_CHUNKED_SHA256:
690 | return 256 / 8;
691 | case CONTENT_DIGEST_CHUNKED_SHA512:
692 | return 512 / 8;
693 | default:
694 | throw new IllegalArgumentException(
695 | "Unknown content digest algorthm: " + digestAlgorithm);
696 | }
697 | }
698 |
699 | /**
700 | * Indicates that APK file could not be parsed.
701 | */
702 | public static class ApkParseException extends Exception {
703 | private static final long serialVersionUID = 1L;
704 |
705 | public ApkParseException(String message) {
706 | super(message);
707 | }
708 |
709 | public ApkParseException(String message, Throwable cause) {
710 | super(message, cause);
711 | }
712 | }
713 |
714 | /**
715 | * Pair of two elements.
716 | */
717 | private static class Pair {
718 | private final A mFirst;
719 | private final B mSecond;
720 |
721 | private Pair(A first, B second) {
722 | mFirst = first;
723 | mSecond = second;
724 | }
725 |
726 | public static Pair create(A first, B second) {
727 | return new Pair<>(first, second);
728 | }
729 |
730 | public A getFirst() {
731 | return mFirst;
732 | }
733 |
734 | public B getSecond() {
735 | return mSecond;
736 | }
737 |
738 | @Override
739 | public int hashCode() {
740 | final int prime = 31;
741 | int result = 1;
742 | result = prime * result + ((mFirst == null) ? 0 : mFirst.hashCode());
743 | result = prime * result + ((mSecond == null) ? 0 : mSecond.hashCode());
744 | return result;
745 | }
746 |
747 | @Override
748 | public boolean equals(Object obj) {
749 | if (this == obj) {
750 | return true;
751 | }
752 | if (obj == null) {
753 | return false;
754 | }
755 | if (getClass() != obj.getClass()) {
756 | return false;
757 | }
758 | @SuppressWarnings("rawtypes")
759 | Pair other = (Pair) obj;
760 | if (mFirst == null) {
761 | if (other.mFirst != null) {
762 | return false;
763 | }
764 | } else if (!mFirst.equals(other.mFirst)) {
765 | return false;
766 | }
767 | if (mSecond == null) {
768 | return other.mSecond == null;
769 | } else return mSecond.equals(other.mSecond);
770 | }
771 | }
772 | }
773 |
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/signing/ByteArrayStream.java:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.signing;
2 |
3 | import java.io.ByteArrayInputStream;
4 | import java.io.ByteArrayOutputStream;
5 | import java.io.IOException;
6 | import java.io.InputStream;
7 |
8 | public class ByteArrayStream extends ByteArrayOutputStream {
9 |
10 | public synchronized void readFrom(InputStream is) {
11 | readFrom(is, Integer.MAX_VALUE);
12 | }
13 |
14 | public synchronized void readFrom(InputStream is, int len) {
15 | int read;
16 | byte buffer[] = new byte[4096];
17 | try {
18 | while ((read = is.read(buffer, 0, Math.min(len, buffer.length))) > 0) {
19 | write(buffer, 0, read);
20 | len -= read;
21 | }
22 | } catch (IOException e) {
23 | e.printStackTrace();
24 | }
25 | }
26 |
27 | public ByteArrayInputStream getInputStream() {
28 | return new ByteArrayInputStream(buf, 0, count);
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/signing/CryptoUtils.java:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.signing;
2 |
3 | import org.bouncycastle.asn1.ASN1InputStream;
4 | import org.bouncycastle.asn1.ASN1ObjectIdentifier;
5 | import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
6 | import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
7 | import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
8 | import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
9 |
10 | import java.io.ByteArrayInputStream;
11 | import java.io.IOException;
12 | import java.io.InputStream;
13 | import java.security.GeneralSecurityException;
14 | import java.security.Key;
15 | import java.security.KeyFactory;
16 | import java.security.PrivateKey;
17 | import java.security.PublicKey;
18 | import java.security.cert.CertificateFactory;
19 | import java.security.cert.X509Certificate;
20 | import java.security.spec.ECPrivateKeySpec;
21 | import java.security.spec.ECPublicKeySpec;
22 | import java.security.spec.InvalidKeySpecException;
23 | import java.security.spec.PKCS8EncodedKeySpec;
24 | import java.util.HashMap;
25 | import java.util.Map;
26 |
27 | public class CryptoUtils {
28 |
29 | static final Map ID_TO_ALG;
30 | static final Map ALG_TO_ID;
31 |
32 | static {
33 | ID_TO_ALG = new HashMap<>();
34 | ALG_TO_ID = new HashMap<>();
35 | ID_TO_ALG.put(X9ObjectIdentifiers.ecdsa_with_SHA256.getId(), "SHA256withECDSA");
36 | ID_TO_ALG.put(X9ObjectIdentifiers.ecdsa_with_SHA384.getId(), "SHA384withECDSA");
37 | ID_TO_ALG.put(X9ObjectIdentifiers.ecdsa_with_SHA512.getId(), "SHA512withECDSA");
38 | ID_TO_ALG.put(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), "SHA1withRSA");
39 | ID_TO_ALG.put(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId(), "SHA256withRSA");
40 | ID_TO_ALG.put(PKCSObjectIdentifiers.sha512WithRSAEncryption.getId(), "SHA512withRSA");
41 | ALG_TO_ID.put("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256.getId());
42 | ALG_TO_ID.put("SHA384withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384.getId());
43 | ALG_TO_ID.put("SHA512withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512.getId());
44 | ALG_TO_ID.put("SHA1withRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption.getId());
45 | ALG_TO_ID.put("SHA256withRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption.getId());
46 | ALG_TO_ID.put("SHA512withRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption.getId());
47 | }
48 |
49 | static String getSignatureAlgorithm(Key key) throws Exception {
50 | if ("EC".equals(key.getAlgorithm())) {
51 | int curveSize;
52 | KeyFactory factory = KeyFactory.getInstance("EC");
53 | if (key instanceof PublicKey) {
54 | ECPublicKeySpec spec = factory.getKeySpec(key, ECPublicKeySpec.class);
55 | curveSize = spec.getParams().getCurve().getField().getFieldSize();
56 | } else if (key instanceof PrivateKey) {
57 | ECPrivateKeySpec spec = factory.getKeySpec(key, ECPrivateKeySpec.class);
58 | curveSize = spec.getParams().getCurve().getField().getFieldSize();
59 | } else {
60 | throw new InvalidKeySpecException();
61 | }
62 | if (curveSize <= 256) {
63 | return "SHA256withECDSA";
64 | } else if (curveSize <= 384) {
65 | return "SHA384withECDSA";
66 | } else {
67 | return "SHA512withECDSA";
68 | }
69 | } else if ("RSA".equals(key.getAlgorithm())) {
70 | return "SHA256withRSA";
71 | } else {
72 | throw new IllegalArgumentException("Unsupported key type " + key.getAlgorithm());
73 | }
74 | }
75 |
76 | static AlgorithmIdentifier getSignatureAlgorithmIdentifier(Key key) throws Exception {
77 | String id = ALG_TO_ID.get(getSignatureAlgorithm(key));
78 | if (id == null) {
79 | throw new IllegalArgumentException("Unsupported key type " + key.getAlgorithm());
80 | }
81 | return new AlgorithmIdentifier(new ASN1ObjectIdentifier(id));
82 | }
83 |
84 | public static X509Certificate readCertificate(InputStream input)
85 | throws IOException, GeneralSecurityException {
86 | try {
87 | CertificateFactory cf = CertificateFactory.getInstance("X.509");
88 | return (X509Certificate) cf.generateCertificate(input);
89 | } finally {
90 | input.close();
91 | }
92 | }
93 |
94 | /** Read a PKCS#8 format private key. */
95 | public static PrivateKey readPrivateKey(InputStream input)
96 | throws IOException, GeneralSecurityException {
97 | try {
98 | ByteArrayStream buf = new ByteArrayStream();
99 | buf.readFrom(input);
100 | byte[] bytes = buf.toByteArray();
101 | /* Check to see if this is in an EncryptedPrivateKeyInfo structure. */
102 | PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(bytes);
103 | /*
104 | * Now it's in a PKCS#8 PrivateKeyInfo structure. Read its Algorithm
105 | * OID and use that to construct a KeyFactory.
106 | */
107 | ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(spec.getEncoded()));
108 | PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
109 | String algOid = pki.getPrivateKeyAlgorithm().getAlgorithm().getId();
110 | return KeyFactory.getInstance(algOid).generatePrivate(spec);
111 | } finally {
112 | input.close();
113 | }
114 | }
115 | }
116 |
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/signing/JarMap.java:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.signing;
2 |
3 | import java.io.Closeable;
4 | import java.io.File;
5 | import java.io.IOException;
6 | import java.io.InputStream;
7 | import java.io.OutputStream;
8 | import java.util.Collections;
9 | import java.util.Enumeration;
10 | import java.util.LinkedHashMap;
11 | import java.util.jar.JarEntry;
12 | import java.util.jar.JarFile;
13 | import java.util.jar.JarInputStream;
14 | import java.util.jar.Manifest;
15 | import java.util.zip.ZipEntry;
16 | import java.util.zip.ZipFile;
17 |
18 | public abstract class JarMap implements Closeable {
19 |
20 | LinkedHashMap entryMap;
21 |
22 | public static JarMap open(File file, boolean verify) throws IOException {
23 | return new FileMap(file, verify, ZipFile.OPEN_READ);
24 | }
25 |
26 | public static JarMap open(InputStream is, boolean verify) throws IOException {
27 | return new StreamMap(is, verify);
28 | }
29 |
30 | public File getFile() {
31 | return null;
32 | }
33 |
34 | public abstract Manifest getManifest() throws IOException;
35 |
36 | public InputStream getInputStream(ZipEntry ze) throws IOException {
37 | JarMapEntry e = getMapEntry(ze.getName());
38 | return e != null ? e.data.getInputStream() : null;
39 | }
40 |
41 | public OutputStream getOutputStream(ZipEntry ze) {
42 | if (entryMap == null)
43 | entryMap = new LinkedHashMap<>();
44 | JarMapEntry e = new JarMapEntry(ze.getName());
45 | entryMap.put(ze.getName(), e);
46 | return e.data;
47 | }
48 |
49 | public byte[] getRawData(ZipEntry ze) throws IOException {
50 | JarMapEntry e = getMapEntry(ze.getName());
51 | return e != null ? e.data.toByteArray() : null;
52 | }
53 |
54 | public abstract Enumeration entries();
55 |
56 | public final ZipEntry getEntry(String name) {
57 | return getJarEntry(name);
58 | }
59 |
60 | public JarEntry getJarEntry(String name) {
61 | return getMapEntry(name);
62 | }
63 |
64 | JarMapEntry getMapEntry(String name) {
65 | JarMapEntry e = null;
66 | if (entryMap != null)
67 | e = (JarMapEntry) entryMap.get(name);
68 | return e;
69 | }
70 |
71 | private static class FileMap extends JarMap {
72 |
73 | private JarFile jarFile;
74 |
75 | FileMap(File file, boolean verify, int mode) throws IOException {
76 | jarFile = new JarFile(file, verify, mode);
77 | }
78 |
79 | @Override
80 | public File getFile() {
81 | return new File(jarFile.getName());
82 | }
83 |
84 | @Override
85 | public Manifest getManifest() throws IOException {
86 | return jarFile.getManifest();
87 | }
88 |
89 | @Override
90 | public InputStream getInputStream(ZipEntry ze) throws IOException {
91 | InputStream is = super.getInputStream(ze);
92 | return is != null ? is : jarFile.getInputStream(ze);
93 | }
94 |
95 | @Override
96 | public byte[] getRawData(ZipEntry ze) throws IOException {
97 | byte[] b = super.getRawData(ze);
98 | if (b != null)
99 | return b;
100 | ByteArrayStream bytes = new ByteArrayStream();
101 | bytes.readFrom(jarFile.getInputStream(ze));
102 | return bytes.toByteArray();
103 | }
104 |
105 | @Override
106 | public Enumeration entries() {
107 | return jarFile.entries();
108 | }
109 |
110 | @Override
111 | public JarEntry getJarEntry(String name) {
112 | JarEntry e = getMapEntry(name);
113 | return e != null ? e : jarFile.getJarEntry(name);
114 | }
115 |
116 | @Override
117 | public void close() throws IOException {
118 | jarFile.close();
119 | }
120 | }
121 |
122 | private static class StreamMap extends JarMap {
123 |
124 | private JarInputStream jis;
125 |
126 | StreamMap(InputStream is, boolean verify) throws IOException {
127 | jis = new JarInputStream(is, verify);
128 | entryMap = new LinkedHashMap<>();
129 | JarEntry entry;
130 | while ((entry = jis.getNextJarEntry()) != null) {
131 | entryMap.put(entry.getName(), new JarMapEntry(entry, jis));
132 | }
133 | }
134 |
135 | @Override
136 | public Manifest getManifest() {
137 | return jis.getManifest();
138 | }
139 |
140 | @Override
141 | public Enumeration entries() {
142 | return Collections.enumeration(entryMap.values());
143 | }
144 |
145 | @Override
146 | public void close() throws IOException {
147 | jis.close();
148 | }
149 | }
150 |
151 | private static class JarMapEntry extends JarEntry {
152 |
153 | ByteArrayStream data;
154 |
155 | JarMapEntry(JarEntry je, InputStream is) {
156 | super(je);
157 | data = new ByteArrayStream();
158 | data.readFrom(is);
159 | }
160 |
161 | JarMapEntry(String s) {
162 | super(s);
163 | data = new ByteArrayStream();
164 | }
165 | }
166 | }
167 |
--------------------------------------------------------------------------------
/app/src/main/java/com/shocker/hideapk/signing/SignApk.java:
--------------------------------------------------------------------------------
1 | package com.shocker.hideapk.signing;
2 |
3 | import org.bouncycastle.asn1.ASN1Encoding;
4 | import org.bouncycastle.asn1.ASN1InputStream;
5 | import org.bouncycastle.asn1.ASN1OutputStream;
6 | import org.bouncycastle.cert.jcajce.JcaCertStore;
7 | import org.bouncycastle.cms.CMSException;
8 | import org.bouncycastle.cms.CMSProcessableByteArray;
9 | import org.bouncycastle.cms.CMSSignedData;
10 | import org.bouncycastle.cms.CMSSignedDataGenerator;
11 | import org.bouncycastle.cms.CMSTypedData;
12 | import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
13 | import org.bouncycastle.operator.ContentSigner;
14 | import org.bouncycastle.operator.OperatorCreationException;
15 | import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
16 | import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
17 | import org.bouncycastle.util.encoders.Base64;
18 |
19 | import java.io.ByteArrayOutputStream;
20 | import java.io.FilterOutputStream;
21 | import java.io.IOException;
22 | import java.io.InputStream;
23 | import java.io.OutputStream;
24 | import java.io.PrintStream;
25 | import java.nio.ByteBuffer;
26 | import java.security.DigestOutputStream;
27 | import java.security.GeneralSecurityException;
28 | import java.security.InvalidKeyException;
29 | import java.security.MessageDigest;
30 | import java.security.PrivateKey;
31 | import java.security.PublicKey;
32 | import java.security.cert.CertificateEncodingException;
33 | import java.security.cert.X509Certificate;
34 | import java.util.ArrayList;
35 | import java.util.Collections;
36 | import java.util.Enumeration;
37 | import java.util.Iterator;
38 | import java.util.List;
39 | import java.util.Locale;
40 | import java.util.Map;
41 | import java.util.TimeZone;
42 | import java.util.TreeMap;
43 | import java.util.jar.Attributes;
44 | import java.util.jar.JarEntry;
45 | import java.util.jar.JarFile;
46 | import java.util.jar.JarOutputStream;
47 | import java.util.jar.Manifest;
48 | import java.util.regex.Pattern;
49 |
50 | /*
51 | * Modified from from AOSP
52 | * https://android.googlesource.com/platform/build/+/refs/tags/android-7.1.2_r39/tools/signapk/src/com/android/signapk/SignApk.java
53 | * */
54 |
55 | public class SignApk {
56 | private static final String CERT_SF_NAME = "META-INF/CERT.SF";
57 | private static final String CERT_SIG_NAME = "META-INF/CERT.%s";
58 | private static final String CERT_SF_MULTI_NAME = "META-INF/CERT%d.SF";
59 | private static final String CERT_SIG_MULTI_NAME = "META-INF/CERT%d.%s";
60 |
61 | // bitmasks for which hash algorithms we need the manifest to include.
62 | private static final int USE_SHA1 = 1;
63 | private static final int USE_SHA256 = 2;
64 |
65 | /**
66 | * Digest algorithm used when signing the APK using APK Signature Scheme v2.
67 | */
68 | private static final String APK_SIG_SCHEME_V2_DIGEST_ALGORITHM = "SHA-256";
69 | // Files matching this pattern are not copied to the output.
70 | private static final Pattern stripPattern =
71 | Pattern.compile("^(META-INF/((.*)[.](SF|RSA|DSA|EC)|com/android/otacert))|(" +
72 | Pattern.quote(JarFile.MANIFEST_NAME) + ")$");
73 |
74 | /**
75 | * Return one of USE_SHA1 or USE_SHA256 according to the signature
76 | * algorithm specified in the cert.
77 | */
78 | private static int getDigestAlgorithm(X509Certificate cert) {
79 | String sigAlg = cert.getSigAlgName().toUpperCase(Locale.US);
80 | if ("SHA1WITHRSA".equals(sigAlg) || "MD5WITHRSA".equals(sigAlg)) {
81 | return USE_SHA1;
82 | } else if (sigAlg.startsWith("SHA256WITH")) {
83 | return USE_SHA256;
84 | } else {
85 | throw new IllegalArgumentException("unsupported signature algorithm \"" + sigAlg +
86 | "\" in cert [" + cert.getSubjectDN());
87 | }
88 | }
89 |
90 | /**
91 | * Returns the expected signature algorithm for this key type.
92 | */
93 | private static String getSignatureAlgorithm(X509Certificate cert) {
94 | String keyType = cert.getPublicKey().getAlgorithm().toUpperCase(Locale.US);
95 | if ("RSA".equalsIgnoreCase(keyType)) {
96 | if (getDigestAlgorithm(cert) == USE_SHA256) {
97 | return "SHA256withRSA";
98 | } else {
99 | return "SHA1withRSA";
100 | }
101 | } else if ("EC".equalsIgnoreCase(keyType)) {
102 | return "SHA256withECDSA";
103 | } else {
104 | throw new IllegalArgumentException("unsupported key type: " + keyType);
105 | }
106 | }
107 |
108 | /**
109 | * Add the hash(es) of every file to the manifest, creating it if
110 | * necessary.
111 | */
112 | private static Manifest addDigestsToManifest(JarMap jar, int hashes)
113 | throws IOException, GeneralSecurityException {
114 | Manifest input = jar.getManifest();
115 | Manifest output = new Manifest();
116 | Attributes main = output.getMainAttributes();
117 | if (input != null) {
118 | main.putAll(input.getMainAttributes());
119 | } else {
120 | main.putValue("Manifest-Version", "1.0");
121 | main.putValue("Created-By", "1.0 (Android SignApk)");
122 | }
123 |
124 | MessageDigest md_sha1 = null;
125 | MessageDigest md_sha256 = null;
126 | if ((hashes & USE_SHA1) != 0) {
127 | md_sha1 = MessageDigest.getInstance("SHA1");
128 | }
129 | if ((hashes & USE_SHA256) != 0) {
130 | md_sha256 = MessageDigest.getInstance("SHA256");
131 | }
132 |
133 | byte[] buffer = new byte[4096];
134 | int num;
135 |
136 | // We sort the input entries by name, and add them to the
137 | // output manifest in sorted order. We expect that the output
138 | // map will be deterministic.
139 |
140 | TreeMap byName = new TreeMap<>();
141 |
142 | for (Enumeration e = jar.entries(); e.hasMoreElements(); ) {
143 | JarEntry entry = e.nextElement();
144 | byName.put(entry.getName(), entry);
145 | }
146 |
147 | for (JarEntry entry : byName.values()) {
148 | String name = entry.getName();
149 | if (!entry.isDirectory() && !stripPattern.matcher(name).matches()) {
150 | InputStream data = jar.getInputStream(entry);
151 | while ((num = data.read(buffer)) > 0) {
152 | if (md_sha1 != null) md_sha1.update(buffer, 0, num);
153 | if (md_sha256 != null) md_sha256.update(buffer, 0, num);
154 | }
155 |
156 | Attributes attr = null;
157 | if (input != null) attr = input.getAttributes(name);
158 | attr = attr != null ? new Attributes(attr) : new Attributes();
159 | // Remove any previously computed digests from this entry's attributes.
160 | for (Iterator