forked from ReVanced/revanced-manager
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(installer): apk signing and installation
- Loading branch information
Showing
13 changed files
with
201 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 11 additions & 0 deletions
11
app/src/main/java/app/revanced/manager/compose/patcher/SignerService.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
package app.revanced.manager.compose.patcher | ||
|
||
import android.app.Application | ||
import app.revanced.manager.compose.util.signing.Signer | ||
import app.revanced.manager.compose.util.signing.SigningOptions | ||
|
||
class SignerService(app: Application) { | ||
private val options = SigningOptions("ReVanced", "ReVanced", app.dataDir.resolve("manager.keystore").path) | ||
|
||
fun createSigner() = Signer(options) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
77 changes: 77 additions & 0 deletions
77
app/src/main/java/app/revanced/manager/compose/util/signing/Signer.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
package app.revanced.manager.compose.util.signing | ||
|
||
import android.util.Log | ||
import com.android.apksig.ApkSigner | ||
import org.bouncycastle.asn1.x500.X500Name | ||
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo | ||
import org.bouncycastle.cert.X509v3CertificateBuilder | ||
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter | ||
import org.bouncycastle.jce.provider.BouncyCastleProvider | ||
import org.bouncycastle.operator.ContentSigner | ||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder | ||
import java.io.File | ||
import java.io.FileInputStream | ||
import java.io.FileOutputStream | ||
import java.math.BigInteger | ||
import java.security.* | ||
import java.security.cert.X509Certificate | ||
import java.util.* | ||
|
||
class Signer( | ||
private val signingOptions: SigningOptions | ||
) { | ||
private val passwordCharArray = signingOptions.password.toCharArray() | ||
private fun newKeystore(out: File) { | ||
val (publicKey, privateKey) = createKey() | ||
val privateKS = KeyStore.getInstance("BKS", "BC") | ||
privateKS.load(null, passwordCharArray) | ||
privateKS.setKeyEntry("alias", privateKey, passwordCharArray, arrayOf(publicKey)) | ||
privateKS.store(FileOutputStream(out), passwordCharArray) | ||
} | ||
|
||
private fun createKey(): Pair<X509Certificate, PrivateKey> { | ||
val gen = KeyPairGenerator.getInstance("RSA") | ||
gen.initialize(4096) | ||
val pair = gen.generateKeyPair() | ||
var serialNumber: BigInteger | ||
do serialNumber = BigInteger.valueOf(SecureRandom().nextLong()) while (serialNumber < BigInteger.ZERO) | ||
val x500Name = X500Name("CN=${signingOptions.cn}") | ||
val builder = X509v3CertificateBuilder( | ||
x500Name, | ||
serialNumber, | ||
Date(System.currentTimeMillis() - 1000L * 60L * 60L * 24L * 30L), | ||
Date(System.currentTimeMillis() + 1000L * 60L * 60L * 24L * 366L * 30L), | ||
Locale.ENGLISH, | ||
x500Name, | ||
SubjectPublicKeyInfo.getInstance(pair.public.encoded) | ||
) | ||
val signer: ContentSigner = JcaContentSignerBuilder("SHA256withRSA").build(pair.private) | ||
return JcaX509CertificateConverter().getCertificate(builder.build(signer)) to pair.private | ||
} | ||
|
||
fun signApk(input: File, output: File) { | ||
Security.addProvider(BouncyCastleProvider()) | ||
|
||
val ks = File(signingOptions.keyStoreFilePath) | ||
if (!ks.exists()) newKeystore(ks) else { | ||
Log.i("revanced-manager", "Found existing keystore: ${ks.name}") | ||
} | ||
|
||
val keyStore = KeyStore.getInstance("BKS", "BC") | ||
FileInputStream(ks).use { fis -> keyStore.load(fis, null) } | ||
val alias = keyStore.aliases().nextElement() | ||
|
||
val config = ApkSigner.SignerConfig.Builder( | ||
signingOptions.cn, | ||
keyStore.getKey(alias, passwordCharArray) as PrivateKey, | ||
listOf(keyStore.getCertificate(alias) as X509Certificate) | ||
).build() | ||
|
||
val signer = ApkSigner.Builder(listOf(config)) | ||
signer.setCreatedBy(signingOptions.cn) | ||
signer.setInputApk(input) | ||
signer.setOutputApk(output) | ||
|
||
signer.build().sign() | ||
} | ||
} |
7 changes: 7 additions & 0 deletions
7
app/src/main/java/app/revanced/manager/compose/util/signing/SigningOptions.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
package app.revanced.manager.compose.util.signing | ||
|
||
data class SigningOptions( | ||
val cn: String, | ||
val password: String, | ||
val keyStoreFilePath: String | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters