MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improve Keygen yet again

Browse Source
This commit is contained in:
topjohnwu 2019-10-26 21:11:32 -04:00
parent 31153e4366
commit ee447bc4ce
1 changed files with 11 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
app/src/main/java/com/topjohnwu/magisk/utils/Keygen.kt
View File

@ -15,7 +15,6 @@ import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder
import org.koin.core.context.GlobalContext import org.koin.core.context.GlobalContext
import org.koin.core.context.startKoin import org.koin.core.context.startKoin
import timber.log.Timber import timber.log.Timber
import java.io.ByteArrayInputStream
import java.io.ByteArrayOutputStream import java.io.ByteArrayOutputStream
import java.math.BigInteger import java.math.BigInteger
import java.security.KeyPairGenerator import java.security.KeyPairGenerator
@ -37,15 +36,14 @@ class Keygen: CertKeyProvider {
companion object { companion object {
private const val ALIAS = "magisk" private const val ALIAS = "magisk"
private val PASSWORD = "magisk".toCharArray() private val PASSWORD get() = "magisk".toCharArray()
private const val TESTKEY_CERT = "61ed377e85d386a8dfee6b864bd85b0bfaa5af81" private const val TESTKEY_CERT = "61ed377e85d386a8dfee6b864bd85b0bfaa5af81"
private const val DNAME = "CN=Android, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US" private const val DNAME = "C=US,ST=California,L=Mountain View,O=Google Inc.,OU=Android,CN=Android"
private const val BASE64_FLAG = Base64.NO_PADDING or Base64.NO_WRAP
} }
private val start get() = Calendar.getInstance() private val start = Calendar.getInstance()
private val end get() = Calendar.getInstance().apply { private val end = Calendar.getInstance().apply { add(Calendar.YEAR, 30) }
add(Calendar.YEAR, 20)
}
override val cert get() = provider.cert override val cert get() = provider.cert
override val key get() = provider.key override val key get() = provider.key
@ -104,9 +102,7 @@ class Keygen: CertKeyProvider {
if (raw.isEmpty()) { if (raw.isEmpty()) {
ks.load(null) ks.load(null)
} else { } else {
GZIPInputStream(ByteArrayInputStream( GZIPInputStream(Base64.decode(raw, BASE64_FLAG).inputStream()).use {
Base64.decode(raw, Base64.NO_PADDING or Base64.NO_WRAP)
)).use {
ks.load(it, PASSWORD) ks.load(it, PASSWORD)
} }
} }
@ -116,20 +112,20 @@ class Keygen: CertKeyProvider {
return ks return ks
// Generate new private key and certificate // Generate new private key and certificate
val kp = KeyPairGenerator.getInstance("RSA").apply { initialize(2048) }.genKeyPair() val kp = KeyPairGenerator.getInstance("RSA").apply { initialize(4096) }.genKeyPair()
val dname = X500Name(DNAME) val dname = X500Name(DNAME)
val builder = JcaX509v3CertificateBuilder(dname, val builder = JcaX509v3CertificateBuilder(dname, BigInteger(160, Random()),
BigInteger.valueOf(start.timeInMillis), start.time, end.time, dname, kp.public) start.time, end.time, dname, kp.public)
val signer = JcaContentSignerBuilder("SHA256WithRSA").build(kp.private) val signer = JcaContentSignerBuilder("SHA256WithRSA").build(kp.private)
val cert = JcaX509CertificateConverter().getCertificate(builder.build(signer)) val cert = JcaX509CertificateConverter().getCertificate(builder.build(signer))
// Store them into keystore // Store them into keystore
ks.setKeyEntry(ALIAS, kp.private, PASSWORD, arrayOf(cert)) ks.setKeyEntry(ALIAS, kp.private, PASSWORD, arrayOf(cert))
val bytes = ByteArrayOutputStream() val bytes = ByteArrayOutputStream()
GZIPOutputStream(Base64OutputStream(bytes, Base64.NO_PADDING or Base64.NO_WRAP)).use { GZIPOutputStream(Base64OutputStream(bytes, BASE64_FLAG)).use {
ks.store(it, PASSWORD) ks.store(it, PASSWORD)
} }
Config.keyStoreRaw = bytes.toString() Config.keyStoreRaw = bytes.toString("UTF-8")
return ks return ks
} }