Improve keygen for signing repackaged manager

2019-10-24 13:04:15 -04:00 · 2019-10-24 13:04:15 -04:00 · 97a691ce2f
commit 97a691ce2f
parent 9d948f2c2b
2 changed files with 16 additions and 11 deletions
--- a/app/src/main/java/com/topjohnwu/magisk/utils/Keygen.kt
+++ b/app/src/main/java/com/topjohnwu/magisk/utils/Keygen.kt
@ -33,10 +33,14 @@ private interface CertKeyProvider {
 }

@Suppress("DEPRECATION")
-object Keygen: CertKeyProvider {
-    private const val ALIAS = "magisk"
-    private val PASSWORD = "magisk".toCharArray()
-    private const val TESTKEY_CERT = "61ed377e85d386a8dfee6b864bd85b0bfaa5af81"
+class Keygen: CertKeyProvider {
+
+    companion object {
+        private const val ALIAS = "magisk"
+        private val PASSWORD = "magisk".toCharArray()
+        private const val TESTKEY_CERT = "61ed377e85d386a8dfee6b864bd85b0bfaa5af81"
+        private const val DNAME = "CN=Android, OU=Android, O=Google Inc., L=Mountain View, ST=California, C=US"
+    }

    private val start get() = Calendar.getInstance()
    private val end get() = Calendar.getInstance().apply {
@ -48,7 +52,7 @@ object Keygen: CertKeyProvider {

    private val provider: CertKeyProvider

-    class KeyStoreProvider : CertKeyProvider {
+    inner class KeyStoreProvider : CertKeyProvider {
        private val ks by lazy { init() }
        override val cert by lazy { ks.getCertificate(ALIAS) as X509Certificate }
        override val key by lazy { ks.getKey(ALIAS, PASSWORD) as PrivateKey }
@ -113,9 +117,9 @@ object Keygen: CertKeyProvider {

        // Generate new private key and certificate
        val kp = KeyPairGenerator.getInstance("RSA").apply { initialize(2048) }.genKeyPair()
-        val dn = X500Name("CN=Magisk")
-        val builder = JcaX509v3CertificateBuilder(dn,
-                BigInteger.valueOf(start.timeInMillis), start.time, end.time, dn, kp.public)
+        val dname = X500Name(DNAME)
+        val builder = JcaX509v3CertificateBuilder(dname,
+                BigInteger.valueOf(start.timeInMillis), start.time, end.time, dname, kp.public)
        val signer = JcaContentSignerBuilder("SHA256WithRSA").build(kp.private)
        val cert = JcaX509CertificateConverter().getCertificate(builder.build(signer))

@ -129,5 +133,4 @@ object Keygen: CertKeyProvider {

        return ks
    }
-
 }
--- a/app/src/main/java/com/topjohnwu/magisk/utils/PatchAPK.kt
+++ b/app/src/main/java/com/topjohnwu/magisk/utils/PatchAPK.kt
@ -94,9 +94,10 @@ object PatchAPK {
            context.packageCodePath
        }

-        // Generate a new app with random package name
+        // Generate a new random package name and signature
        val repack = File(context.cacheDir, "patched.apk")
        val pkg = genPackageName("com.", BuildConfig.APPLICATION_ID.length)
+        Config.keyStoreRaw = ""

        if (!patch(src, repack.path, pkg, label))
            return false
@ -127,7 +128,8 @@ object PatchAPK {

            // Write apk changes
            jar.getOutputStream(je).write(xml)
-            SignAPK.sign(Keygen.cert, Keygen.key, jar, FileOutputStream(out).buffered())
+            val keys = Keygen()
+            SignAPK.sign(keys.cert, keys.key, jar, FileOutputStream(out).buffered())
        } catch (e: Exception) {
            Timber.e(e)
            return false