apk - How to generate java/android signature block file (.RSA) with php (phpseclib) -


i’m trying sign android .apk file on server php.

for need generate files contained in meta-inf directory inside .apk file(which zip file). creating .mf , .sf files in php simple. however, i'm struggling .rsa file.

unfortunately, don’t know cryptography , don’t understand basic terms. know php basics, i’m far experienced , have no overview of necessary libraries/functions. therefore after many hours of research, still wasn’t able create useful.

from understand, .rsa file should contain:

  • digital signature of .sf file
  • certificate signers public key

this file should pkcs7 formatted.

i trying use phpseclib this. able create private/public key/certificate examples on internet, i’m absolutely not able put form .rsa file.

stackoverflow has been great source of information , found of answers questions here. however, i’m stuck.

could guys please give me php example code(ideally)? or pseudocode/algorithm… possible accomplish phpseclib/php? there “bit shifting” necessary? if possible, please don’t point me source code of jarsigner…i looked @ it, don’t know java , brought more questions.

update:

it’s hard move in right direction when have no idea doing :d…

this tried far, without success:

  1. i generated public/private key pair ssh

    ssh-keygen -t rsa1

  2. i used generated keypair create self-signed certificate phpsceclib described here: http://phpseclib.sourceforge.net/new/x509/tutorial.html#selfsigning

  3. i passed certificate ($signcert), private key ($privkey - ssh generated file) , data signing ($infilename –> .sf file) openssl function openssl_pkcs7_sign():

    openssl_pkcs7_sign ($infilename , $outfilename , $signcert , $privkey , array(), pkcs7_detached|pkcs7_binary);

however, generated result seems in called pem format (human readable). besides fact it’s not in binary der (don’t know is…just guessing should der) final .rsa file should be, there other issues it:

  • the result contains content of .sf file (the original data signed itself)
  • it contains unnecessary header information regular text string
  • lines end “\n” , not “\r\n”
  • the signature (not sure other data in result is, signature) base64 encoded

am doing @ least right here? other steps have taken make work? properties should set when creating certificate according mentioned link? how transfer result binary der-formatted .rsa file containing .sf signature , certificate signers public key?

update 2:

i had time continue little experiment. went through code , tried change different parameters. found issue. seems needed turn on pkcs7_noattr flag in openssl_pkc7_sign().

here code

$configs = array('digest_alg' => 'sha1',                   'x509_extensions' => 'v3_ca',                  'req_extensions' => 'v3_req',                  'private_key_bits' => 1024,                  'private_key_type' => openssl_keytype_rsa,                  'encrypt_key' => true,                  'encrypt_key_cipher' => openssl_cipher_3des);  // generate private/public key pair , certificate $privkey = openssl_pkey_new($configs); $dn = array("commonname" => "name",             "emailaddress" => "me@example.com");  $csr = openssl_csr_new($dn, $privkey, $configs); $sscert = openssl_csr_sign($csr, null, $privkey, 999, $configs);  // sign .sf file  openssl_pkcs7_sign ( $sffile , $rsafile , $sscert , $privkey, array(),                       pkcs7_detached|pkcs7_binary|pkcs7_noattr);

i had time check on couple of samples, seems working now. here simple demonstration www.balabeng.com/?q=appsigner


Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more