Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Very interesting #110

Open
CamsShaft opened this issue Jun 22, 2024 · 2 comments
Open

Very interesting #110

CamsShaft opened this issue Jun 22, 2024 · 2 comments
Labels
good first issue Good for newcomers

Comments

@CamsShaft
Copy link

Describe the bug
So I've been learning quite a bit about signatures the past few months and have barely scratched the surface it seems, so please bare with me. I've been trying to manipulate user installed apks that have the sharedUserId="android.uid.system" flag set. This one happens to have the sharedUserId="android.uid.shell". I'm mainly trying to get the debuggable flag set to true and preserve the signature. Obviously it uses the platform sig. It installs no problem on its own without anything done to it yet. In my experimentation one of my attempts was this: "apksigner sign --debuggable-apk-permitted --append-signature --ks platform.p12 --verbose LabelChecker_1.0.apk". The platform.p12 I use is another cert and private key that match the regular platform sig in quite a few areas, mainly these:

"X509v3 Subject Key Identifier:
93:2C:3A:F7:0B:62:7A:0C:76:10:B5:A0:E7:42:7D:6C:FA:EA:3F:1E
X509v3 Authority Key Identifier:
keyid:93:2C:3A:F7:0B:62:7A:0C:76:10:B5:A0:E7:42:7D:6C:FA:EA:3F:1E
DirName:/C=KR/ST=South Korea/L=Suwon City/O=Samsung Corporation/OU=DMC/CN=Samsung Cert/emailAddress=android.os@samsung.com
serial:D2:09:95:A7:9C:0D:AA:D6".

Except the private key doesn't match because of key rotation I believe. Anyways, after I use that first command I get this output using your tool:

"java -jar APKEditor-1.3.8.jar info -signatures -i downloads/LabelChecker_1.0.apk"

"Certificates="1"
Subject: EMAILADDRESS=android.os@samsung.com, CN=Samsung Cert, OU=DMC, O=Samsung Corporation, L=Suwon City, ST=South Korea, C=KR
Issuer: EMAILADDRESS=android.os@samsung.com, CN=Samsung Cert, OU=DMC, O=Samsung Corporation, L=Suwon City, ST=South Korea, C=KR
Validity FROM: Wed Jun 22 12:25:12 GMT 2011, TO: Sun Nov 07 12:25:12 GMT 2038, PERIOD: 864000000000
Serial: 0xd20995a79c0daad6
OID: 1.2.840.113549.1.1.5"

Looks great, but fails verification since it didn't preserve the original signature. Now with the same command on the original app that does install I get this output:

"java -jar APKEditor-1.3.8.jar info -signatures -i downloads/LabelChecker_1.0.apk"

"certificates="null""

It's pretty strange behavior and was hoping I might be able to get the reasons why the original apk isn't recognizing the signature at even even though it is signed and installs with no issues. I'll be available if you need anymore information at all. Thank you.

To Reproduce
Steps to reproduce the behavior:

  1. Use the apksigner command
  2. Check the signature using APKEditor
  3. Check the signature of the original unedited apk
  4. Output is "null"
  1. Used version '1.3.8'
  2. Operating system 'samsung s22 android 14'
  3. Command 'java -jar APKEditor-1.3.8.jar info -signatures -i "LabelChecker_1.0.apk"'

Log/Stacktrace
I'm not sure what logcat command I could use for this. Please provide an appropriate one and I'll give the output afterwards.

Used apk file
Github won't allow me to attach an apk.

Additional context
Add any other context about the problem here.

@REAndroid REAndroid added the good first issue Good for newcomers label Jun 22, 2024
@REAndroid
Copy link
Owner

Thank you for brief description !
APKEditor pulls certificates from V2 signing block (located bn LFH and CEH directory), my first guess is that your original apk could be signed with only V1 scheme. You can confirm this under decompiled directory you should see file: signatures/0_V2.signature.info.bin

Github won't allow me to attach an apk.

Just change the file extension to .zip like LabelChecker_1.0.apk.zip or if your file size is large you can upload to some cloud storage and share the link here.

@CamsShaft
Copy link
Author

HAH! I can't tell if you're being sarcastic or not about the brief description. All good anyways. And you nailed it with the V1, I actually was going to bring it up but forgot when I submitted it. This app would be great to run, it's just samsung is being samsung again. I'm also pretty new to this type of stuff, last year around this time I was still using my phone as a phone instead of exploring everything about them and now it's taken over everything haha. Anyways here's the app if you want to mess around with it.....
LabelChecker_1.0.apk.zip

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Good for newcomers
Projects
None yet
Development

No branches or pull requests

2 participants