Batch re signing of Android and iOS packets
- 2021-09-16 08:12:55
- OfStack
In this paper, we share the specific codes of batch re-signing of Android and iOS packages for your reference. The specific contents are as follows
Android
Environmental requirements
1 Install winrar, and then configure the environment variables of winrar, using winrar instruction
2 Configure the bin directory of java to the environment variable, and use the jarsigner instruction
Description of re-signature steps:
1 Copy 1 child package from parent package
2 Delete the signature file META-INFO of the subpackage
3 Modify sub-package files as needed, such as channel number files
4-signature subpackage
Corresponding python script
import os
import sys
import shutil
import json
ORIGINAL_APK=' Mother bag .apk'
UNSIGN_APK='unsign.apk'
SIGNED_APK={"\" Subpackage 1.apk\"":1,"\" Subpackage 2.apk\"":2,"\" Subpackage 3.apk\"":3,"\" Subpackage 4.apk\"":4}
KEY_STORE='keystore Documents .keystore'
KEY_PASS='key Password '
STORE_PASS='store Password '
def copy_apk(src_f,dst_f):
if not os.path.isfile(src_f):
print("%s not exist"%(src_f))
else:
fpath,fname=os.path.split(dst_f)
shutil.copyfile(src_f,dst_f)
print("copy %s -> %s"%(src_f,dst_f))
def zip_del_file(apk_f,del_f):
os.system("winrar d %s %s"%(apk_f,del_f))
print('zip_del_file:'+del_f)
def zip_add_file(apk_f,channel):
del_dir("assets")
os.makedirs("assets")
f=open("assets\\AppParamSetting.txt",'w')
f.write('{"channel":%s,"bundleIdentifier":""}'%(channel))
f.close()
os.system("winrar a -ad %s %s"%(apk_f,"assets\\AppParamSetting.txt"))
def del_file(f):
os.remove(f)
print('del_file:'+f)
def del_dir(f_dir):
if os.path.exists(f_dir):
shutil.rmtree(f_dir)
print("del_dir:"+f_dir)
def sign_app(unsigned_app, signed_app):
signcmd='jarsigner -verbose -keystore %s -keypass %s -storepass %s -signedjar %s -digestalg SHA1 -sigalg MD5withRSA %s sfish' % (KEY_STORE,KEY_PASS,STORE_PASS,signed_app,unsigned_app)
os.system(signcmd)
print(signcmd)
if __name__ == '__main__':
cur_dir=os.getcwd()
print('cur_dir'+cur_dir)
copy_apk(ORIGINAL_APK,"tmp_"+ORIGINAL_APK)
zip_del_file("tmp_"+ORIGINAL_APK,"META-INF")
for key in SIGNED_APK.keys():
channel=SIGNED_APK[key]
zip_add_file("tmp_"+ORIGINAL_APK,channel)
sign_app("tmp_"+ORIGINAL_APK,key)
del_dir("assets")
del_file("tmp_"+ORIGINAL_APK)
input("Done")
iOS
Environmental requirements:
1 mac machine
2 certificate file, open: Launchapd (rocket icon)- > Others- > Keychain access, right there
3. mobileprovision file
Description of re-signature steps:
1 Generate the entitlements. plist file from the. mobileprovision file
2 Extract ipa, you will get 1 Payload directory, and then inside is 1 xxx. app, which shows the contents of the package and can see the contents inside
3 Delete the signature file, namely: Payload/xxx.app/_CodeSignature directory
4 Modify files as needed, such as channel files
5-fold signature
6 compressed ipa
Corresponding python script
#!/usr/bin/python
import os
import sys
import json
ORIGINAL_IPA=' Mother bag .ipa'
SIGNED_APK={"\" Subpackage 1.ipa\"":1,"\" Subpackage 2.ipa\"":2,"\" Subpackage 3.ipa\"":3,"\" Subpackage 4.ipa\"":4}
CERT_FILE=' Certificate file '
MOBILE_PROVISION_UUID = 'mobileprovision Adj. uuid'
def get_mobile_provision_dir():
return os.path.join(os.getenv('HOME'),'Library/MobileDevice/Provisioning Profiles/')
def get_mobile_provision_file(uuid):
return os.path.join(get_mobile_provision_dir(), uuid + ".mobileprovision")
def unzip_app():
os.system('unzip -qo ./%s -d ./'%(ORIGINAL_IPA))
print('unzip_app %s done!'%(ORIGINAL_IPA))
def del_code_signature():
os.system("rm -rf ./Payload/sfish.app/_CodeSignature")
print('del_code_signature done!')
def resign_app():
os.system('/usr/bin/codesign --continue -f -s "%s" --entitlements "%s" "%s"'%(CERT_FILE,'./entitlement.plist','./Payload/sfish.app'))
print('resign_app done!')
def zip_app(f_ipa):
os.system('zip -r %s ./Payload'%(f_ipa))
print('zip_app done!')
def del_payload():
os.system('rm -r ./Payload')
def gen_entitlements(uuid, out_file_name):
os.system('security cms -D -i "%s" > entitlement_full.plist '%(get_mobile_provision_file(uuid) ))
os.system('/usr/libexec/PlistBuddy -x -c \'Print:Entitlements\' entitlement_full.plist > "%s" '%( out_file_name))
def rep_emb_file(uuid):
os.system('cp "%s" ./Payload/sfish/embedded.mobileprovision' % (get_mobile_provision_file(uuid)))
def update_channel_file(channel):
f_channel='./Payload/xxx.app/Data/Raw/channel.txt'
fr=open(f_channel,'r')
txt=fr.read()
fr.close()
js=json.loads(txt)
js['channel_id']=channel
fw=open(f_channel,'w')
fw.write(json.dumps(js))
fw.close()
if __name__ == '__main__':
gen_entitlements( MOBILE_PROVISION_UUID, "entitlement.plist" )
unzip_app()
del_code_signature()
for key in SIGNED_APK.keys():
channel=SIGNED_APK[key]
update_channel_file(channel)
resign_app()
zip_app(key)
del_payload()