copy/extract/patch apk signatures
Project description
apksigcopier - copy/extract/patch apk signatures
apksigcopier is a tool for copying APK signatures from a signed APK
to an unsigned one (in order to verify reproducible builds). Its
command-line tool offers three operations:
- copy signatures directly from a signed to an unsigned APK
- extract signatures from a signed APK to a directory
- patch previously extracted signatures onto an unsigned APK
Extract
$ mkdir meta
$ apksigcopier extract signed.apk meta
$ ls -1 meta
8BEA2A77.RSA
8BEA2A77.SF
APKSigningBlock
APKSigningBlockOffset
MANIFEST.MF
Patch
$ apksigcopier patch meta unsigned.apk out.apk
Copy (Extract & Patch)
$ apksigcopier copy signed.apk unsigned.apk out.apk
Python API
>>> from apksigcopier import do_extract, do_patch, do_copy, gen_dummy_key
>>> config = dict(apksigner_cmd=..., ...)
>>> do_extract(signed_apk, output_dir, v1_only=NO)
>>> do_patch(metadata_dir, unsigned_apk, output_apk, v1_only=NO,
... dummy_keystore=None, config=config)
>>> do_copy(signed_apk, unsigned_apk, output_apk, v1_only=NO,
... dummy_keystore=None, config=config)
>>> gen_dummy_key(keystore, alias="dummy", keyalg="RSA", keysize=4096,
... sigalg="SHA512withRSA", validity=10000,
... storepass="dummy-password", dname="CN=dummy",
... keytool_cmd=config["keytool_cmd"])
CAVEATS
Recent versions of the Android gradle plugin will use zipflinger --
which arranges the contents of the APK differently -- making
apksigcopier fail to work when using --use-zip=yes (the default is
no). You can tell the plugin not to use zipflinger by setting
android.useNewApkCreator=false in gradle.properties.
Help
$ apksigcopier --help
Tab Completion
For Bash, add this to ~/.bashrc:
eval "$(_SHTST_COMPLETE=source_bash apksigcopier)"
For Zsh, add this to ~/.zshrc:
eval "$(_SHTST_COMPLETE=source_zsh apksigcopier)"
For Fish, add this to ~/.config/fish/completions/apksigcopier.fish:
eval (env _SHTST_COMPLETE=source_fish apksigcopier)
Requirements
- Python >= 3.5 + click +
apksigner.
Debian/Ubuntu
$ apt install python3-click apksigner
Installing
Using pip
$ pip install apksigcopier
NB: depending on your system you may need to use e.g. pip3 --user
instead of just pip.
From git
NB: this installs the latest development version, not the latest release.
$ git clone https://github.com/obfusk/apksigcopier.git
$ cd apksigcopier
$ pip install -e .
NB: you may need to add e.g. ~/.local/bin to your $PATH in order
to run apksigcopier.
To update to the latest development version:
$ cd apksigcopier
$ git pull --rebase
License
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for apksigcopier-0.2.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 266a87ed4bb6ab6ea033499eb30617b0fa0fc7562264ec0b1f08253769694075 |
|
| MD5 | a40ad51dee3a9d0826ff916b1f6c3a23 |
|
| BLAKE2b-256 | 21ce7db763e3e38936897a2fb6584e76dbf948ff81ad9761854a6ead53a5d13d |
