Merge pull request #17 from DeployGate/fix/invalid_jar_signed_but_ins…

…tallable_apk Fixed no signature issue for installable apks but invalid jar sign
DeployGate · Oct 7, 2019 · 93cdf55 · 93cdf55
2 parents bbb409b + 25252de
commit 93cdf55
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/lib/android_apk.rb b/lib/android_apk.rb
@@ -309,14 +309,22 @@ def self.read_signature(apk, filepath)
     apk.verified = exit_status.success?
 
     if !exit_status.success? || certs_hunk.nil?
-      # Use a previous method as a fallback because apksigner cannot get a signature from an non installable apk
+      # For RSA or DSA encryption
+      print_certs_command = "unzip -p #{filepath.shellescape} META-INF/*.RSA META-INF/*.DSA | openssl pkcs7 -inform DER -text -print_certs | keytool -printcert | grep SHA1:"
+      certs_hunk, _, exit_status = Open3.capture3(print_certs_command)
+    end
+
+    if !exit_status.success? || certs_hunk.nil?
+      # Use a previous method as a fallback just in case
       print_certs_command = "unzip -p #{filepath.shellescape} META-INF/*.RSA META-INF/*.DSA | keytool -printcert | grep SHA1:"
       certs_hunk, _, exit_status = Open3.capture3(print_certs_command)
     end
 
     if exit_status.success? && !certs_hunk.nil?
       signatures = certs_hunk.scan(/(?:[0-9a-zA-Z]{2}:?){20}/)
       apk.signature = signatures[0].delete(":").downcase if signatures.length == 1
+    else
+      apk.signature = nil # make sure being nil
     end
   end