mirror of https://github.com/NekoX-Dev/NekoX.git
Fix signature check
This commit is contained in:
parent
38d78341da
commit
5280b740f5
|
@ -25,7 +25,6 @@ import android.net.NetworkInfo;
|
|||
import android.os.Build;
|
||||
import android.os.Handler;
|
||||
import android.os.PowerManager;
|
||||
import android.os.Process;
|
||||
import android.os.SystemClock;
|
||||
import android.telephony.TelephonyManager;
|
||||
import android.util.Log;
|
||||
|
@ -39,14 +38,11 @@ import org.telegram.ui.ActionBar.Theme;
|
|||
import org.telegram.ui.Components.ForegroundDetector;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.HashSet;
|
||||
import java.util.LinkedList;
|
||||
import java.util.Set;
|
||||
|
||||
import cn.hutool.core.codec.Base64;
|
||||
import cn.hutool.core.io.IoUtil;
|
||||
import tw.nekomimi.nekogram.ExternalGcm;
|
||||
import tw.nekomimi.nekogram.NekoConfig;
|
||||
import tw.nekomimi.nekogram.NekoXConfig;
|
||||
|
@ -359,33 +355,7 @@ public class ApplicationLoader extends Application {
|
|||
NekoConfig.preferences.contains("qwq");
|
||||
NekoXConfig.preferences.contains("qwq");
|
||||
|
||||
Runnable fuckMT = () -> {
|
||||
Thread.setDefaultUncaughtExceptionHandler(null);
|
||||
Thread.currentThread().setUncaughtExceptionHandler(null);
|
||||
|
||||
if (SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
|
||||
try {
|
||||
Process.killProcess(Process.myPid());
|
||||
} catch (Exception e) {
|
||||
}
|
||||
}
|
||||
Runtime.getRuntime().exit(0);
|
||||
};
|
||||
|
||||
try {
|
||||
Class.forName(Base64.decodeStr("YmluLm10LmFwa3NpZ25hdHVyZWtpbGxlcnBsdXMuSG9va0FwcGxpY2F0aW9u"));
|
||||
AndroidUtilities.runOnUIThread(fuckMT);
|
||||
} catch (ClassNotFoundException ignored) {
|
||||
}
|
||||
|
||||
if (!SignturesKt.isVerified(this)) {
|
||||
InputStream certPointSF = getClass().getResourceAsStream(Base64.decodeStr("TUVUQS1JTkYvQ0VSVC5TRg=="));
|
||||
if (certPointSF == null) {
|
||||
AndroidUtilities.runOnUIThread(fuckMT);
|
||||
}
|
||||
IoUtil.close(certPointSF);
|
||||
}
|
||||
|
||||
SignturesKt.checkMT(this);
|
||||
});
|
||||
|
||||
try {
|
||||
|
|
|
@ -1,35 +1,38 @@
|
|||
/***
|
||||
* If you modify and release but do not release the source code, you violate the GPL, so this is made.
|
||||
*
|
||||
* @author nekohasekai
|
||||
*/
|
||||
package tw.nekomimi.nekogram.parts
|
||||
|
||||
import android.content.Context
|
||||
import android.content.pm.PackageManager
|
||||
import android.content.pm.PackageManager.GET_SIGNATURES
|
||||
import android.content.pm.PackageManager.GET_SIGNING_CERTIFICATES
|
||||
import android.content.pm.Signature
|
||||
import android.os.Build
|
||||
import android.os.Process
|
||||
import cn.hutool.crypto.digest.DigestUtil
|
||||
import org.telegram.messenger.AndroidUtilities
|
||||
import org.telegram.messenger.FileLog
|
||||
|
||||
val fdroidKeys = arrayOf(
|
||||
"06665358EFD8BA05BE236A47A12CB0958D7D75DD939D77C2B31F5398537EBDC5",
|
||||
"AF1A476E2D85FA33C55E44FC51D9CE93223A94F5D089F47F8CE06372E597041D",
|
||||
"B7FAA8C354DE84E8446C52DDD9C985C117599899D5A7845ADDC72B9556CCFD55"
|
||||
val devKeys = arrayOf(
|
||||
"32250A4B5F3A6733DF57A3B9EC16C38D2C7FC5F2F693A9636F8F7B3BE3549641"
|
||||
)
|
||||
|
||||
const val devKey = "32250A4B5F3A6733DF57A3B9EC16C38D2C7FC5F2F693A9636F8F7B3BE3549641"
|
||||
|
||||
@Throws(PackageManager.NameNotFoundException::class)
|
||||
fun Context.getSha256Signature(packageName: String): String {
|
||||
fun Context.getSignature(): Signature {
|
||||
val appInfo = packageManager.getPackageInfo(
|
||||
packageName,
|
||||
if (Build.VERSION.SDK_INT >= 28) GET_SIGNING_CERTIFICATES else GET_SIGNATURES
|
||||
)
|
||||
return if (Build.VERSION.SDK_INT >= 28) {
|
||||
appInfo.signingInfo.apkContentsSigners[0]
|
||||
} else {
|
||||
appInfo.signatures[0]
|
||||
}
|
||||
}
|
||||
|
||||
return DigestUtil.sha256Hex(
|
||||
if (Build.VERSION.SDK_INT >= 28) {
|
||||
appInfo.signingInfo.apkContentsSigners[0].toByteArray()
|
||||
} else {
|
||||
appInfo.signatures[0].toByteArray()
|
||||
}
|
||||
).uppercase()
|
||||
fun Context.getSha256Signature(): String {
|
||||
return DigestUtil.sha256Hex(getSignature().toByteArray()).uppercase()
|
||||
}
|
||||
|
||||
fun Context.isVerified(): Boolean {
|
||||
|
@ -38,12 +41,50 @@ fun Context.isVerified(): Boolean {
|
|||
FileLog.w("packageName changed, don't check signature")
|
||||
return true
|
||||
}
|
||||
when (val s = getSha256Signature(packageName)) {
|
||||
devKey,
|
||||
in fdroidKeys -> return true
|
||||
when (val s = getSha256Signature()) {
|
||||
in devKeys,
|
||||
-> return true
|
||||
else -> {
|
||||
FileLog.w("Unknown signature: $s")
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
fun Context.checkMT() {
|
||||
val fuckMT = Runnable {
|
||||
Thread.setDefaultUncaughtExceptionHandler(null)
|
||||
Thread.currentThread().uncaughtExceptionHandler = null
|
||||
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
|
||||
try {
|
||||
Process.killProcess(Process.myPid())
|
||||
} catch (e: Exception) {
|
||||
}
|
||||
}
|
||||
Runtime.getRuntime().exit(0)
|
||||
}
|
||||
|
||||
try {
|
||||
Class.forName("bin.mt.apksignaturekillerplus.HookApplication")
|
||||
AndroidUtilities.runOnUIThread(fuckMT)
|
||||
return
|
||||
} catch (ignored: ClassNotFoundException) {
|
||||
}
|
||||
|
||||
if (isVerified()) return
|
||||
|
||||
val manifestMF = javaClass.getResourceAsStream("/META-INF/MANIFEST.MF")
|
||||
if (manifestMF == null) {
|
||||
FileLog.w("/META-INF/MANIFEST.MF not found")
|
||||
return
|
||||
}
|
||||
|
||||
val input = manifestMF.bufferedReader()
|
||||
val headers = input.use { (0 until 5).map { readLine() } }.joinToString("\n")
|
||||
|
||||
// WTF version?
|
||||
if (headers.contains("Android Gradle 3.5.0")) {
|
||||
AndroidUtilities.runOnUIThread(fuckMT)
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue