mirror of
https://github.com/f-droid/fdroidserver.git
synced 2025-09-13 22:42:29 +03:00
replace decade old pyasn1 crypto impl with working asn1crypto
For some APKs, get_certificate() was returning a different result than
apksigner and keytool. So I just took the algorithm from androguard, which
uses asn1crypto instead of pyasn1. So that removes a dependency as well.
asn1crypto is already required by androguard.
The original get_certificate() came from 6e2d0a9e1
This commit is contained in:
Hans-Christoph Steiner
parent
4666330a4d
commit
93f361c623
2 changed files with 4 additions and 18 deletions
|
|
@ -54,16 +54,13 @@ from pathlib import Path
|
||||||
|
|
||||||
import defusedxml.ElementTree as XMLElementTree
|
import defusedxml.ElementTree as XMLElementTree
|
||||||
|
|
||||||
|
from asn1crypto import cms
|
||||||
from base64 import urlsafe_b64encode
|
from base64 import urlsafe_b64encode
|
||||||
from binascii import hexlify
|
from binascii import hexlify
|
||||||
from datetime import datetime, timedelta, timezone
|
from datetime import datetime, timedelta, timezone
|
||||||
from queue import Queue
|
from queue import Queue
|
||||||
from zipfile import ZipFile
|
from zipfile import ZipFile
|
||||||
|
|
||||||
from pyasn1.codec.der import decoder, encoder
|
|
||||||
from pyasn1_modules import rfc2315
|
|
||||||
from pyasn1.error import PyAsn1Error
|
|
||||||
|
|
||||||
import fdroidserver.metadata
|
import fdroidserver.metadata
|
||||||
import fdroidserver.lint
|
import fdroidserver.lint
|
||||||
from fdroidserver import _
|
from fdroidserver import _
|
||||||
|
|
@ -3908,18 +3905,8 @@ def get_certificate(signature_block_file):
|
||||||
or None in case of error
|
or None in case of error
|
||||||
|
|
||||||
"""
|
"""
|
||||||
content = decoder.decode(signature_block_file, asn1Spec=rfc2315.ContentInfo())[0]
|
pkcs7obj = cms.ContentInfo.load(signature_block_file)
|
||||||
if content.getComponentByName('contentType') != rfc2315.signedData:
|
return pkcs7obj['content']['certificates'][0].chosen.dump()
|
||||||
return None
|
|
||||||
content = decoder.decode(content.getComponentByName('content'),
|
|
||||||
asn1Spec=rfc2315.SignedData())[0]
|
|
||||||
try:
|
|
||||||
certificates = content.getComponentByName('certificates')
|
|
||||||
cert = certificates[0].getComponentByName('certificate')
|
|
||||||
except PyAsn1Error:
|
|
||||||
logging.error("Certificates not found.")
|
|
||||||
return None
|
|
||||||
return encoder.encode(cert)
|
|
||||||
|
|
||||||
|
|
||||||
def load_stats_fdroid_signing_key_fingerprints():
|
def load_stats_fdroid_signing_key_fingerprints():
|
||||||
|
|
|
||||||
3
setup.py
3
setup.py
|
|
@ -93,14 +93,13 @@ setup(
|
||||||
install_requires=[
|
install_requires=[
|
||||||
'appdirs',
|
'appdirs',
|
||||||
'androguard >= 3.3.5',
|
'androguard >= 3.3.5',
|
||||||
|
'asn1crypto',
|
||||||
'clint',
|
'clint',
|
||||||
'defusedxml',
|
'defusedxml',
|
||||||
'GitPython',
|
'GitPython',
|
||||||
'paramiko',
|
'paramiko',
|
||||||
'Pillow',
|
'Pillow',
|
||||||
'apache-libcloud >= 0.14.1',
|
'apache-libcloud >= 0.14.1',
|
||||||
'pyasn1 >=0.4.1',
|
|
||||||
'pyasn1-modules >= 0.2.1',
|
|
||||||
'python-vagrant',
|
'python-vagrant',
|
||||||
'PyYAML',
|
'PyYAML',
|
||||||
'qrcode',
|
'qrcode',
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue