#!/usr/bin/env python3 # -*- coding: utf-8 -*- """ 调试脚本:查看OpenSSL命令的输出 """ import subprocess import os import tempfile # 测试配置 test_keystore = "keys/key34/keystore.keystore" test_apk = "keys/key34/app-signed-34.apk" test_storepass = "password" test_alias = "alias" test_keypass = "password" def debug_keystore_modulus(): """调试keystore的模数提取""" print("=== 调试keystore的模数提取 ===") # 创建临时目录 with tempfile.TemporaryDirectory() as temp_dir: # 导出证书 cert_pem_path = os.path.join(temp_dir, 'cert.pem') export_command = [ 'keytool', '-export', '-keystore', test_keystore, '-storepass', test_storepass, '-alias', test_alias, '-rfc', '-file', cert_pem_path ] print(f"执行命令: {' '.join(export_command)}") result = subprocess.run(export_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") if result.returncode == 0: # 提取公钥 pubkey_path = os.path.join(temp_dir, 'pubkey.pem') x509_command = [ 'openssl', 'x509', '-in', cert_pem_path, '-pubkey', '-noout', '-out', pubkey_path ] print(f"\n执行命令: {' '.join(x509_command)}") result = subprocess.run(x509_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") if result.returncode == 0: # 查看公钥内容 print(f"\n公钥内容:") with open(pubkey_path, 'r') as f: print(f.read()) # 尝试使用openssl rsa -modulus rsa_command = [ 'openssl', 'rsa', '-pubin', '-in', pubkey_path, '-modulus', '-noout' ] print(f"\n执行命令: {' '.join(rsa_command)}") result = subprocess.run(rsa_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") # 尝试使用openssl rsa -text rsa_command = [ 'openssl', 'rsa', '-pubin', '-in', pubkey_path, '-text', '-noout' ] print(f"\n执行命令: {' '.join(rsa_command)}") result = subprocess.run(rsa_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") def debug_apk_modulus(): """调试APK的模数提取""" print("\n=== 调试APK的模数提取 ===") # 创建临时目录 with tempfile.TemporaryDirectory() as temp_dir: import zipfile # 提取APK中的证书 with zipfile.ZipFile(test_apk, 'r') as apk: cert_files = [f for f in apk.namelist() if f.endswith('.RSA') or f.endswith('.DSA') or f.endswith('.EC')] print(f"找到的证书文件: {cert_files}") if cert_files: cert_file = cert_files[0] cert_path = os.path.join(temp_dir, 'cert.RSA') apk.extract(cert_file, temp_dir) os.rename(os.path.join(temp_dir, cert_file), cert_path) # 使用pkcs7提取公钥 pem_path = os.path.join(temp_dir, 'cert.pem') pkcs7_command = [ 'openssl', 'pkcs7', '-inform', 'DER', '-in', cert_path, '-print_certs', '-out', pem_path ] print(f"执行命令: {' '.join(pkcs7_command)}") result = subprocess.run(pkcs7_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") if result.returncode == 0: # 提取公钥 pubkey_path = os.path.join(temp_dir, 'pubkey.pem') x509_command = [ 'openssl', 'x509', '-in', pem_path, '-pubkey', '-noout', '-out', pubkey_path ] print(f"\n执行命令: {' '.join(x509_command)}") result = subprocess.run(x509_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") if result.returncode == 0: # 查看公钥内容 print(f"\n公钥内容:") with open(pubkey_path, 'r') as f: print(f.read()) # 尝试使用openssl rsa -modulus rsa_command = [ 'openssl', 'rsa', '-pubin', '-in', pubkey_path, '-modulus', '-noout' ] print(f"\n执行命令: {' '.join(rsa_command)}") result = subprocess.run(rsa_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") # 尝试使用openssl rsa -text rsa_command = [ 'openssl', 'rsa', '-pubin', '-in', pubkey_path, '-text', '-noout' ] print(f"\n执行命令: {' '.join(rsa_command)}") result = subprocess.run(rsa_command, capture_output=True, text=True) print(f"返回码: {result.returncode}") print(f"输出: {result.stdout}") print(f"错误: {result.stderr}") if __name__ == "__main__": debug_keystore_modulus() debug_apk_modulus()