187 lines
7.1 KiB
Python
187 lines
7.1 KiB
Python
#!/usr/bin/env python3
|
||
# -*- coding: utf-8 -*-
|
||
|
||
"""
|
||
调试脚本:查看OpenSSL命令的输出
|
||
"""
|
||
|
||
import subprocess
|
||
import os
|
||
import tempfile
|
||
|
||
# 测试配置
|
||
test_keystore = "keys/key34/keystore.keystore"
|
||
test_apk = "keys/key34/app-signed-34.apk"
|
||
test_storepass = "password"
|
||
test_alias = "alias"
|
||
test_keypass = "password"
|
||
|
||
def debug_keystore_modulus():
|
||
"""调试keystore的模数提取"""
|
||
print("=== 调试keystore的模数提取 ===")
|
||
|
||
# 创建临时目录
|
||
with tempfile.TemporaryDirectory() as temp_dir:
|
||
# 导出证书
|
||
cert_pem_path = os.path.join(temp_dir, 'cert.pem')
|
||
export_command = [
|
||
'keytool',
|
||
'-export',
|
||
'-keystore', test_keystore,
|
||
'-storepass', test_storepass,
|
||
'-alias', test_alias,
|
||
'-rfc',
|
||
'-file', cert_pem_path
|
||
]
|
||
|
||
print(f"执行命令: {' '.join(export_command)}")
|
||
result = subprocess.run(export_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
if result.returncode == 0:
|
||
# 提取公钥
|
||
pubkey_path = os.path.join(temp_dir, 'pubkey.pem')
|
||
x509_command = [
|
||
'openssl', 'x509',
|
||
'-in', cert_pem_path,
|
||
'-pubkey',
|
||
'-noout',
|
||
'-out', pubkey_path
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(x509_command)}")
|
||
result = subprocess.run(x509_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
if result.returncode == 0:
|
||
# 查看公钥内容
|
||
print(f"\n公钥内容:")
|
||
with open(pubkey_path, 'r') as f:
|
||
print(f.read())
|
||
|
||
# 尝试使用openssl rsa -modulus
|
||
rsa_command = [
|
||
'openssl', 'rsa',
|
||
'-pubin',
|
||
'-in', pubkey_path,
|
||
'-modulus',
|
||
'-noout'
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(rsa_command)}")
|
||
result = subprocess.run(rsa_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
# 尝试使用openssl rsa -text
|
||
rsa_command = [
|
||
'openssl', 'rsa',
|
||
'-pubin',
|
||
'-in', pubkey_path,
|
||
'-text',
|
||
'-noout'
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(rsa_command)}")
|
||
result = subprocess.run(rsa_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
def debug_apk_modulus():
|
||
"""调试APK的模数提取"""
|
||
print("\n=== 调试APK的模数提取 ===")
|
||
|
||
# 创建临时目录
|
||
with tempfile.TemporaryDirectory() as temp_dir:
|
||
import zipfile
|
||
|
||
# 提取APK中的证书
|
||
with zipfile.ZipFile(test_apk, 'r') as apk:
|
||
cert_files = [f for f in apk.namelist() if f.endswith('.RSA') or f.endswith('.DSA') or f.endswith('.EC')]
|
||
print(f"找到的证书文件: {cert_files}")
|
||
|
||
if cert_files:
|
||
cert_file = cert_files[0]
|
||
cert_path = os.path.join(temp_dir, 'cert.RSA')
|
||
apk.extract(cert_file, temp_dir)
|
||
os.rename(os.path.join(temp_dir, cert_file), cert_path)
|
||
|
||
# 使用pkcs7提取公钥
|
||
pem_path = os.path.join(temp_dir, 'cert.pem')
|
||
pkcs7_command = [
|
||
'openssl', 'pkcs7',
|
||
'-inform', 'DER',
|
||
'-in', cert_path,
|
||
'-print_certs',
|
||
'-out', pem_path
|
||
]
|
||
|
||
print(f"执行命令: {' '.join(pkcs7_command)}")
|
||
result = subprocess.run(pkcs7_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
if result.returncode == 0:
|
||
# 提取公钥
|
||
pubkey_path = os.path.join(temp_dir, 'pubkey.pem')
|
||
x509_command = [
|
||
'openssl', 'x509',
|
||
'-in', pem_path,
|
||
'-pubkey',
|
||
'-noout',
|
||
'-out', pubkey_path
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(x509_command)}")
|
||
result = subprocess.run(x509_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
if result.returncode == 0:
|
||
# 查看公钥内容
|
||
print(f"\n公钥内容:")
|
||
with open(pubkey_path, 'r') as f:
|
||
print(f.read())
|
||
|
||
# 尝试使用openssl rsa -modulus
|
||
rsa_command = [
|
||
'openssl', 'rsa',
|
||
'-pubin',
|
||
'-in', pubkey_path,
|
||
'-modulus',
|
||
'-noout'
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(rsa_command)}")
|
||
result = subprocess.run(rsa_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
# 尝试使用openssl rsa -text
|
||
rsa_command = [
|
||
'openssl', 'rsa',
|
||
'-pubin',
|
||
'-in', pubkey_path,
|
||
'-text',
|
||
'-noout'
|
||
]
|
||
|
||
print(f"\n执行命令: {' '.join(rsa_command)}")
|
||
result = subprocess.run(rsa_command, capture_output=True, text=True)
|
||
print(f"返回码: {result.returncode}")
|
||
print(f"输出: {result.stdout}")
|
||
print(f"错误: {result.stderr}")
|
||
|
||
if __name__ == "__main__":
|
||
debug_keystore_modulus()
|
||
debug_apk_modulus()
|