Skip to content

Draft: APK: use apksigtool when available (closes #320)

FC (Fay) Stegerman requested to merge obfusk/diffoscope:apksigtool into master

Work-in-progress for #320. Feedback welcome :)

TODO

  • decide on the best way to diff
  • release apksigtool (@obfusk)
  • package apksigtool for Debian (@obfusk + sponsor)
  • update d/control, diffoscope/external_tools.py, setup.py
  • ensure adequate testing (and test APKs)

Example

$ diffoscope 1.apk 2.apk
--- 1.apk
+++ 2.apk
│┄ Differences in APK Signing Block only; not running 'apktool'.
├── APK Signing Block (apksigtool)
│ @@ -193,13 +193,13 @@
│  PAIR LENGTH: 1201
│  PAIR ID: 0x42726577
│    VERITY PADDING BLOCK
│    SIZE: 1197
│  PAIR LENGTH: 217
│  PAIR ID: 0x2146444e
│    GOOGLE PLAY FROSTING BLOCK
│ -  VALUE (HEX): aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
│ +  VALUE (HEX): bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
│      cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc
│ -    ddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
│ +    eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Edited by FC (Fay) Stegerman

Merge request reports

Loading