FC (Fay) Stegerman obfusk

## currencies.groovy
import java.util.Currency
Currency.availableCurrencies.each {
  println "${it.getCurrencyCode()}=${it.getSymbol()}"
}

## untree.py
#!/usr/bin/python3
# encoding: utf-8
# SPDX-FileCopyrightText: 2023 FC Stegerman <flx@obfusk.net>
# SPDX-License-Identifier: GPL-3.0-or-later

from typing import Iterable, Iterator, List, Tuple

INDENT_SPACE = {"    ", "│   ", "|   "}
INDENT_FINAL = {"└── ", "├── ", "`-- ", "|-- "}

## andro-arsc-sp.py
#!/usr/bin/python3
import sys
from androguard.core.bytecodes import apk
with open(sys.argv[1], "rb") as fh:
    data = fh.read()
apk.ARSCParser(data).stringpool_main.show()

## build.gradle
// See https://developer.android.com/studio/publish/app-signing#secure-shared-keystore
def keystorePropertiesFile = rootProject.file("keystore.properties")
def keystoreProperties
def signedReleases = keystorePropertiesFile.exists()

if (signedReleases) {
    println("Using ${keystorePropertiesFile} for release signingConfig...")
    keystoreProperties = new Properties()
    keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}

## HOWTO.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                obfusk
                / HOWTO.md
            
            
              Last active
              December 15, 2023 15:08
            
              
                HOWTO: diff & fix APKs for Reproducible Builds
              
          
    HOWTO: diff & fix APKs for Reproducible Builds

NB: assumes signed APK from upstream named upstream-release.apk, and unsigned
APK from F-Droid CI named fdroiddata-ci.apk.
NB: also assumes a working directory in which it is okay to create temporary
files & directories.
Links


## fdroid-website.png

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                obfusk
                / fdroid-website.png
            
            
              Last active
              February 17, 2023 19:36
            
          
## pip.conf
[global]
break-system-packages = true
no-index = true
index-url = https://localhost/do-not-use-pypi

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                obfusk
                / README.md
            
            
              Last active
              June 24, 2023 11:04
            
              
                apksigcopier: signatures made by older AGP versions cannot be copied
              
          
    Signatures made by older versions of AGP cannot be copied by apksigcopier because the signing method differs too much from that used by apksigner (and signflinger in newer versions).
It is unlikely that support for these signatures will be added.
ZIP entry ordering differences

The v1 (JAR) signature files are always added at the end of the ZIP file by apksigner and apksigcopier; these older versions add them in a different position and sometimes the order of the ZIP entries in the central directory doesn't match the order of the entries in the file.
v1 (JAR) signature file differences


## zfe-test.groovy
import java.util.zip.ZipInputStream

def zis = new ZipInputStream(new FileInputStream(args[0]))
def entryCounter = 0
while (temp = zis.getNextEntry()) {
    entryCounter++
    if (!temp.name && !temp.size) {
        println "Found virtual entry #${entryCounter}"
    }
}

## AndroidManifest-in.xml
<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="1" android:versionName="1" android:compileSdkVersion="29" android:compileSdkVersionCodename="10.0.0" package="com.example" platformBuildVersionCode="29" platformBuildVersionName="10.0.0">
  <uses-sdk android:minSdkVersion="21" android:targetSdkVersion="29"/>
</manifest>
	import java.util.Currency
	Currency.availableCurrencies.each {
	println "${it.getCurrencyCode()}=${it.getSymbol()}"
	}
	#!/usr/bin/python3
	# encoding: utf-8
	# SPDX-FileCopyrightText: 2023 FC Stegerman <flx@obfusk.net>
	# SPDX-License-Identifier: GPL-3.0-or-later

	from typing import Iterable, Iterator, List, Tuple

	INDENT_SPACE = {" ", "│ ", "\| "}
	INDENT_FINAL = {"└── ", "├── ", "`-- ", "\|-- "}
	#!/usr/bin/python3
	import sys
	from androguard.core.bytecodes import apk
	with open(sys.argv[1], "rb") as fh:
	data = fh.read()
	apk.ARSCParser(data).stringpool_main.show()
	// See https://developer.android.com/studio/publish/app-signing#secure-shared-keystore
	def keystorePropertiesFile = rootProject.file("keystore.properties")
	def keystoreProperties
	def signedReleases = keystorePropertiesFile.exists()

	if (signedReleases) {
	println("Using ${keystorePropertiesFile} for release signingConfig...")
	keystoreProperties = new Properties()
	keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
	}
	[global]
	break-system-packages = true
	no-index = true
	index-url = https://localhost/do-not-use-pypi
	import java.util.zip.ZipInputStream

	def zis = new ZipInputStream(new FileInputStream(args[0]))
	def entryCounter = 0
	while (temp = zis.getNextEntry()) {
	entryCounter++
	if (!temp.name && !temp.size) {
	println "Found virtual entry #${entryCounter}"
	}
	}
	<manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="1" android:versionName="1" android:compileSdkVersion="29" android:compileSdkVersionCodename="10.0.0" package="com.example" platformBuildVersionCode="29" platformBuildVersionName="10.0.0">
	<uses-sdk android:minSdkVersion="21" android:targetSdkVersion="29"/>
	</manifest>