FC (Fay) Stegerman obfusk

🏳️‍🌈

hacking ⇒ ¬sleeping 😸

CS/InfoSec, FP, Software Freedom, Privacy, Math, 日本語 » she/her, they/them

187 followers · 66 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

obfusk / verify-index.sh

Created December 4, 2022 21:00

verify F-Droid index-v1.jar using apksigtool

	#!/bin/bash
	apksigtool verify-v1 --allow-unsafe=SHA1 --signed-by=43238d512c1e5eb2d6569f4a3afbf5523418b82e0a3ed1552770abb9a9c9ccab: index-v1.jar

obfusk / binaries.sh

Last active December 9, 2022 03:02

-> https://github.com/obfusk/fdroid-misc-scripts | download & check f-droid APKs using Binaries:

	#!/bin/bash
	set -e
	for yml in $( grep -l ^Binaries: fdroiddata/metadata/*.yml \| sort ); do
	echo "==> $yml"
	base="$(basename "$yml" .yml)"
	read -r version code upstream_url < <( python3 -c '
	import sys, yaml
	with open(sys.argv[1]) as fh:
	m = yaml.safe_load(fh.read())
	for b in reversed(m["Builds"]):

obfusk / jpype-apksigner.py

Last active November 23, 2022 22:41

jpype apksigner PoC

	import sys

	import jpype
	import jpype.imports

	jpype.startJVM(classpath=["/usr/share/java/org.jpype.jar", "/usr/share/java/apksigner.jar"])

	from com.android.apksig import ApkVerifier
	from java.io import File

obfusk / openssl-gen-apk-signing-cert-and-privkey.sh

Created November 19, 2022 20:14

generate certificate & private key for APK siging using openssl

openssl req -x509 -newkey rsa:4096 -sha512 -outform DER -out cert.der -days 10000 -nodes -subj '/CN=test key' -keyout - | openssl pkcs8 -topk8 -nocrypt -outform DER -out privkey.der

obfusk / fix-services-newlines.py

Last active November 22, 2022 05:33

-> https://github.com/obfusk/reproducible-apk-tools | fix META-INF/services/ newlines

	#!/usr/bin/python3
	# encoding: utf-8
	# SPDX-FileCopyrightText: 2022 FC Stegerman <[email protected]>
	# SPDX-License-Identifier: GPL-3.0-or-later

	import sys
	import zipfile
	import zlib

	from typing import Any, Dict

obfusk / verify-jar-sf-with-sbf.py

Last active November 4, 2022 01:19

verify JAR signature file using signature block file [WARNING: does not verify the actual file hashes!!!]

	#!/usr/bin/python3

	import sys

	from asn1crypto.x509 import Certificate as X509Cert
	from cryptography.exceptions import InvalidSignature
	from cryptography.hazmat.primitives.asymmetric.ec import ECDSA
	from cryptography.hazmat.primitives.asymmetric.padding import PKCS1v15
	from cryptography.hazmat.primitives.hashes import SHA1, SHA224, SHA256, SHA384, SHA512
	from cryptography.hazmat.primitives.serialization import Encoding

mildsunrise / fnmt_handle.py

Last active November 24, 2024 01:40

🔐 Open source implementation of FNMT's certificate configurator (https://twitter.com/mild_sunrise/status/1585611873860440067)

	#!/usr/bin/env python3
	'''
	Open source implementation of FNMT's certificate configurator v4.0.6
	<https://www.sede.fnmt.gob.es/descargas/descarga-software/instalacion-software-generacion-de-claves>
	No warranty provided; use this ONLY if you know what you're doing.

	Usage: ./fnmt_handle.py <fnmtcr URL>

	Fulfills the request indicated by the URL, sending request to answer operation as completed if there are no errors.
	For the fnmtcr://request phase, the generated private key is written, unencrypted, to "privkey.pem" in current directory.

obfusk / touch.sh

Last active October 23, 2022 21:30

touch files in git repo based on last commit timestamp

git ls-files | xargs touch -d "@$( git log -1 --pretty=%ct )"

obfusk / jar-cert-fingerprint.sh

Created October 17, 2022 15:55

get fingerprint of cert from jar

	#!/bin/sh
	unzip -p "${1:-index-v1.jar}" META-INF/"${2:-OBFUSK.RSA}" \
	\| openssl pkcs7 -print_certs -inform DER \
	\| openssl x509 -fingerprint -sha256 \
	\| head -n1 \| cut -d= -f2 \| tr -d :

obfusk / maven.md

Last active September 28, 2021 16:04

wire-android maven stuff

TODO

-> .zip

Available on central, but broken

~~https://mvnrepository.com/artifact/com.wire/cryptobox-android~~ 1.1.2 (1.1.3 seems OK)

Available in broken wire repo only

Newer Older