patch to android not full support android 8.1

Active 0 Reply 1.5K Views 2018-11-03 12:47:29 Report Bugs & Errors

i have patch to android use lucky patcher , enabled "Signature Verification status always True" and "Disable .apk Signature Verification". then i can install a apk with error CERT.RSA file, it work fine. but some app will call java.util.ResourceBundle.getBundle() to load file from itself APK file. on android 5.1, it ok , because java.util.ResourceBundle.getBundle() finally call MessageDigest.isEqual() to verify signature, you can see it in android 5.1 source code: javautiljarJarVerifier.java, lucky patchers have already pathed this api. but on android 8.1, java.util.ResourceBundle.getBundle() finally call stack like this:

Caused by: java.lang.SecurityException: cannot verify signature block file META-INF/CERT

at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:295)

at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:268)

at java.util.jar.JarVerifier.processEntry(JarVerifier.java:317)

at java.util.jar.JarVerifier.update(JarVerifier.java:229)

at java.util.jar.JarFile.initializeVerifier(JarFile.java:374)

at java.util.jar.JarFile.getInputStream(JarFile.java:441)

at libcore.io.ClassPathURLStreamHandler$ClassPathURLConnection.getInputStream(ClassPathURLStreamHandler.java:177)

at java.net.URL.openStream(URL.java:1059)

at java.lang.ClassLoader.getResourceAsStream(ClassLoader.java:989)

at java.util.ResourceBundle$Control$1.run(ResourceBundle.java:2673)

at java.util.ResourceBundle$Control$1.run(ResourceBundle.java:2659)

at java.security.AccessController.doPrivileged(AccessController.java:69)

at java.util.ResourceBundle$Control.newBundle(ResourceBundle.java:2657)

at java.util.ResourceBundle.loadBundle(ResourceBundle.java:1495)

at java.util.ResourceBundle.findBundle(ResourceBundle.java:1459)

at java.util.ResourceBundle.findBundle(ResourceBundle.java:1413)

at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1355)

at java.util.ResourceBundle.getBundle(ResourceBundle.java:771)

at org.eclipse.paho.client.mqttv3.logging.LoggerFactory.getLogger(LoggerFactory.java:72)

at org.eclipse.paho.client.mqttv3.MqttAsyncClient.(MqttAsyncClient.java:103)

at org.eclipse.paho.client.mqttv3.MqttAsyncClient.generateClientId(MqttAsyncClient.java:1278)

at org.eclipse.paho.client.mqttv3.MqttClient.generateClientId(MqttClient.java:716)

different from android5.1

android 8.1 finally not call MessageDigest.isEqual(), it call sun.security.pkcs.PKCS7.verify() to verify signature.

lucky patcher have not patched this api ,so , it crash.

you can read SignatureFileVerifier.java by: https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/sun/security/util/SignatureFileVerifier.java line 262

can you tell me how to fix it ,or can you fix it on next version? thanks a lot.

Sharing is caring, show love and share the thread with your friends.

facebook
twitter
google+
pinterest
tumblr
linkedin

Forum Statistics

Threads

2342
Replies

1406
Members

36219

Logins
charleshon, yxpfrynyazaxtz, ozsocvucotigr, najwqkfrdg, nikadsvsbdzgb, fndiearedugckik, swkehmiaarwztq, mirwrisa, urpdkwpwous, frankdib, maloriesuffolk2, skip1982, boenkman, wdsspirom, robertgauro, claudefoots,