Parse APK signatures to database

[jakev]

APK signatures should be parsed to the 'apps.db' database. This will allow you to understand which permissions you gain by compromising an application.

[jakev]

keytool appears to be better:

keytool -printcert -jarfile system-apps/android.apk ....

This change will add the following new tables to "sysapps.db":

signatures INT id (primary) TEXT owner TEXT issuer TEXT serial_number TEXT fingerprint

app_uses_signatures: INT id (primary) INT application_id (foreign, apps) INT signature_id (foreign, signatures)

Signatures will processed in 'process' subcommand (temporary?).

AppDb.Application will have a new field called "signature"

AppDb will have a new Object called Signature, which will use the fields from the 'signatures'

New AppDb API:

resolveSignature(Signature sig) // Returns None if signature doesn't exist, returns resolved Signature (with _id populated) if it does

addSignature(Signature sig) // Adds a signature to DB, returns SQL return

getAppSignature(Application app) //returns signature for given Application, returns None if not found

getAppsBySignature(Signature sig) // Finds all applications with given signature

[jakev]

Example usage:

# Get handle to our processed DB
import AppDb
appdb = AppDb.AppDb(".dbs/sysapps.db")

# Get an application
a = appdb.getAppByName("android")

# Get the signature
s = appdb.getAppSignature(a)
print s.fingerprint
8D:DB:34:2F:2D:A5:40:84:02:D7:5......

# Now we can get other apps with that signature...

print map(lambda app: app.project_name, appdb.getAppsBySignature(s))
[u'com.android.defcontainer', u'com.me......

[jakev]

added: https://github.com/jakev/dtfmods-core/commit/0a957849cc45dc37cbda467721cf70bf72662984