app-info 2.8.2 → 3.0.0

data/lib/app_info/dsym.rb

@@ -1,79 +1,30 @@
 # frozen_string_literal: true
 
-require 'macho'
+require 'app_info/dsym/debug_info'
 
 module AppInfo
   # DSYM parser
-  class DSYM
+  class DSYM < File
     include Helper::Archive
 
-    attr_reader :file
-
-    def initialize(file)
-      @file = file
-    end
-
-    def file_type
-      Platform::DSYM
-    end
-
-    def object
-      @object ||= File.basename(app_path)
-    end
-
-    def macho_type
-      @macho_type ||= ::MachO.open(app_path)
-    end
-
-    def machos
-      @machos ||= case macho_type
-                  when ::MachO::MachOFile
-                    [MachO.new(macho_type, File.size(app_path))]
-                  else
-                    size = macho_type.fat_archs.each_with_object([]) do |arch, obj|
-                      obj << arch.size
-                    end
-
-                    machos = []
-                    macho_type.machos.each_with_index do |file, i|
-                      machos << MachO.new(file, size[i])
-                    end
-                    machos
-                  end
-    end
-
-    def release_version
-      info.try(:[], 'CFBundleShortVersionString')
+    # @return [Symbol] {Manufacturer}
+    def manufacturer
+      Manufacturer::APPLE
     end
 
-    def build_version
-      info.try(:[], 'CFBundleVersion')
+    # @return [nil]
+    def each_file(&block)
+      files.each { |file| block.call(file) }
     end
+    alias each_objects each_file
 
-    def identifier
-      info.try(:[], 'CFBundleIdentifier').sub('com.apple.xcode.dsym.', '')
-    end
-    alias bundle_id identifier
-
-    def info
-      return nil unless File.exist?(info_path)
-
-      @info ||= CFPropertyList.native_types(CFPropertyList::List.new(file: info_path).value)
-    end
-
-    def info_path
-      @info_path ||= File.join(contents, 'Contents', 'Info.plist')
-    end
-
-    def app_path
-      unless @app_path
-        path = File.join(contents, 'Contents', 'Resources', 'DWARF')
-        name = Dir.entries(path).reject { |f| ['.', '..'].include?(f) }.first
-        @app_path = File.join(path, name)
+    # @return [Array<DebugInfo>] dsym_files files by alphabetical order
+    def files
+      @files ||= Dir.children(contents).sort.each_with_object([]) do |file, obj|
+        obj << DebugInfo.new(::File.join(contents, file))
       end
-
-      @app_path
     end
+    alias objects files
 
     def clear!
       return unless @contents
@@ -81,85 +32,34 @@ module AppInfo
       FileUtils.rm_rf(@contents)
 
       @contents = nil
-      @app_path = nil
-      @info = nil
-      @object = nil
-      @macho_type = nil
+      @files = nil
     end
 
+    # @return [String] contents path of dsym
     def contents
-      unless @contents
-        if File.directory?(@file)
-          @contents = @file
-        else
-          dsym_dir = nil
-          @contents = unarchive(@file, path: 'dsym') do |path, zip_file|
-            zip_file.each do |f|
-              unless dsym_dir
-                dsym_dir = f.name
-                # fix filename is xxx.app.dSYM/Contents
-                dsym_dir = dsym_dir.split('/')[0] if dsym_dir.include?('/')
-              end
+      @contents ||= lambda {
+        return @file if ::File.directory?(@file)
 
-              f_path = File.join(path, f.name)
-              FileUtils.mkdir_p(File.dirname(f_path))
-              f.extract(f_path) unless File.exist?(f_path)
-            end
-          end
+        dsym_filenames = []
+        unarchive(@file, prefix: 'dsym') do |base_path, zip_file|
+          zip_file.each do |entry|
+            file_path = entry.name
+            next unless file_path.downcase.include?('.dsym/contents/')
+            next if ::File.basename(file_path).start_with?('.')
 
-          @contents = File.join(@contents, dsym_dir)
-        end
-      end
-
-      @contents
-    end
-
-    # DSYM Mach-O
-    class MachO
-      include Helper::HumanFileSize
-
-      def initialize(file, size = 0)
-        @file = file
-        @size = size
-      end
-
-      def cpu_name
-        @file.cpusubtype
-      end
-
-      def cpu_type
-        @file.cputype
-      end
-
-      def type
-        @file.filetype
-      end
-
-      def size(human_size: false)
-        return number_to_human_size(@size) if human_size
-
-        @size
-      end
-
-      def uuid
-        @file[:LC_UUID][0].uuid_string
-      end
-      alias debug_id uuid
+            dsym_filename = file_path.split('/').select { |f| f.downcase.end_with?('.dsym') }.last
+            dsym_filenames << dsym_filename unless dsym_filenames.include?(dsym_filename)
 
-      def header
-        @header ||= @file.header
-      end
+            unless file_path.start_with?(dsym_filename)
+              file_path = file_path.split('/')[1..-1].join('/')
+            end
 
-      def to_h
-        {
-          uuid: uuid,
-          type: type,
-          cpu_name: cpu_name,
-          cpu_type: cpu_type,
-          size: size,
-          human_size: size(human_size: true)
-        }
-      end
+            dest_path = ::File.join(base_path, file_path)
+            FileUtils.mkdir_p(::File.dirname(dest_path))
+            entry.extract(dest_path) unless ::File.exist?(dest_path)
+          end
+        end
+      }.call
     end
   end
 end

data/lib/app_info/error.rb

@@ -9,5 +9,7 @@ module AppInfo
 
   class NotFoundError < Error; end
 
-  class UnkownFileTypeError < Error; end
+  class ProtobufParseError < Error; end
+
+  class UnknownFormatError < Error; end
 end

data/lib/app_info/file.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+# AppInfo base file
+module AppInfo
+  class File
+    attr_reader :file, :logger
+
+    def initialize(file, logger: AppInfo.logger)
+      @file = file
+      @logger = logger
+    end
+
+    # @return [Symbol] {Format}
+    def format
+      @format ||= lambda {
+        if instance_of?(AppInfo::File) || instance_of?(AppInfo::Apple) ||
+           instance_of?(AppInfo::Android)
+          not_implemented_error!(__method__)
+        end
+
+        self.class.name.split('::')[-1].downcase.to_sym
+      }.call
+    end
+
+    # @abstract Subclass and override {#platform} to implement.
+    def platform
+      not_implemented_error!(__method__)
+    end
+
+    # @abstract Subclass and override {#manufacturer} to implement.
+    def manufacturer
+      not_implemented_error!(__method__)
+    end
+
+    # @abstract Subclass and override {#device} to implement.
+    def device
+      not_implemented_error!(__method__)
+    end
+
+    # @abstract Subclass and override {#size} to implement
+    def size(human_size: false)
+      not_implemented_error!(__method__)
+    end
+
+    def not_implemented_error!(method)
+      raise NotImplementedError, ".#{method} method implantation required in #{self.class}"
+    end
+  end
+end

data/lib/app_info/helper/archive.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'zip'
+require 'tmpdir'
+require 'fileutils'
+require 'securerandom'
+
+module AppInfo::Helper
+  module Archive
+    # Unarchive zip file
+    #
+    # source: https://github.com/soffes/lagunitas/blob/master/lib/lagunitas/ipa.rb
+    def unarchive(file, prefix:, dest_path: '/tmp')
+      base_path = Dir.mktmpdir("appinfo-#{prefix}", dest_path)
+      Zip::File.open(file) do |zip_file|
+        if block_given?
+          yield base_path, zip_file
+        else
+          zip_file.each do |f|
+            f_path = ::File.join(base_path, f.name)
+            FileUtils.mkdir_p(::File.dirname(f_path))
+            zip_file.extract(f, f_path) unless ::File.exist?(f_path)
+          end
+        end
+      end
+
+      base_path
+    end
+
+    def tempdir(file, prefix:, system: false)
+      base_path = system ? '/tmp' : ::File.dirname(file)
+      full_prefix = "appinfo-#{prefix}-#{::File.basename(file, '.*')}"
+      dest_path = Dir.mktmpdir(full_prefix, base_path)
+      ::File.join(dest_path, ::File.basename(file))
+    end
+  end
+end

data/lib/app_info/helper/file_size.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module AppInfo::Helper
+  module HumanFileSize
+    def file_to_human_size(file, human_size:)
+      number = ::File.size(file)
+      human_size ? number_to_human_size(number) : number
+    end
+
+    FILE_SIZE_UNITS = %w[B KB MB GB TB].freeze
+
+    def number_to_human_size(number)
+      if number.to_i < 1024
+        exponent = 0
+      else
+        max_exp = FILE_SIZE_UNITS.size - 1
+        exponent = (Math.log(number) / Math.log(1024)).to_i
+        exponent = max_exp if exponent > max_exp
+        number = Kernel.format('%<number>.2f', number: (number / (1024**exponent.to_f)))
+      end
+
+      "#{number} #{FILE_SIZE_UNITS[exponent]}"
+    end
+  end
+end

data/lib/app_info/helper/generate_class.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module AppInfo::Helper
+  module GenerateClass
+    def create_class(klass_name, parent_class, namespace:)
+      klass = Class.new(parent_class) do
+        yield if block_given?
+      end
+
+      name = namespace.to_s.empty? ? klass_name : "#{namespace}::#{klass_name}"
+      if Object.const_get(namespace).const_defined?(klass_name)
+        Object.const_get(namespace).const_get(klass_name)
+      elsif Object.const_defined?(name)
+        Object.const_get(name)
+      else
+        Object.const_get(namespace).const_set(klass_name, klass)
+      end
+    end
+
+    def define_instance_method(key, value)
+      instance_variable_set("@#{key}", value)
+      self.class.class_eval <<-RUBY, __FILE__, __LINE__ + 1
+        def #{key}
+          @#{key}
+        end
+      RUBY
+    end
+  end
+end

data/lib/app_info/helper/protobuf.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module AppInfo::Helper
+  module Protobuf
+    def reference_segments(value)
+      new_value = value.is_a?(Aapt::Pb::Reference) ? value.name : value
+      return new_value.split('/', 2) if new_value.include?('/')
+
+      [nil, new_value]
+    end
+  end
+end

data/lib/app_info/helper/signatures.rb

@@ -0,0 +1,229 @@
+# frozen_string_literal: true
+
+module AppInfo::Helper
+  # Binary IO Block Helper
+  module IOBlock
+    def length_prefix_block(
+      io, size: AppInfo::Android::Signature::UINT32_SIZE,
+      raw: false, ignore_left_size_precheck: false
+    )
+      offset = io.size - io.pos
+      if offset < AppInfo::Android::Signature::UINT32_SIZE
+        raise SecurityError,
+              'Remaining buffer too short to contain length of length-prefixed field.'
+      end
+
+      size = io.read(size).unpack1('I')
+      raise SecurityError, 'Negative length' if size.negative?
+
+      if !ignore_left_size_precheck && size > io.size
+        message = "Underflow while reading length-prefixed value. #{size} > #{io.size}"
+        raise SecurityError, message
+      end
+
+      raw_data = io.read(size)
+      raw ? raw_data : StringIO.new(raw_data)
+    end
+
+    # Only use for uint32 length-prefixed block
+    def loop_length_prefix_io(
+      io, name:, max_bytes: nil, logger: nil, raw: false,
+      ignore_left_size_precheck: false, &block
+    )
+      index = 0
+      until io.eof?
+        logger&.debug "#{name} count ##{index}"
+        buffer = length_prefix_block(
+          io,
+          raw: raw,
+          ignore_left_size_precheck: ignore_left_size_precheck
+        )
+
+        left_bytes_check(buffer, max_bytes, SecurityError) do |left_bytes|
+          "#{name} too short: #{left_bytes} < #{max_bytes}"
+        end
+
+        block.call(buffer)
+        index += 1
+      end
+    end
+
+    def left_bytes_check(io, max_bytes, exception, message = nil, &block)
+      return if max_bytes.nil?
+
+      left_bytes = io.size - io.pos
+      return left_bytes if left_bytes.zero?
+
+      message ||= if block_given?
+                    block.call(left_bytes)
+                  else
+                    "IO too short: #{offset} < #{max_bytes}"
+                  end
+
+      raise exception, message if left_bytes < max_bytes
+
+      left_bytes
+    end
+  end
+
+  # Signature Block helper
+  module Signatures
+    def singers_block(block_id)
+      info = AppInfo::Android::Signature::Info.new(@version, @parser, logger)
+      raise SecurityError, 'ZIP64 APK not supported' if info.zip64?
+
+      info.signers(block_id)
+    end
+
+    def signed_data_certs(io)
+      certificates = []
+      loop_length_prefix_io(io, name: 'Certificates', raw: true) do |cert_data|
+        certificates << AppInfo::Certificate.parse(cert_data)
+      end
+      certificates
+    end
+
+    def signed_data_digests(io)
+      content_digests = {}
+      loop_length_prefix_io(
+        io,
+        name: 'Digests',
+        max_bytes: AppInfo::Android::Signature::UINT64_SIZE
+      ) do |digest|
+        algorithm = digest.read(AppInfo::Android::Signature::UINT32_SIZE).unpack('C*')
+        digest_name = algorithm_match(algorithm)
+        next unless digest_name
+
+        content = length_prefix_block(digest)
+        content_digests[digest_name] = {
+          id: algorithm,
+          content: content
+        }
+      end
+
+      content_digests
+    end
+
+    # FIXME: this code not work, need fix.
+    def verify_additional_attrs(attrs, _certs)
+      loop_length_prefix_io(
+        attrs, name: 'Additional Attributes', ignore_left_size_precheck: true
+      ) do |attr|
+        id = attr.read(AppInfo::Android::Signature::UINT32_SIZE)
+        logger.debug "ID #{id} / #{id.size} / #{id.unpack('H*')} / #{id.unpack('C*')}"
+        if id.unpack('C*') == AppInfo::Helper::Algorithm::SIG_STRIPPING_PROTECTION_ATTR_ID
+          offset = attr.size - attr.pos
+          if offset < AppInfo::Android::Signature::UINT32_SIZE
+            raise SecurityError,
+                  "V2 Signature Scheme Stripping Protection Attribute value too small. Expected #{UINT32_SIZE} bytes, but found #{offset}"
+          end
+
+          # value = attr.read(UINT32_SIZE).unpack1('I')
+          if @version == AppInfo::Android::Signature::Version::V3
+            raise SecurityError,
+                  'V2 signature indicates APK is signed using APK Signature Scheme v3, but none was found. Signature stripped?'
+          end
+        end
+      end
+    end
+
+    def signature_algorithms(signatures)
+      algorithems = []
+      loop_length_prefix_io(
+        signatures,
+        name: 'Signature Algorithms',
+        max_bytes: AppInfo::Android::Signature::UINT64_SIZE,
+        logger: logger
+      ) do |signature|
+        algorithm = signature.read(AppInfo::Android::Signature::UINT32_SIZE).unpack('C*')
+        digest = algorithm_match(algorithm)
+        next unless digest
+
+        signature = length_prefix_block(signature, raw: true)
+        algorithems << {
+          id: algorithm,
+          digest: digest,
+          signature: signature
+        }
+      end
+
+      algorithems
+    end
+  end
+
+  # Signature Algorithm helper
+  module Algorithm
+    # Signature certificate identifiers
+    SIG_RSA_PSS_WITH_SHA256 = [0x01, 0x01, 0x00, 0x00].freeze                # 0x0101
+    SIG_RSA_PSS_WITH_SHA512 = [0x02, 0x01, 0x00, 0x00].freeze                # 0x0102
+    SIG_RSA_PKCS1_V1_5_WITH_SHA256 = [0x03, 0x01, 0x00, 0x00].freeze         # 0x0103
+    SIG_RSA_PKCS1_V1_5_WITH_SHA512 = [0x04, 0x01, 0x00, 0x00].freeze         # 0x0104
+    SIG_ECDSA_WITH_SHA256 = [0x01, 0x02, 0x00, 0x00].freeze                  # 0x0201
+    SIG_ECDSA_WITH_SHA512 = [0x02, 0x02, 0x00, 0x00].freeze                  # 0x0202
+    SIG_DSA_WITH_SHA256 = [0x01, 0x03, 0x00, 0x00].freeze                    # 0x0301
+    SIG_VERITY_RSA_PKCS1_V1_5_WITH_SHA256 = [0x21, 0x04, 0x00, 0x00].freeze  # 0x0421
+    SIG_VERITY_ECDSA_WITH_SHA256 = [0x23, 0x04, 0x00, 0x00].freeze           # 0x0423
+    SIG_VERITY_DSA_WITH_SHA256 = [0x25, 0x04, 0x00, 0x00].freeze             # 0x0425
+
+    SIG_STRIPPING_PROTECTION_ATTR_ID = [0x0d, 0xf0, 0xef, 0xbe].freeze       # 0xbeeff00d
+
+    def best_algorithem(algorithems)
+      methods = algorithems.map { |algorithem| algorithem[:method] }
+      best_method = methods.max { |a, b| algorithem_priority(a) <=> algorithem_priority(b) }
+      best_method_index = methods.index(best_method)
+      algorithems[best_method_index]
+    end
+
+    def compare_algorithem(source, target)
+      case algorithem_priority(source) <=> algorithem_priority(target)
+      when -1
+        target
+      else
+        source
+      end
+    end
+
+    def algorithem_priority(algorithm)
+      case algorithm
+      when SIG_RSA_PSS_WITH_SHA256,
+        SIG_RSA_PKCS1_V1_5_WITH_SHA256,
+        SIG_ECDSA_WITH_SHA256,
+        SIG_DSA_WITH_SHA256
+        1
+      when SIG_RSA_PSS_WITH_SHA512,
+        SIG_RSA_PKCS1_V1_5_WITH_SHA512,
+        SIG_ECDSA_WITH_SHA512
+        2
+      when SIG_VERITY_RSA_PKCS1_V1_5_WITH_SHA256,
+        SIG_VERITY_ECDSA_WITH_SHA256,
+        SIG_VERITY_DSA_WITH_SHA256
+        3
+      end
+    end
+
+    def algorithm_method(algorithm)
+      case algorithm
+      when SIG_RSA_PSS_WITH_SHA256, SIG_RSA_PSS_WITH_SHA512,
+        SIG_RSA_PKCS1_V1_5_WITH_SHA256, SIG_RSA_PKCS1_V1_5_WITH_SHA512,
+        SIG_VERITY_RSA_PKCS1_V1_5_WITH_SHA256
+        :rsa
+      when SIG_ECDSA_WITH_SHA256, SIG_ECDSA_WITH_SHA512, SIG_VERITY_ECDSA_WITH_SHA256
+        :ec
+      when SIG_DSA_WITH_SHA256, SIG_VERITY_DSA_WITH_SHA256
+        :dsa
+      end
+    end
+
+    def algorithm_match(algorithm)
+      case algorithm
+      when SIG_RSA_PSS_WITH_SHA256, SIG_RSA_PKCS1_V1_5_WITH_SHA256,
+        SIG_ECDSA_WITH_SHA256, SIG_DSA_WITH_SHA256,
+        SIG_VERITY_RSA_PKCS1_V1_5_WITH_SHA256, SIG_VERITY_ECDSA_WITH_SHA256,
+        SIG_VERITY_DSA_WITH_SHA256
+        'SHA256'
+      when SIG_RSA_PSS_WITH_SHA512, SIG_RSA_PKCS1_V1_5_WITH_SHA512, SIG_ECDSA_WITH_SHA512
+        'SHA512'
+      end
+    end
+  end
+end