ruby_apk 0.4.0

data/lib/android/dex.rb

@@ -0,0 +1,92 @@
+require_relative 'dex/dex_object'
+require_relative 'dex/info'
+require_relative 'dex/access_flag'
+require_relative 'dex/utils'
+
+module Android
+  # parsed dex object
+  # @see http://source.android.com/tech/dalvik/dex-format.html
+  # @attr_reader strings [Array<String>] strings in dex file.
+  class Dex
+    # @return [Dex::Header] dex header information
+    attr_reader :header
+    alias :h :header
+
+    # @return [String] dex binary data
+    attr_reader :data
+    # @return [Array<Dex::ClassInfo>] array of class information
+    attr_reader :classes
+
+    attr_reader :field_ids, :method_ids, :proto_ids
+    # @param [String] data dex binary data
+    def initialize(data)
+      @data = data
+      @data.force_encoding(Encoding::ASCII_8BIT)
+      @classes = []
+      parse()
+    end
+
+    def strings
+      @strings ||= @string_data_items.map{|item| item.to_s }
+    end
+
+    def inspect
+      "<Android::Dex @classes => #{@classes.size}, datasize => #{@data.size}>"
+    end
+
+
+    # @private
+    TYPE_DESCRIPTOR = { 
+      'V' => 'void',
+      'Z' => 'boolean',
+      'B' => 'byte',
+      'S' => 'short',
+      'C' => 'short',
+      'I' => 'int',
+      'J' => 'long',
+      'F' => 'float',
+      'D' => 'double'
+    }
+
+
+    def type_resolve(typeid)
+      type = strings[@type_ids[typeid]]
+      if type.start_with? '['
+        type = type[1..type.size]
+        return TYPE_DESCRIPTOR.fetch(type, type) + "[]" # TODO: recursive
+      else
+        return TYPE_DESCRIPTOR.fetch(type, type)
+      end
+    end
+
+
+    private
+    def parse
+      @header = DexObject::Header.new(@data)
+      @map_list = DexObject::MapList.new(@data, h[:map_off])
+
+      # parse strings
+      @string_ids = DexObject::StringIdItem.new(@data, h[:string_ids_off], h[:string_ids_size])
+      @string_data_items = []
+      @string_ids[:string_data_off].each { |off| @string_data_items << DexObject::StringDataItem.new(@data, off) }
+
+      @type_ids = DexObject::TypeIdItem.new(@data, h[:type_ids_off], h[:type_ids_size])
+      @proto_ids = ids_list_array(DexObject::ProtoIdItem, h[:proto_ids_off], h[:proto_ids_size])
+      @field_ids = ids_list_array(DexObject::FieldIdItem, h[:field_ids_off], h[:field_ids_size])
+      @method_ids = ids_list_array(DexObject::MethodIdItem, h[:method_ids_off], h[:method_ids_size])
+      @class_defs = ids_list_array(DexObject::ClassDefItem, h[:class_defs_off], h[:class_defs_size])
+
+      @classes = []
+      @class_defs.each do |cls_def|
+        @classes << ClassInfo.new(cls_def, self)
+      end
+    end
+
+    def ids_list_array(cls, offset, size)
+      ret_array = []
+      size.times { |i| ret_array << cls.new(@data, offset + cls.size * i) }
+      ret_array
+    end
+  end
+end
+

data/lib/android/manifest.rb

@@ -0,0 +1,209 @@
+require 'rexml/document'
+
+module Android
+  # parsed AndroidManifest.xml class
+  # @see http://developer.android.com/guide/topics/manifest/manifest-intro.html
+  class Manifest
+    APPLICATION_TAG = '/manifest/application'
+
+    # <activity>, <service>, <receiver> or <provider> element in <application> element of the manifest file.
+    class Component
+      # component types
+      TYPES = ['service', 'activity', 'receiver', 'provider']
+
+      # the element is valid Component element or not
+      # @param [REXML::Element] elem xml element
+      # @return [Boolean]
+      def self.valid?(elem)
+        TYPES.include?(elem.name.downcase)
+      rescue => e
+        false
+      end
+
+      # @return [String] type string in TYPES
+      attr_reader :type
+      # @return [String] component name
+      attr_reader :name
+      # @return [Array<Manifest::IntentFilter>]
+      attr_reader :intent_filters
+      # @return [Array<Manifest::Meta>]
+      attr_reader :metas
+
+      # @param [REXML::Element] elem target element
+      # @raise [ArgumentError] when elem is invalid.
+      def initialize(elem)
+        raise ArgumentError unless Component.valid?(elem)
+        @type = elem.name
+        @name = elem.attributes['name']
+        @intent_filters = []
+        unless elem.elements['intent-filter'].nil?
+          elem.elements['intent-filter'].each do |e|
+            @intent_filters << IntentFilter.parse(e)
+          end
+        end
+        @metas = []
+        elem.each_element('meta-data') do |e|
+          @metas << Meta.new(e)
+        end
+      end
+    end
+
+    # intent-filter element in components
+    module IntentFilter
+      # parse inside of intent-filter element
+      # @param [REXML::Element] elem target element
+      # @return [IntentFilter::Action, IntentFilter::Category, IntentFilter::Data]
+      #    intent-filter element
+      def self.parse(elem)
+        case elem.name
+        when 'action'
+          Action.new(elem)
+        when 'category'
+          Category.new(elem)
+        when 'data'
+          Data.new(elem)
+        else
+          nil
+        end
+      end
+
+      # intent-filter action class
+      class Action
+      # @return [String] action name of intent-filter
+        attr_reader :name
+      # @return [String] action type of intent-filter
+        attr_reader :type
+
+        def initialize(elem)
+          @type = 'action'
+          @name = elem.attributes['name']
+        end
+      end
+
+      # intent-filter category class
+      class Category
+      # @return [String] category name of intent-filter
+        attr_reader :name
+      # @return [String] category type of intent-filter
+        attr_reader :type
+
+        def initialize(elem)
+          @type = 'category'
+          @name = elem.attributes['name']
+        end
+      end
+
+      # intent-filter data class
+      class Data
+        # @return [String]
+        attr_reader :type
+        # @return [String]
+        attr_reader :host
+        # @return [String]
+        attr_reader :mime_type
+        # @return [String]
+        attr_reader :path
+        # @return [String]
+        attr_reader :path_pattern
+        # @return [String]
+        attr_reader :path_prefix
+        # @return [String]
+        attr_reader :port
+        # @return [String]
+        attr_reader :scheme
+
+        def initialize(elem)
+          @type = 'data'
+          @host = elem.attributes['host']
+          @mime_type = elem.attributes['mimeType']
+          @path = elem.attributes['path']
+          @path_pattern = elem.attributes['pathPattern']
+          @path_prefix = elem.attributes['pathPrefix']
+          @port = elem.attributes['port']
+          @scheme = elem.attributes['scheme']
+        end
+      end
+    end
+
+    # meta information class
+    class Meta
+      # @return [String]
+      attr_reader :name
+      # @return [String]
+      attr_reader :resource
+      # @return [String]
+      attr_reader :value
+      def initialize(elem)
+        @name = elem.attributes['name']
+        @resource = elem.attributes['resource']
+        @value = elem.attributes['value']
+      end
+    end
+
+    #################################
+    # Manifest class definitions
+    #################################
+
+    # @param [String] data binary data of AndroidManifest.xml
+    def initialize(data)
+      parser = AXMLParser.new(data)
+      @doc = parser.parse
+    end
+
+    # used permission array
+    # @return [Array<String>] permission names
+    # @note return empty array when the manifest includes no use-parmission element
+    def use_permissions
+      perms = []
+      @doc.each_element('/manifest/uses-permission') do |elem|
+        perms << elem.attributes['name']
+      end
+      perms.uniq
+    end
+
+    # @return [Array<Android::Manifest::Component>] all components in apk
+    # @note return empty array when the manifest include no components
+    def components
+      components = []
+      unless @doc.elements['/manifest/application'].nil?
+        @doc.elements['/manifest/application'].each do |elem|
+          components << Component.new(elem) if Component.valid?(elem)
+        end
+      end
+      components
+    end
+
+    # application package name
+    # @return [String]
+    def package_name
+      @doc.root.attributes['package']
+    end
+
+    # application version code
+    # @return [Integer]
+    def version_code
+      @doc.root.attributes['versionCode'].to_i
+    end
+
+    # application version name
+    # @return [String]
+    def version_name
+      @doc.root.attributes['versionName']
+    end
+
+    # @return [Integer] minSdkVersion in uses element
+    def min_sdk_ver
+      @doc.elements['/manifest/uses-sdk'].attributes['minSdkVersion'].to_i
+    end
+
+    # return xml as string format
+    # @param [Integer] indent size(bytes)
+    # @return [String] raw xml string
+    def to_xml(indent=4)
+      xml =''
+      formatter = REXML::Formatters::Pretty.new(indent)
+      formatter.write(@doc.root, xml)
+      xml
+    end
+  end
+end

data/lib/android/resource.rb

@@ -0,0 +1,135 @@
+# encoding: utf-8
+require 'stringio'
+require 'csv'
+require 'ruby_apk'
+
+module Android
+  # based on Android OS source code
+  # /frameworks/base/include/utils/ResourceTypes.h
+  class Resource
+    class ChunkHeader
+      attr_reader :type, :header_size, :size
+      def initialize(data, offset)
+        @data = data
+        @offset = offset
+        @data_io = StringIO.new(@data, 'rb')
+        @data_io.seek(offset)
+        parse
+      end
+      private
+      def parse
+        @type = read_int16
+        @header_size = read_int16
+        @size = read_int32
+      end
+      def read_int32
+        @data_io.read(4).unpack('V')[0]
+      end
+      def read_int16
+        @data_io.read(2).unpack('v')[0]
+      end
+    end
+
+    class ResTableHeader < ChunkHeader
+      attr_reader :package_count
+      def parse
+        super
+        @package_count = read_int32
+      end
+    end
+    class ResStringPool < ChunkHeader
+      SORTED_FLAG = 1 << 0
+      UTF8_FLAG = 1 << 8
+
+      attr_reader :strings
+      private
+      def parse
+        super
+        @string_count = read_int32
+        @style_count = read_int32
+        @flags = read_int32
+        @string_start = read_int32
+        @style_start = read_int32
+        @strings = []
+        @string_count.times do
+          offset = @offset + @string_start + read_int32
+          if (@flags & UTF8_FLAG != 0)
+            # read length twice(utf16 length and utf8 length)
+            #  const uint16_t* ResStringPool::stringAt(size_t idx, size_t* u16len) const
+            u16len, o16 = ResStringPool.utf8_len(@data[offset, 2])
+            u8len, o8 = ResStringPool.utf8_len(@data[offset+o16, 2])
+            str = @data[offset+o16+o8, u8len]
+            @strings << str.force_encoding(Encoding::UTF_8)
+          else
+            u16len, o16 = ResStringPool.utf16_len(@data[offset, 4])
+            str = @data[offset+o16, u16len*2]
+            str.force_encoding(Encoding::UTF_16LE)
+            @strings << str.encode(Encoding::UTF_8)
+          end
+        end
+      end
+
+      # @note refer to /frameworks/base/libs/androidfw/ResourceTypes.cpp
+      #   static inline size_t decodeLength(const uint8_t** str)
+      # @param [String] data parse target
+      # @return[Integer, Integer] string length and parsed length
+      def self.utf8_len(data)
+        first, second = data.unpack('CC')
+        if (first & 0x80) != 0
+          return (((first & 0x7F) << 8) + second), 2
+        else
+          return first, 1
+        end
+      end
+      # @note refer to /frameworks/base/libs/androidfw/ResourceTypes.cpp
+      #   static inline size_t decodeLength(const char16_t** str)
+      # @param [String] data parse target
+      # @return[Integer, Integer] string length and parsed length
+      def self.utf16_len(data)
+        first, second = data.unpack('vv')
+        if (first & 0x8000) != 0
+          return (((first & 0x7FFF) << 16) + second), 4
+        else
+          return first, 2
+        end
+      end
+    end
+
+    ######################################################################
+    def initialize(data)
+      data.force_encoding(Encoding::ASCII_8BIT)
+      @data = data
+      parse()
+    end
+
+    def strings
+      @string_pool.strings
+    end
+    def package_count
+      @res_table.package_count
+    end
+
+    private
+    def parse
+      offset = 0
+
+      while offset < @data.size
+        type = @data[offset, 2].unpack('v')[0]
+        case type
+        when 0x0001 # RES_STRING_POOL_TYPE
+          @string_pool = ResStringPool.new(@data, offset)
+          offset += @string_pool.size
+        when 0x0002 # RES_TABLE_TYPE
+          @res_table = ResTableHeader.new(@data, offset)
+          offset += @res_table.header_size
+        when 0x0200, 0x0201, 0x0202
+          # not implemented yet.
+          chunk = ChunkHeader.new(@data, offset)
+          offset += chunk.size
+        else
+          raise "chunk type error: type:%#04x" % type
+        end
+      end
+    end
+  end
+end

data/lib/android/utils.rb

@@ -0,0 +1,55 @@
+
+module Android
+  # Utility methods
+  module Utils
+    # path is apk file or not.
+    # @param [String] path target file path
+    # @return [Boolean]
+    def self.apk?(path)
+      begin
+        apk = Apk.new(path)
+        return true
+      rescue => e
+        return false
+      end
+    end
+
+    # data is elf file or not.
+    # @param [String] data target data
+    # @return [Boolean]
+    def self.elf?(data)
+      data[0..3] == "\x7f\x45\x4c\x46"
+    rescue => e
+      false
+    end
+
+    # data is cert file or not.
+    # @param [String] data target data
+    # @return [Boolean]
+    def self.cert?(data)
+      data[0..1] == "\x30\x82"
+    rescue => e
+      false
+    end
+
+    # data is dex file or not.
+    # @param [String] data target data
+    # @return [Boolean]
+    def self.dex?(data)
+      data[0..7] == "\x64\x65\x78\x0a\x30\x33\x35\x00" # "dex\n035\0"
+    rescue => e
+      false
+    end
+
+    # data is valid dex file or not.
+    # @param [String] data target data
+    # @return [Boolean]
+    def self.valid_dex?(data)
+      Android::Dex.new(data)
+      true
+    rescue => e
+      false
+    end
+  end
+end
+

data/lib/ruby_apk.rb

@@ -0,0 +1,6 @@
+require_relative 'android/apk'
+require_relative 'android/manifest'
+require_relative 'android/axml_parser'
+require_relative 'android/dex'
+require_relative 'android/resource'
+require_relative 'android/utils'

data/ruby_apk.gemspec

@@ -0,0 +1,93 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = "ruby_apk"
+  s.version = "0.4.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["SecureBrain"]
+  s.date = "2012-10-28"
+  s.description = "static analysis tool for android apk"
+  s.email = "info@securebrain.co.jp"
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+  s.files = [
+    ".rspec",
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE.txt",
+    "README.md",
+    "Rakefile",
+    "VERSION",
+    "lib/android/apk.rb",
+    "lib/android/axml_parser.rb",
+    "lib/android/dex.rb",
+    "lib/android/dex/access_flag.rb",
+    "lib/android/dex/dex_object.rb",
+    "lib/android/dex/info.rb",
+    "lib/android/dex/utils.rb",
+    "lib/android/manifest.rb",
+    "lib/android/resource.rb",
+    "lib/android/utils.rb",
+    "lib/ruby_apk.rb",
+    "ruby_apk.gemspec",
+    "spec/apk_spec.rb",
+    "spec/axml_parser_spec.rb",
+    "spec/data/sample.apk",
+    "spec/data/sample_AndroidManifest.xml",
+    "spec/data/sample_classes.dex",
+    "spec/data/sample_resources.arsc",
+    "spec/data/sample_resources_utf16.arsc",
+    "spec/dex/access_flag_spec.rb",
+    "spec/dex/dex_object_spec.rb",
+    "spec/dex/info_spec.rb",
+    "spec/dex/utils_spec.rb",
+    "spec/dex_spec.rb",
+    "spec/manifest_spec.rb",
+    "spec/resource_spec.rb",
+    "spec/ruby_apk_spec.rb",
+    "spec/spec_helper.rb",
+    "spec/utils_spec.rb"
+  ]
+  s.homepage = "http://www.securebrain.co.jp/"
+  s.licenses = ["MIT"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.24"
+  s.summary = "static analysis tool for android apk"
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<rubyzip>, [">= 0"])
+      s.add_development_dependency(%q<rspec>, ["~> 2.11.0"])
+      s.add_development_dependency(%q<bundler>, ["~> 1.1.5"])
+      s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
+      s.add_development_dependency(%q<yard>, [">= 0"])
+      s.add_development_dependency(%q<redcarpet>, [">= 0"])
+      s.add_development_dependency(%q<simplecov>, [">= 0"])
+    else
+      s.add_dependency(%q<rubyzip>, [">= 0"])
+      s.add_dependency(%q<rspec>, ["~> 2.11.0"])
+      s.add_dependency(%q<bundler>, ["~> 1.1.5"])
+      s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
+      s.add_dependency(%q<yard>, [">= 0"])
+      s.add_dependency(%q<redcarpet>, [">= 0"])
+      s.add_dependency(%q<simplecov>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<rubyzip>, [">= 0"])
+    s.add_dependency(%q<rspec>, ["~> 2.11.0"])
+    s.add_dependency(%q<bundler>, ["~> 1.1.5"])
+    s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
+    s.add_dependency(%q<yard>, [">= 0"])
+    s.add_dependency(%q<redcarpet>, [">= 0"])
+    s.add_dependency(%q<simplecov>, [">= 0"])
+  end
+end
+