关于某lspatch注入型二次打包apk中功能模块的签名校验

傻傻很天真

小白一枚,这个模块apk搞好多天了一直没找到关键点,verify  checkSignature   getAndVerifyPublicKey都试了一下,应该是我没找到关键点,判断是.so文件native层的问题,签名校验一直过不去,插入宿主apk包打开一直闪退,求各位大佬给点思路


QTF.smali,szi.smali中

.method private native verifySign(Lorg/json/JSONObject;)Z
.end method改为
.method private verifySign(Lorg/json/JSONObject;)Z
    .locals 1
    const/4 v0, 0x1
    return v0
.end method


pC.smali

:cond_2
    iget-object v0, v3, Landroid/content/pm/PackageParser$Package;->mSignatures:[Landroid/content/pm/Signature;
    iput-object v0, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
改成    :cond_2
    iget-object v0, v3, Landroid/content/pm/PackageParser$Package;->mSignatures:[Landroid/content/pm/Signature;
    iput-object v0, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
    const/4 v5, 0x0
    iput-object v5, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;

    :goto_2
    :try_start_1
    iget-object v0, v3, Landroid/content/pm/PackageParser$Package;->mSigningDetails:Landroid/content/pm/PackageParser$SigningDetails;
    iget-object v0, v0, Landroid/content/pm/PackageParser$SigningDetails;->signatures:[Landroid/content/pm/Signature;
    iput-object v0, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
改成
    :goto_2
    :try_start_1
    iget-object v0, v3, Landroid/content/pm/PackageParser$Package;->mSigningDetails:Landroid/content/pm/PackageParser$SigningDetails;
    iget-object v0, v0, Landroid/content/pm/PackageParser$SigningDetails;->signatures:[Landroid/content/pm/Signature;
    iput-object v0, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
    const/4 v5, 0x0
    iput-object v5, v4, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;   

    :goto_3
    iget-object v0, v0, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
    iput-object v0, v1, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
改成
    :goto_3
    iget-object v0, v0, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
    iput-object v0, v1, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;
    const/4 v5, 0x0
    iput-object v5, v1, Landroid/content/pm/PackageInfo;->signatures:[Landroid/content/pm/Signature;

改了以后还是闪退,签名校验还在,求大佬给点思路https://www.123684.com/s/18qjTd-gMYK