Skip to content

Change APK buffer from &mut [u8] to &[u8] #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dairlair wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Change APK buffer from &mut [u8] to &[u8] #107

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
da34f6b
Change APK buffer from &mut [u8] to &[u8]
dairlair Apr 17, 2026
2ba37d1
Merge pull request #2 from dairlair/dairlair-patch-1
dairlair Apr 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions pack-api/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -137,8 +137,8 @@ pub fn compile_apk(package: &Package) -> Result<Vec<u8>> {
///
/// The APK is built and signed in-memory without using the local filesystem.
pub fn compile_and_sign_apk(package: &Package, keys: &Keys) -> Result<Vec<u8>> {
let mut zip_buf = compile_apk(package)?;
pack_sign::sign_apk_buffer(&mut zip_buf, keys)
let zip_buf = compile_apk(package)?;
pack_sign::sign_apk_buffer(&zip_buf, keys)
}

/// Performs all the steps in packaging an AAB (Android App Bundle).
Expand Down Expand Up @@ -192,7 +192,7 @@ pub fn compile_and_sign_aab(package: &Package, keys: &Keys) -> Result<Vec<u8>> {
pack_zip::zip_apk(&aab_files, aab_buf_cursor)?;

// Sign the AAB with Scheme v2 and v3 (post-zip)
pack_sign::sign_apk_buffer(&mut aab_buf, keys)
pack_sign::sign_apk_buffer(&aab_buf, keys)
}

fn parse_manifest(
Expand Down
8 changes: 5 additions & 3 deletions pack-sign/src/hasher.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ pub const FIRST_LEVEL_CHUNK_MAGIC: &[u8] = &[0xa5];
pub const SECOND_LEVEL_CHUNK_MAGIC: &[u8] = &[0x5a];

pub fn compute_top_level_hash(
apk_buf: &mut [u8],
apk_buf: &[u8],
offsets: &ZipOffsets,
signing_block_length: usize
) -> Result<Sha256Hash> {
Expand All @@ -44,7 +44,7 @@ pub fn compute_top_level_hash(
}

fn compute_first_level_hashes(
apk_buf: &mut [u8],
apk_buf: &[u8],
offsets: &ZipOffsets,
signing_block_length: usize
) -> Result<Vec<Sha256Hash>> {
Expand Down Expand Up @@ -72,7 +72,9 @@ fn compute_first_level_hashes(
first_level_hashes.extend(hash_chunk(chunk4));

let new_cd_start = offsets.cd_start + signing_block_length;
let mut cursor = Cursor::new(&mut apk_buf[chunk4_range]);

let mut chunk4_modified = chunk4.to_vec();
let mut cursor = Cursor::new(&mut chunk4_modified);
cursor.seek(SeekFrom::Start(16))?;
cursor.write_all(&(new_cd_start as u32).to_le_bytes())?;

Expand Down
2 changes: 1 addition & 1 deletion pack-sign/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ mod zip_rebuilder;
// APK Signature Scheme v3 based on https://source.android.com/docs/security/features/apksigning/v3
/// Signs a ZIP file buffer, adding an APK Signature Block before its Central Directory.
/// Can be used for both APK and AAB files.
pub fn sign_apk_buffer(apk_buf: &mut [u8], keys: &Keys) -> Result<Vec<u8>> {
pub fn sign_apk_buffer(apk_buf: &[u8], keys: &Keys) -> Result<Vec<u8>> {
// Dry-run the block to figure out how long it will be given our key
let dry_run = compute_signing_block([0; 32], keys)?;
let signing_block_size = dry_run.to_bytes()?.len();
Expand Down