Repackaging Detection
Repackaging detection is a security feature that detects if the application was modified and resigned with a different signing certificate.
Repackaging Detection for Apple Platforms
To properly configure the repackaging detection, you need to get the Base64-encoded string of your signing certificate:
- Open the
Keychain Accessapplication. - Find a certificate that will be used to sign your application, for example, “Apple Development: Jan Tester (c)”.
- Right-click on the item and click “Export…”.
- Export the certificate in the
.cerformat. - Open up the terminal and
cdinto the folder with your exported certificate. - Encode the certificate in Base64 with
cat your_exported.cer | base64. - Copy the output of the command and use it as a parameter for the repackage detection configuration:
const configuration = {
appleConfig: {
raspConfig: {
repackage: {
action: "EXIT",
exitUrl: "https://wultra.com/repackaging" // provide link to a web page explaining the app termination
base64EncodedTrustedCertificates: [ "BASE64" ]
}
}
}
}
Repackaging Detection for Android
To properly configure the repackaging detection, you have to get one or more Base64-encoded strings, each containing a SHA-1 hash of a signing certificate.
Detailed documentation about obtaining signature hash can be found in the documentation of Malwarelytics for Android.
Once the signature hash has been obtained, add it to the configuration:
const configuration = {
androidConfig: {
raspConfig: {
repackage: {
action: 'EXIT',
exitUrl: "https://wultra.com/repackaging" // provide link to a web page explaining the app termination
signatureHash: [ "BASE64-OF-SHA1-HASH" ] // provide Base64-encoded string(s), each containing a SHA-1 hash of a signing certificate
}
}
}
}
Read Next
Last updated on Sep 22, 2023 (08:22)
Edit on Github
Send Feedback