Signature spoofing support ?

[Vavun]

Is it possible to add optional signature spoofing support during the root ReVanced version build process?
For those who use custom roms with signature spoofing support.

Get original YouTube.apk sig and patch like this

diff -r -u D:\Desktop\ReVanced\Orig\AndroidManifest.xml D:\Desktop\ReVanced\Spoof\AndroidManifest.xml
--- D:\Desktop\ReVanced\Orig\AndroidManifest.xml	Mon Jul 11 14:05:18 2022
+++ D:\Desktop\ReVanced\Spoof\AndroidManifest.xml	Mon Jul 11 14:09:46 2022
@@ -55,6 +55,7 @@
             <action android:name="android.support.customtabs.action.CustomTabsService"/>
         </intent>
     </queries>
+    <uses-permission android:name="android.permission.FAKE_PACKAGE_SIGNATURE"/>
     <uses-permission android:name="android.permission.INTERNET"/>
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
     <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
@@ -103,6 +104,7 @@
     <permission android:name="com.google.android.youtube.permission.C2D_MESSAGE" android:protectionLevel="signature"/>
     <uses-feature android:glEsVersion="0x00020000" android:required="true"/>
     <application android:allowBackup="true" android:backupAgent="com.google.android.apps.youtube.app.application.backup.YouTubeBackupAgent" android:gwpAsanMode="never" android:hardwareAccelerated="true" android:icon="@mipmap/ic_launcher" android:label="@string/application_name" android:largeHeap="true" android:logo="@drawable/action_bar_logo_release" android:name="com.google.android.apps.youtube.app.YouTubeTikTokRoot_Application" android:networkSecurityConfig="@xml/network_security_config" android:requestLegacyExternalStorage="true" android:restoreAnyVersion="true" android:roundIcon="@mipmap/ic_launcher_round" android:supportsRtl="true" android:theme="@style/Theme.YouTube.Light" localeConfig="@xml/locales_config">
+        <meta-data android:name="fake-signature" android:value="@string/fake_signature"/>
         <meta-data android:name="android.max_aspect" android:value="2.1"/>
         <meta-data android:name="com.google.android.backup.api_key" android:value="AEdPqrEAAAAIXi58ScnYbhPAPl8s4DjDkSik7XGKNcn8YqfZFg"/>
         <meta-data android:name="to.dualscreen" android:value="true"/>
diff -r -u D:\Desktop\ReVanced\Orig\res\values\strings.xml D:\Desktop\ReVanced\Spoof\res\values\strings.xml
--- D:\Desktop\ReVanced\Orig\res\values\strings.xml	Mon Jul 11 14:05:35 2022
+++ D:\Desktop\ReVanced\Spoof\res\values\strings.xml	Mon Jul 11 14:11:26 2022
@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
+    <string name="fake_signature">30820252308201bb02044934987e300d06092a864886f70d01010405003070310b3009060355040613025553310b3009060355040813024341311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c652c20496e6331143012060355040b130b476f6f676c652c20496e633110300e06035504031307556e6b6e6f776e301e170d3038313230323032303735385a170d3336303431393032303735385a3070310b3009060355040613025553310b3009060355040813024341311630140603550407130d4d6f756e7461696e205669657731143012060355040a130b476f6f676c652c20496e6331143012060355040b130b476f6f676c652c20496e633110300e06035504031307556e6b6e6f776e30819f300d06092a864886f70d010101050003818d00308189028181009f48031990f9b14726384e0453d18f8c0bbf8dc77b2504a4b1207c4c6c44babc00adc6610fa6b6ab2da80e33f2eef16b26a3f6b85b9afaca909ffbbeb3f4c94f7e8122a798e0eba75ced3dd229fa7365f41516415aa9c1617dd583ce19bae8a0bbd885fc17a9b4bd2640805121aadb9377deb40013381418882ec52282fc580d0203010001300d06092a864886f70d0101040500038181004086669ed631da4384ddd061d226e073b98cc4b99df8b5e4be9e3cbe97501e83df1c6fa959c0ce605c4fd2ac6d1c84cede20476cbab19be8f2203aff7717ad652d8fcc890708d1216da84457592649e0e9d3c4bb4cf58da19db1d4fc41bcb9584f64e65f410d0529fd5b68838c141d0a9bd1db1191cb2a0df790ea0cb12db3a4</string>
     <string name="CronetProviderClassName">com.google.android.gms.net.PlayServicesCronetProvider</string>
     <string name="a11y_new_effect_available_indicator">New effect is available</string>
     <string name="a11y_new_effect_indicator">new effect</string>

[oSumAtrIX]

Yes, and a patch for that is very simple to do. In fact the CLI does technically not differ between root or non root. That said, you simply create a signature-spoof patch, include it in the cli, use the mount variant which skips signing or use the regular one if you want to sign it and do not deploy to your device via -d. This will produce an apk without the pkg name changed, the sig spoofed and the apk signed or unsigned at your choice.

[polkaulfield]

Could we get that patch implemented? I'll try to write it myself otherwise, but i tried doing it manually like @Vavun said and the app seems to launch but closes afterwards. The signature spoof permission doesn't even pop-up. Using apktool compiled from git. Thanks guys.

[oSumAtrIX]

Feel free to write a patch for it.

[polkaulfield]

@Vavun can you test this patch i made? (polkaulfield/revanced-patches@13b9e61)