Android Signature mechanism---signing process

Great God article: http://blog.csdn.net/jiangwei0910410003/article/details/50402000

First, the Knowledge point

1. Data Digest (data fingerprint), signature file, certificate file

2. Jarsign tool signature and signapk tool signature

3. keystore file and Pk8 file, X509.pem file relationship

4, how to manually sign the APK

Second, the premise

First look at the data summary, signature files, knowledge points of the certificate file

1. Data summary

This knowledge point is very good understanding, Baidu Encyclopedia can, in fact, he is an algorithm, is to a data source after an algorithm to get a digest, also known as data fingerprint, different data sources, data fingerprint affirmation is not the same, and people like.

Message digest algorithm (Messages Digest algorithm) is a kind of algorithm that can produce special output format, its principle is to make some kind of information extraction from raw data according to certain operation rules, the extracted information is called the Message Digest of raw data.
The famous digest algorithm has RSA Company's MD5 algorithm and SHA-1 algorithm and its large number of variants.
The main features of the message digest are:
1) Regardless of how long the message is entered, the length of the computed message digest is always fixed. For example, the message with the MD5 algorithm digest has 128 bits, and the message with the SHA-1 algorithm Digest eventually has a 160 bit output.
2) in general (without considering collisions), as long as the original data entered is different, the summary of the message generated after the digest will also have to be different, even if the original data slightly changed, the output message digest will be completely distinct. However, the same input must produce the same output.
3) has irreversibility, that is, only forward information digest, and can not recover from the digest of any original message.

2. Signature files and certificates

Signature files and certificates are in pairs, the two are inseparable, and we can see through the source code, the names of the two files are the same, but the suffix is not the same name.

In fact, the concept of digital signature is very simple. As you know, there are two issues that must be addressed to ensure reliable communication: first of all, to make sure that the source of the message is indeed the person it affirms, and secondly, to ensure that the information is not tampered with by a third party in the process of transmission, even if it is tampered with, it can be discovered.
The so-called digital signature, is to solve these two problems, it is the previously mentioned asymmetric encryption technology and Digital Digest technology, a specific application.
For the sender of the message, a pair of public private key pairs are generated first, and the public key is given to the recipient of the message.
If the sender of the message wants to send a message to the message recipient one day, add another message in the message, in addition to the original message. This message is generated in the following two steps:
1) Extract the message digest for the original message to be sent;
2) The extracted information digest is encrypted with its own private key.
The message obtained through these two steps is the so-called digital signature of the original information.
For the recipient of the information, the information he receives will contain two parts, one is the original message content, and the other is the additional digital signature. He will verify the authenticity of the message by following three steps:
1) Extract the message digest from the original message section, note that the message digest algorithm used here is consistent with the sender;
2) on the additional digital signature, using the pre-obtained public key decryption;
3) Compare the two messages received in the previous two steps. If consistent, the message is indeed sent by the intended sender, and the content has not been tampered with, and conversely, if it is inconsistent, there must be a problem in the delivery process, the message is not trustworthy.
Through this so-called digital signature technology, it is really possible to effectively solve the problem of reliable communication. If the original message was tampered with during the transfer, then the digest of the message that was tampered with is definitely not the same as the original one at the message receiver. Also, because the tamper does not have the private key of the sender of the message, even if he can recalculate the digest of the tampered message, it cannot forge a digital signature.
So, to sum up, the digital signature is only the sender of information can be produced by others can not forge a string of numbers, this string is also the sender of information to send information authenticity of a valid proof.
Do not know that everyone has noticed that the above-mentioned digital signature method, there is a premise that the recipient of the message must be in advance to obtain the correct public key. If a public key is tampered with at first, the villain will be treated as a good person, and the message sent to you by the real sender will be considered invalid. Moreover, many times there is no information channel to communicate the public key beforehand. So how to ensure the security of public key credibility? This depends on the digital certificate to solve.
The so-called digital certificate, generally contains the following content:
Issuing authority for certificates (Issuer)
Validity period of the certificate (validity)
The public key of the message sender
Certificate owner (Subject)
Algorithms used for digital signatures
Digital signatures
It can be seen that digital certificates in fact also used digital signature technology. Only the content to be signed is the public key of the sender of the message, along with some other information. But unlike the ordinary digital signature, the signer in the digital certificate is not an ordinary institution, but a certain public trust institution. It's like your college diploma is usually signed by a respected headmaster. In general, the root certificates of these credible institutions have been pre-installed on your device before they are shipped to the factory. Therefore, the digital certificate can ensure that the public key in the digital certificate is indeed the owner of the certificate, or the certificate can be used to confirm the identity of the other. Digital certificates are mainly used to solve the problem of public key security issue.
In summary, the general flow of digital signature and signature verification is as follows:

3, Jarsign and signapk tools

Once you know the knowledge points for the three files in your signature, continue to look at the two tools signed in Android: Jarsign and signapk

It's easy to confuse the two tools when they start, and what's the difference between them?

In fact, these two tools are well understood, Jarsign is a Java native comes with a tool, he can sign the jar. And signapk is behind the special for Android app apk signature tool, their two signature algorithm is not different, mainly the signature when using the file is not the same, this will lead to a third problem.

4. Difference between KeyStore file and Pk8,x509.pem file

We have learned that Jarsign and signapk two tools can be signed in Android, then they differ in the signature when using a different file

The Jarsign tool is signed with a KeyStore file

The SIGNAPK tool is signed with a PK8,X509.PEM file

Third, the signature of the detailed

After signing the APK will be more out, MANIFEST. MF, XXXX. DSA (DSA is a cryptographic algorithm, different encryption algorithm suffix different), xxxxxx.sf.

1. Put the APK in addition to the above three files are SHA-1 algorithm, get summary information and then encode with Base64 after writing MANIFEST.MF file.

2.xxx. SF made:

1 "Calculates the overall SHA1 value of this MANIFEST.MF file, and after BASE64 encoding, it is recorded under the" Sha1-digest-manifest "attribute value of the CERT.SF main attribute block (on the file header)

2 "The SHA1 of each block in the MANIFEST.MF file is calculated, and after BASE64 encoding, the name of the property is recorded in the CERT.SF block of the name" Sha1-digest

3.xxxxx. DSA is a certificate

As we can see, here will be the CERT generated earlier. SF file, the signature is computed with the private key , and the signature and the digital certificate containing the public key information are written to CERT. Saved in RSA . CERT. RSA is a file that satisfies the PKCS7 format.

Iv. Why do we have to sign this?

Above we introduced the signature apk after the three files of the details, then the following to summarize, Android in this way to encrypt the signature, such party encryption is the most secure? Let's examine what happens if the apk file is tampered with.

First of all, if you change the APK package of any files, then the APK installation check, the changed file summary information and MANIFEST.MF test information is different, so the verification failed, the program will not be installed successfully.
Second, if you work out a new summary value for the changed files, and then change the corresponding attribute values in the MANIFEST.MF file, the validation fails because it must be different from the digest value calculated in the cert.sf file.
Finally, if you do not forget, continue to calculate the digest value of MANIFEST.MF, the corresponding change in the value of CERT.SF, then the digital signature value must be different from the Cert.rsa file record, or failure.
So can we continue to forge digital signatures? Not possible because there is no private key corresponding to the digital certificate.
Therefore, if the application that you want to repackage can be installed on your Android device, you must re-sign it.

From the above analysis can be drawn, as long as you modify any content in the APK, you must re-sign, or you will be prompted to install the failure, of course, there is no analysis, the following article will focus on why the installation failed to prompt.

Five, the knowledge point carding

1, data fingerprint, signature file, the meaning of the certificate file

1 "Data fingerprint is a data source to do SHA/MD5 algorithm, this value is unique

2 "Signature file technology is: Data fingerprint +rsa algorithm

3 "The certificate file contains public key information and other information

4 "After the Android signature, where SF is the signature file, RSA is the certificate file we can use OpenSSL to view the certificate information and public key information in the RSA file

2, we understand that there are two ways to sign in Android: Jarsigner and signapk The difference between the two ways:

1 "Jarsigner signature, need is KeyStore file, and signapk signature is Pk8,x509.pem file

2 Jarsigner after signing the SF and RSA filenames are keystore aliases by default, and the file name is fixed after signapk signature: CERT

3 "In Eclipse when we run the debug program, the default is the Jarsigner method signed, with the system default Debug.keystore signature file

4 "KeyStore file and Pk8,x509.pem file can be converted to each other

Android Signature mechanism---signing process