Android signature mechanism

Android signature mechanism

1. How to sign an APK

(1) create a digital certificate, android123.keystore

 

Keytool-genkey-alias android123.keystore-keyalg RSA-validity 20000-keystore android123.keystore

Keytool is a built-in certificate tool for Java JDK.

-Genkey parameter: generate a certificate (security certificate for copyright and Identity Recognition)

-The alias parameter indicates that the certificate has an alias.-alias android123.keystore indicates that the certificate alias is android123.keystore.

-Keyalg RSA indicates the encryption type, and RSA indicates that encryption is required to prevent theft by others.

-Validity 20000 indicates the validity period of 20000 days.

-Keystore android123.keystore indicates that the certificate name to be generated is android123.keystore.

Enter key password

(RETURN if same as keystore password): Press ENTER

The generated digital certificate android123.keystore contains an asymmetric encryption private key, public key, and certificate.

 

(2) Use a digital certificate for signature

Jarsigner-verbose-keystore android123.keystore-signedjar test_signed.apk test.apk android123.keystore
Jarsigner is a Java signature tool.
-Verbose parameter indicates that the signature details are displayed.
-Keystore: Use android123.keystore in the current directory to sign the certificate file.
-Signedjar test_signed.apk?generated after the signature, test.apk indicates the unsigned APK Android software, and android. keystore indicates the alias

 

(3), the signature generated after the META-INT folder, which contains the file is as follows:

Through these three files, we will understand what jarsigner has done in step 2. Let's first look at MANIFEST. MF, as shown below:

 

Manifest-Version: 1.0Created-By: 1.0 (Android)Name: res/raw/aes.luaSHA1-Digest: M2O7Kjh31bRSTSaX9Kxeg9+r8t0=Name: AndroidManifest.xmlSHA1-Digest: gJSLROnRQjVNfuSf9ZLQ/jcfjCQ=Name: lib/armeabi-v7a/libuencrypt.soSHA1-Digest: 60nq3GlIOFjA2qQwpD0GHF0B+fs=Name: assets/aes.luaSHA1-Digest: M2O7Kjh31bRSTSaX9Kxeg9+r8t0=Name: res/drawable-hdpi-v4/ic_launcher.pngSHA1-Digest: Nq8q3HeTluE5JNCBpVvNy3BXtJI=Name: res/layout/activity_main.xmlSHA1-Digest: 29xFOv25tmFws/fZywW1pnKb0/0=Name: res/layout/lv_item.xmlSHA1-Digest: n+ABu8eXc8sgsr/koDg/u1UIHsk=Name: res/drawable-mdpi-v4/ic_launcher.pngSHA1-Digest: RRxOSvpmhVfCwiprVV/wZlaqQpw=Name: res/menu/main.xmlSHA1-Digest: FwPQ14VCI33UrtPR12pUamCNBtI=Name: lib/armeabi-v7a/libalgms.soSHA1-Digest: l6EtvZsMbYZLCRF/ym+gDCbb66A=Name: res/layout/gv_item.xmlSHA1-Digest: zJG1Od3RKnHgvtNspfJoL3Gjl9c=Name: res/drawable-xhdpi-v4/ic_launcher.pngSHA1-Digest: AfPh3OJoypH966MludSW6f1RHg4=Name: lib/armeabi/libluajava.soSHA1-Digest: hEXHJ2RO/N4HG7HpkvNLpwkezx8=Name: resources.arscSHA1-Digest: xvke7fWkq3vTndO6GxJygC191Io=Name: lib/armeabi-v7a/libluajava.soSHA1-Digest: G1oHj8pHfhE6cTmiIIyLf7q3g5I=Name: res/layout/notify.xmlSHA1-Digest: cwi7OQR/TBBCikvfrG1mWb/7aQ8=Name: classes.dexSHA1-Digest: ZFp/aGRiQlOrGaeCybupky6xL9w=Name: res/drawable-xxhdpi-v4/ic_launcher.pngSHA1-Digest: GVIfdEOBv4gEny2T1jDhGGsZOBo=Name: lib/armeabi/libalgms.soSHA1-Digest: sThUrFV9sUiv9GDot0L92RkYBPs=Name: lib/armeabi/libuencrypt.soSHA1-Digest: 60nq3GlIOFjA2qQwpD0GHF0B+fs=

 

It contains the Hash values for resources in all apk files.

Let's look at CERT. SF again, as shown below:

 

Signature-Version: 1.0SHA1-Digest-Manifest: rpk81cwms7B69LRe8+DWDOXsXh4=Created-By: 1.0 (Android)Name: res/raw/aes.luaSHA1-Digest: 328J86FdzrMHCGbJ9zgSIL66Vhg=Name: AndroidManifest.xmlSHA1-Digest: 5FgYlUZJI5rg9CliE7aY0lJvQeA=Name: lib/armeabi-v7a/libuencrypt.soSHA1-Digest: c4LKMukodajHJes+c40iIKVR5Mc=Name: assets/aes.luaSHA1-Digest: bxsaWYSVcIxoulpdWPfY0BV2PiQ=Name: res/drawable-hdpi-v4/ic_launcher.pngSHA1-Digest: nVLQ/wUjf9D4KSB2I7WqoHR14JY=Name: res/layout/activity_main.xmlSHA1-Digest: JW6OyAas5Wk9A3gkVFXQfnW5/xM=Name: res/layout/lv_item.xmlSHA1-Digest: dNWFJFprP0T6rcGEzItXC7wCYkM=Name: res/drawable-mdpi-v4/ic_launcher.pngSHA1-Digest: NBFXy1maYHW4TAiVCw6R9+EBNqI=Name: res/menu/main.xmlSHA1-Digest: OKnRLZ88PSIyuOBi7mLTP2st5qo=Name: lib/armeabi-v7a/libalgms.soSHA1-Digest: FtY/V2plAUjgAuML1e13WkbAlv4=Name: res/layout/gv_item.xmlSHA1-Digest: dkF+JesLgH0dGCDQ3n8xB5x27/c=Name: res/drawable-xhdpi-v4/ic_launcher.pngSHA1-Digest: qLB+xSuTsdod1eS2aPJel/A5PvE=Name: lib/armeabi/libluajava.soSHA1-Digest: s4qgp8flPTMEZkF8z5QutBgFxrM=Name: resources.arscSHA1-Digest: 541ycGJWJPTgwVyrgsxvB8pjjCM=Name: lib/armeabi-v7a/libluajava.soSHA1-Digest: Ef0wS9E2VVNlCobz+Rfus6H98sQ=Name: res/layout/notify.xmlSHA1-Digest: ioOWjUP2Gg9EEwhuElzwisdCR6I=Name: classes.dexSHA1-Digest: K7z+duqJFBCe/hMgJWJQrzmLwxE=Name: res/drawable-xxhdpi-v4/ic_launcher.pngSHA1-Digest: W7nSszMeL1x0eIt3K2CoCIHU6Qg=Name: lib/armeabi/libalgms.soSHA1-Digest: +F1sBBeuDvU3e9uqpFyvdOSdQAE=Name: lib/armeabi/libuencrypt.soSHA1-Digest: JToW2wKlog94dVZeNv3cGOC3CwA=

First, the Hash value of MANIFEST. MF is stored in the SHA1-Digest-Manifest, and then the Hash value of MANIFEST. MF is obtained again.

 

Finally, let's take a look at CERT. RSA, which is a binary file. Only specific tools can be used to read the content. Refer to extracting certificates from CERT. RSA.

The read content is as follows. refer to the detailed analysis of Android signature and authentication II (CERT. RSA analysis), for example:

 

Let's first look at the encrypted Hash value in the last step. This is the result of obtaining the Hash value for the CERT. SF file and then encrypting it with the private key.

Let's look up the key. The key here refers to a non-symmetric encryption public key. This file does not store symmetric encryption private keys.

CERT. RSA also saves the issuer name and subject name, effective date and end date waiting.

After learning about the content of the three files, we also know what jarsigner has done.

 

2. Functions of Signature

(1) ensure content integrity

When installing the APK, calculate the Hash value and MANIFEST of each resource in the APK. the Hash values in MF are compared. If the values are successful, the MANIFEST is calculated. the Hash value of the MF file and CERT. the Hash value of SF is compared. If the Hash value is successful, use the public key to decrypt the CERT. the encrypted Hash value of RSA is then matched with that of CERT. the Hash value obtained from the SF file is compared. If the value is successful, the verification is successful.

If the code is maliciously modified, then the MANIFEST is maliciously modified. the Hash value corresponding to the MF, and then maliciously modify the CERT. the Hash value of SF, but the CERT cannot be modified. the Hash value in RSA, because there is no private key.

1) if the current APK is tampered with, directly put it into the mobile phone for running, the first step is to calculate the Hash value of each resource in the APK and MANIFEST. the Hash value in MF is compared, and this step is Failed.

2) if the current APK is tampered with and re-signed, because the system originally had an apk with the same package name, it is found that it is inconsistent with the public key of the original signature and is directly reject. Unless the original application is deleted, a new application is installed.

(2) shareUid

If the two applications are shareUid, the two applications can access the private directories of the other application, which causes security risks. If it is 360, QQ, and sharedUid, 360 can access private data in the QQ directory (/data/com. tencent. Therefore, we stipulate that the two shardUid applications must use the same private key for signature. In CERT. RSA, the Public Key is consistent.