android签名相关

Android签名机制

jarsigner -verify -verbose my-app.apk

Basic usage:
unzip ../knox/other-app/my-app.apk
ls META-INF

META-INF/xxx.MF
just a sha1-digest of all files
sha1sum res/layout/public_simple_dropdown_item.xml | \
cut -d ' ' -f 1 | \
xxd -r -p | \
base64

META-INF/xxx.SF
sed -n 4,6p META-INF/xxx.MF | sha1sum | xxd -r -p | base64

META-INF/xxx.RSA
includes a certificate & an encrypted hash value of SF
get certificate:
openssl pkcs7 -inform DER -in META-INF/xxx.RSA -noout -print_certs -text
check SEAndroid mac_permissions.xml
openssl x509 -inform DER -in <(grep -m 1 signer ../knox/config/mac_permissions.xml | cut -d '"' -f 2 | xxd -r -p) -noout -text

deep analysis
??pkcs7, DER, relation of SF and RSA??

pkcs7 - Cryptographic Message Syntax, pkcs is a group of public-key cryptography standards devised and published by RSA Security Inc., starting in the early 1990s.

pkcs7 is defined in RFC 2315.

DER - ASN.1, BER/CER/DER

Conquer! Dump it!
openssl asn1parse -inform DER -in META-INF/xxx.RSA -i

Conquer!! verify it! Relation of RSA and SF
#get encrypted
dd if=META-INF/xxx.RSA of=enc.bin skip=844 bs=1
#get certificate
openssl pkcs7 -inform DER -in META-INF/xxx.RSA -print_certs -out VENDOR.certs
# get public key
openssl x509 -pubkey -in VENDOR.certs -noout >VENDOR.pub
# use public key to verify encrypted text
openssl rsautl -verify -inkey VENDOR.pub -pubin -in enc.bin >dec.bin
# dump encrypted
openssl asn1parse -inform DER -in dec.bin -i
# verify
md5sum META-INF/VENDOR.SF

Conquer!!!signature in certificate
dd if=META-INF/VENDOR.RSA of=./VENDOR.certs.body2 skip=63 bs=1
 count=433
dd if=META-INF/VENDOR.RSA of=./VENDOR.certs.sign2 bs=1 skip=516 count=256
--- or ----
tail -n +4 VENDOR.certs | head -n -2 > VENDOR.certs.pure
openssl asn1parse -inform PEM -in VENDOR.certs.pure -strparse 4 -out VENDOR.certs.body -noout
openssl asn1parse -in ./VENDOR.certs.pure -strparse 452 -out VENDOR.certs.sign -noout
------------
openssl dgst -sha256 -verify ./VENDOR.pub -signature ./VENDOR.certs.sign ./VENDOR.certs.body

------------
aosp/build/target/product/security/{platform,media,shared,testkey}.{pk8,x509.pem}
# convert pkcs8 format binary key to PEM
$ openssl pkcs8 -inform DER -nocrypt -in platform.pk8 -out platform.pem
# create pkcs12 file that includes both the private key and certificate
$ openssl pkcs12 -export -in platform.x509.pem -inkey platform.pem -out platform.p12 -password pass:android -name platform
# since Java's keytool can read pkcs12 files as keystore, it can convert pkcs12 file to native format (BKS or JKS)
$ keytool -importkeystore -deststorepass android -destkeystore test.keystore -srckeystore platform.p12 -srcstoretype PKCS12 -srcstorepass android
# bonus: use keytool to list the contents
$ keytool -list -v -keystore test.keystore