本文是小编为大家收集整理的关于我可以指定apksigner使用的摘要算法吗?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。
问题描述
由于最近的SHA1碰撞新闻,我希望确保SHA1在我的APK签名中不再使用.但是我找不到 apksigner .
有没有办法指定(直接或间接)摘要算法apksigner使用?
(在SDK 24之前,Android使用Java的jarsigner标识APK,它具有如-sigalg SHA1withRSA -digestalg SHA1)的选项
更新:正如Alex所提到的那样,我发现如何为 sha1碰撞和Android APK签名
推荐答案
不是直接的. apksigner尝试仅使用安全的摘要和签名算法,但它在由签名的APK支持的签名密钥(大小,算法)和Android平台版本中施加的约束中.特别是,对于JAR签名,apksigner默认使用SHA-256或更强,但仅适用于仅支持API级别18或更新的APK(如AndroidManifest.xml中所示).在早期平台上运行的APK必须使用SHA-1,因为这些早期的平台不支持使用SHA-256或更强大的验证APK.对于APK签名方案V2签名,仅使用SHA-256或更强,因为此签名方案甚至不支持SHA-1.
如果您想要使用SHA-256签署APK,您可以:
- 将APK的minSdkVersion设置为18或更高,但这将使Android平台具有API级别17,并在安装时拒绝APK.
- 在--min-sdk-version=18中传递到apksigner,但这将使Android平台与API级别17中的API级别和拒绝在安装时拒绝APK.
- 仅使用APK签名方案V2签署APK,通过将--v1-signing-enabled=false传递到apksigner,但这将使Android平台具有API级别23,并在安装时拒绝APK.
p. S.即使您使用仅使用SHA-256切换到签名APKS,Android仍将接受您的包名称和签名证书,与SHA-1或MD5签名.因此,根据您的威胁模型,您可能需要切换到从未与SHA-1或较弱的摘要算法一起使用的新签名键.这不仅适用于实际加密签名中使用的摘要算法,还用于.SF和MANIFEST.MF文件中使用的摘要算法.
问题描述
Due to recent SHA1-collision news, I want to ensure that SHA1 is no longer used in my apk signing. However I cannot find a parameter in apksigner.
Is there a way to specify (either direct or indirect) the digest algorithm apksigner uses?
(Before SDK 24, Android used java's jarsigner to sign apk, which has options like -sigalg SHA1withRSA -digestalg SHA1)
Update: as Alex mentioned, I found how apksigner determine signature algorithm for scheme v1 in V1SchemeSigner.java.
In short, apksigner determine it from minimumSDK and key type of certificate.
- SHA256withRSA for minimum SDK 18 (Android 4.3) and up
- SHA256withDSA for minimum SDK 21 (Android 5.0) and up
- SHA256withEC for minimum SDK 18 and up
- SHA1with* for lower minimum SDK levels
This is a FAQ I wrote for memo: SHA1 Collision and Android APK Signing.
推荐答案
Not directly. apksigner attempts to use only secure digests and signing algorithms, but it does that within the constraints imposed by your signing key (size, algorithm) and Android platform versions supported by the APK being signed. In particular, for JAR signatures, apksigner uses SHA-256 or stronger by default, but only for APKs which support only API Level 18 or newer (as declared in minSdkVersion in their AndroidManifest.xml). APKs which run on earlier platforms must use SHA-1 because these earlier platforms don't support verifying APKs using SHA-256 or stronger. For APK Signature Scheme v2 signature, only SHA-256 or stronger is used, because this signature scheme does not even support SHA-1.
If you want apksigner to sign your APK with SHA-256, you can:
- Set the APK's minSdkVersion to 18 or higher, but this will make Android platforms with API Level 17 and lower reject the APK at install time.
- Pass in --min-sdk-version=18 to apksigner, but this will make Android platforms with API Level 17 and lower reject the APK at install time.
- Sign the APK only with APK Signature Scheme v2, by passing in --v1-signing-enabled=false to apksigner, but this will make Android platforms with API Level 23 and lower reject the APK at install time.
P. S. Even if you switched to signing your APKs using only SHA-256, Android will still accept APKs with your package name and signing cert, signed with SHA-1 or MD5. So, depending on your threat model, you may need to switch to new signing keys which have never been used with SHA-1 or weaker digest algorithms. And this is not only for the digest algorithm used in the actual cryptographic signature, but also for the digest algorithms used in .SF and MANIFEST.MF files.
更多相关问答
联系站长