Yeah, I did some poking around in a small apk and that's what I'd found. Just hadn't gotten around to coming back and reporting on it. (Kinda want to do a little more research, just to satisfy my own curiosity.)
On Oct 8, 5:19 pm, Dianne Hackborn <[email protected]> wrote: > An .apk is a super-set of a .jar, and uses the standard Java certificate and > signing mechanisms in a .jar. If you are concerned about this being > broken... well, not sure what to say. :} > > > > On Fri, Oct 8, 2010 at 6:00 AM, DanH <[email protected]> wrote: > > I may have misinterpreted. Presumably there's a checksum of the APK > > data in the signed certificate. I would assume (hope) that's a > > cryptographically strong checksum. (If not, the entire Android > > platform is in jeopardy.) > > > If one wants a sure "signature" (in a generic sense) that uniquely and > > reliably identifies a SPECIFIC version of code, that cryptographic > > checksum would be what you want (though I don't know how you'd access > > that). Otherwise, the public key (which Diane has finally explained > > is what the package "signature" is) is a secure, reliable way to > > identify the publisher (and, with the package name, the specific app > > (though not it's version)). > > > There's no point in creating a separate CRC32 over the app, to use as > > an identity to send back to a server or whatever. > > > On Oct 8, 6:21 am, Mark Murphy <[email protected]> wrote: > > > What CRC32 checksum? > > > > Trevor Johns, in a discussion of LVL, offered up CRC32 as a means of > > > helping detect tampering, but that was simply an example. Otherwise, I > > > am coming up with zero references to the use of CRC32 with respect to > > > APKs. > > > > Do you have a pointer to somewhere in the open source code where they > > > are using a CRC32 checksum in this fashion? > > > > Thanks! > > > > On Fri, Oct 8, 2010 at 7:12 AM, DanH <[email protected]> wrote: > > > > What I mean is that if the bad actor can manipulate the apk bytes > > > > while still maintaining the same checksum, then the whole scheme is > > > > insecure -- there's no point in having it signed. A CRC32 checksum is > > > > easily spoofed -- the apk bytes need to be checksummed with a > > > > cryptographic checksum of some sort. > > > > -- > > > Mark Murphy (a Commons Guy)http://commonsware.com| > >http://github.com/commonsguyhttp://commonsware.com/blog|http://twitter.com/commonsguy > > > > Warescription: Three Android Books, Plus Updates, One Low Price! > > > -- > > You received this message because you are subscribed to the Google > > Groups "Android Developers" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected]<android-developers%[email protected]> > > For more options, visit this group at > >http://groups.google.com/group/android-developers?hl=en > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
