在无锡下载的美团众包不培训只能50在山东能用吗
点击联系发帖人
时间:2017-08-21 21:47
15771人阅读
Android(155)
一、前言今天是元旦,也是Single Dog的嚎叫之日,只能写博客来祛除寂寞了,今天我们继续来看一下Android中的签名机制的姊妹篇:Android中是如何验证一个Apk的签名。在前一篇文章中我们介绍了,Android中是如何对程序进行签名的,不了解的同学可以转战:当然在了解我们今天说到的知识点,这篇文章也是需要了解的,不然会有些知识点有些困惑的。二、知识摘要在我们没有开始这篇文章之前,我们回顾一下之前说到的签名机制流程:1、对Apk中的每个文件做一次算法(数据摘要+Base64编码),保存到MANIFEST.MF文件中2、对MANIFEST.MF整个文件做一次算法(数据摘要+Base64编码),存放到CERT.SF文件的头属性中,在对MANIFEST.MF文件中各个属性块做一次算法(数据摘要+Base64编码),存到到一个属性块中。3、对CERT.SF文件做签名,内容存档到CERT.RSA中所以通过上面的流程可以知道,我们今天来验证签名流程也是这三个步骤三、代码分析我们既然要了解Android中的应用程序的签名验证过程的话,那么我们肯定需要从一个类来开始看起,那就是PackageManagerService.java,因为这个类是Apk在安装的过程中核心类:frameworks\base\services\core\java\com\android\server\pm\PackageManagerService.javaprivate void installPackageLI(InstallArgs args, PackageInstalledInfo res) {
PackageParser pp = new PackageParser();
pp.collectCertificates(pkg, parseFlags);
pp.collectManifestDigest(pkg);
} catch (PackageParserException e) {
res.setError(&Failed collect during installPackageLI&, e);
……我们可以看到,有一个核心类:PackageParserframeworks\base\core\java\android\content\pm\PackageParser.java这个类也是见名知意,就是需要解析Apk包,那么就会涉及到签名信息了,下面我们就从这个类开始入手:import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_MANIFEST;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_CERTIFICATE_ENCODING;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NOT_APK;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION;我们看到了几个我们很熟悉的信息:import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES;这个是在安装apk包的时候出现的错误,没有证书:那么我们就先来查找一下这个字段:private static void collectCertificates(Package pkg, File apkFile, int flags)
throws PackageParserException {
final String apkPath = apkFile.getAbsolutePath();
StrictJarFile jarFile =
jarFile = new StrictJarFile(apkPath);
// Always verify manifest, regardless of source
final ZipEntry manifestEntry = jarFile.findEntry(ANDROID_MANIFEST_FILENAME);
if (manifestEntry == null) {
throw new PackageParserException(INSTALL_PARSE_FAILED_BAD_MANIFEST,
&Package & + apkPath + & has no manifest&);
final List&ZipEntry& toVerify = new ArrayList&&();
toVerify.add(manifestEntry);
// If we're parsing an untrusted package, verify all contents
if ((flags & PARSE_IS_SYSTEM) == 0) {
final Iterator&ZipEntry& i = jarFile.iterator();
while (i.hasNext()) {
final ZipEntry entry = i.next();
if (entry.isDirectory())
if (entry.getName().startsWith(&META-INF/&))
if (entry.getName().equals(ANDROID_MANIFEST_FILENAME))
toVerify.add(entry);
// Verify that entries are signed consistently with the first entry
// we encountered. Note that for splits, certificates may have
// already been populated during an earlier parse of a base APK.
for (ZipEntry entry : toVerify) {
final Certificate[][] entryCerts = loadCertificates(jarFile, entry);
if (ArrayUtils.isEmpty(entryCerts)) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Package & + apkPath + & has no certificates at entry &
+ entry.getName());
final Signature[] entrySignatures = convertToSignatures(entryCerts);
if (pkg.mCertificates == null) {
pkg.mCertificates = entryC
pkg.mSignatures = entryS
pkg.mSigningKeys = new ArraySet&PublicKey&();
for (int i=0; i & entryCerts. i++) {
pkg.mSigningKeys.add(entryCerts[i][0].getPublicKey());
if (!Signature.areExactMatch(pkg.mSignatures, entrySignatures)) {
throw new PackageParserException(
INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES, &Package & + apkPath
+ & has mismatched certificates at entry &
+ entry.getName());
} catch (GeneralSecurityException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_CERTIFICATE_ENCODING,
&Failed to collect certificates from & + apkPath, e);
} catch (IOException | RuntimeException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Failed to collect certificates from & + apkPath, e);
} finally {
closeQuietly(jarFile);
}这里看到了,当有异常的时候就会提示这个信息,我们在跟进去看看:// Verify that entries are signed consistently with the first entry
// we encountered. Note that for splits, certificates may have
// already been populated during an earlier parse of a base APK.
for (ZipEntry entry : toVerify) {
final Certificate[][] entryCerts = loadCertificates(jarFile, entry);
if (ArrayUtils.isEmpty(entryCerts)) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Package & + apkPath + & has no certificates at entry &
+ entry.getName());
final Signature[] entrySignatures = convertToSignatures(entryCerts);
if (pkg.mCertificates == null) {
pkg.mCertificates = entryC
pkg.mSignatures = entryS
pkg.mSigningKeys = new ArraySet&PublicKey&();
for (int i=0; i & entryCerts. i++) {
pkg.mSigningKeys.add(entryCerts[i][0].getPublicKey());
if (!Signature.areExactMatch(pkg.mSignatures, entrySignatures)) {
throw new PackageParserException(
INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES, &Package & + apkPath
+ & has mismatched certificates at entry &
+ entry.getName());
}这里有一个重要的方法:loadCertificatesprivate static Certificate[][] loadCertificates(StrictJarFile jarFile, ZipEntry entry)
throws PackageParserException {
InputStream is =
// We must read the stream for the JarEntry to retrieve
// its certificates.
is = jarFile.getInputStream(entry);
readFullyIgnoringContents(is);
return jarFile.getCertificateChains(entry);
} catch (IOException | RuntimeException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION,
&Failed reading & + entry.getName() + & in & + jarFile, e);
} finally {
IoUtils.closeQuietly(is);
}这个方法是加载证书内容的1、验证Apk中的每个文件的算法(数据摘要+Base64编码)和MANIFEST.MF文件中的对应属性块内容是否配对首先获取StrictJarFile文件中的InputStream对象StrictJarFile这个类:libcore\luni\src\main\java\java\util\jar\StrictJarFile.javapublic InputStream getInputStream(ZipEntry ze) {
final InputStream is = getZipInputStream(ze);
if (isSigned) {
JarVerifier.VerifierEntry entry = verifier.initEntry(ze.getName());
if (entry == null) {
return new JarFile.JarFileInputStream(is, ze.getSize(), entry);
}1》获取到VerifierEntry对象entry在JarVerifier.java:libcore\luni\src\main\java\java\util\jar\JarVerifier.javaVerifierEntry initEntry(String name) {
// If no manifest is present by the time an entry is found,
// verification cannot occur. If no signature files have
// been found, do not verify.
if (manifest == null || signatures.isEmpty()) {
Attributes attributes = manifest.getAttributes(name);
// entry has no digest
if (attributes == null) {
ArrayList&Certificate[]& certChains = new ArrayList&Certificate[]&();
Iterator&Map.Entry&String, HashMap&String, Attributes&&& it = signatures.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, HashMap&String, Attributes&& entry = it.next();
HashMap&String, Attributes& hm = entry.getValue();
if (hm.get(name) != null) {
// Found an entry for entry name in .SF file
String signatureFile = entry.getKey();
Certificate[] certChain = certificates.get(signatureFile);
if (certChain != null) {
certChains.add(certChain);
// entry is not signed
if (certChains.isEmpty()) {
Certificate[][] certChainsArray = certChains.toArray(new Certificate[certChains.size()][]);
for (int i = 0; i & DIGEST_ALGORITHMS. i++) {
final String algorithm = DIGEST_ALGORITHMS[i];
final String hash = attributes.getValue(algorithm + &-Digest&);
if (hash == null) {
byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
return new VerifierEntry(name, MessageDigest.getInstance(algorithm), hashBytes,
certChainsArray, verifiedEntries);
} catch (NoSuchAlgorithmException ignored) {
}就是构造一个VerifierEntry对象:/**
* Stores and a hash and a message digest and verifies that massage digest
* matches the hash.
static class VerifierEntry extends OutputStream {
private final S
private final MessageD
private final byte[]
private final Certificate[][] certC
private final Hashtable&String, Certificate[][]& verifiedE
VerifierEntry(String name, MessageDigest digest, byte[] hash,
Certificate[][] certChains, Hashtable&String, Certificate[][]& verifedEntries) {
this.name =
this.digest =
this.hash =
this.certChains = certC
this.verifiedEntries = verifedE
* Updates a digest with one byte.
public void write(int value) {
digest.update((byte) value);
* Updates a digest with byte array.
public void write(byte[] buf, int off, int nbytes) {
digest.update(buf, off, nbytes);
* Verifies that the digests stored in the manifest match the decrypted
* digests from the .SF file. This indicates the validity of the
* signing, not the integrity of the file, as its digest must be
* calculated and verified when its contents are read.
* @throws SecurityException
if the digest value stored in the manifest does &i¬&/i&
agree with the decrypted digest as recovered from the
&code&.SF&/code& file.
void verify() {
byte[] d = digest.digest();
if (!MessageDigest.isEqual(d, Base64.decode(hash))) {
throw invalidDigest(JarFile.MANIFEST_NAME, name, name);
verifiedEntries.put(name, certChains);
}要构造这个对象,必须事先准备好参数。第一个参数很简单,就是要验证的文件名,直接将name传进来就好了。第二个参数是计算摘要的对象,可以通过MessageDigest.getInstance获得,不过要先告知到底要用哪个摘要算法,同样也是通过查看MANIFEST.MF文件中对应名字的属性值来决定的:所以可以知道所用的摘要算法是SHA1。第三个参数是对应文件的摘要值,这是通过读取MANIFEST.MF文件获得的:第四个参数是证书链,即对该apk文件签名的所有证书链信息。为什么是二维数组呢?这是因为Android允许用多个证书对apk进行签名,但是它们的证书文件名必须不同,这个知识点,我在之前的一篇文章中:&中有提到。最后一个参数是已经验证过的文件列表,VerifierEntry在完成了对指定文件的摘要验证之后会将该文件的信息加到其中。2》再去JarFile的JarFileInputStream类中看看:static final class JarFileInputStream extends FilterInputStream {
private ZipEntry zipE
private JarVerifier.VerifierE
private boolean done =
JarFileInputStream(InputStream is, ZipEntry ze,
JarVerifier.VerifierEntry e) {
super(is);
zipEntry =
count = zipEntry.getSize();
public int read() throws IOException {
if (done) {
return -1;
if (count & 0) {
int r = super.read();
if (r != -1) {
entry.write(r);
count = 0;
if (count == 0) {
entry.verify();
entry.verify();
return -1;
public int read(byte[] buf, int off, int nbytes) throws IOException {
if (done) {
return -1;
if (count & 0) {
int r = super.read(buf, off, nbytes);
if (r != -1) {
int size =
if (count & size) {
size = (int)
entry.write(buf, off, size);
count = 0;
if (count == 0) {
entry.verify();
entry.verify();
return -1;
public int available() throws IOException {
if (done) {
return super.available();
public long skip(long byteCount) throws IOException {
return Streams.skipByReading(this, byteCount);
}3》PackageParser的readFullyIgnoringContents方法:public static long readFullyIgnoringContents(InputStream in) throws IOException {
byte[] buffer = sBuffer.getAndSet(null);
if (buffer == null) {
buffer = new byte[4096];
int n = 0;
int count = 0;
while ((n = in.read(buffer, 0, buffer.length)) != -1) {
sBuffer.set(buffer);
}得到第二步之后的一个InputStream对象,然后就开始read操作,这里我没发现什么猫腻,但是我们从第一件事做完之后可以发现,这里的InputStream对象其实是JarInputStream,所以我们可以去看一下他的read方法的实现:玄机原来在这里,这里的JarFileInputStream.read确实会调用其父类的read读取指定的apk内文件的内容,并且将其传给JarVerifier.VerifierEntry.write函数。当文件读完后,会接着调用JarVerifier.VerifierEntry.verify函数对其进行验证。JarVerifier.VerifierEntry.write函数非常简单:就是将读到的文件的内容传给digest,这个digest就是前面在构造JarVerifier.VerifierEntry传进来的,对应于在MANIFEST.MF文件中指定的摘要算法。万事具备,接下来想要验证就很简单了:通过digest就可以算出apk内指定文件的真实摘要值。而记录在MANIFEST.MF文件中对应该文件的摘要值,也在构造JarVerifier.VerifierEntry时传递给了hash变量。不过这个hash值是经过Base64编码的。所以在比较之前,必须通过Base64解码。如果不一致的话,会抛出SecurityException异常:private static SecurityException invalidDigest(String signatureFile, String name,
String jarName) {
throw new SecurityException(signatureFile + & has invalid digest for & + name +
& in & + jarName);
}到这里我们就分析了,Android中是如何验证MANIFEST.MF文件中的内容的,我们这里再来看一下,这里抛出异常出去:这里捕获到异常之后,会在抛异常出去:在这里就会抛出异常信息,所以如果我们修改了一个Apk中的一个文件内容的话,这里肯定是安装不上的。2、验证CERT.SF文件的签名信息和CERT.RSA中的内容是否一致1》我们就来看看StrictJarFile中的getCertificateChains方法:/**
* Return all certificate chains for a given {@link ZipEntry} belonging to this jar.
* This method MUST be called only after fully exhausting the InputStream belonging
* to this entry.
* Returns {@code null} if this jar file isn't signed or if this method is
* called before the stream is processed.
public Certificate[][] getCertificateChains(ZipEntry ze) {
if (isSigned) {
return verifier.getCertificateChains(ze.getName());
}这里有一个变量判断:isSigned,他是在构造方法中赋值的:public StrictJarFile(String fileName) throws IOException {
this.nativeHandle = nativeOpenJarFile(fileName);
this.raf = new RandomAccessFile(fileName, &r&);
// Read the MANIFEST and signature files up front and try to
// parse them. We never want to accept a JAR File with broken signatures
// or manifests, so it's best to throw as early as possible.
HashMap&String, byte[]& metaEntries = getMetaEntries();
this.manifest = new Manifest(metaEntries.get(JarFile.MANIFEST_NAME), true);
this.verifier = new JarVerifier(fileName, manifest, metaEntries);
isSigned = verifier.readCertificates() && verifier.isSignedJar();
} catch (IOException ioe) {
nativeClose(this.nativeHandle);
guard.open(&close&);
}去verifier中看看这两个方法:/**
* If the associated JAR file is signed, check on the validity of all of the
* known signatures.
* @return {@code true} if the associated JAR is signed and an internal
check verifies the validity of the signature(s). {@code false} if
the associated JAR file has no entries at all in its {@code
META-INF} directory. This situation is indicative of an invalid
Will also return {@code true} if the JAR file is &i¬&/i&
* @throws SecurityException
if the JAR file is signed and it is determined that a
signature block file contains an invalid signature for the
corresponding signature file.
synchronized boolean readCertificates() {
if (metaEntries.isEmpty()) {
Iterator&String& it = metaEntries.keySet().iterator();
while (it.hasNext()) {
String key = it.next();
if (key.endsWith(&.DSA&) || key.endsWith(&.RSA&) || key.endsWith(&.EC&)) {
verifyCertificate(key);
it.remove();
}这个方法其实很简单,就是判断metaEntries中是否为空,说白了,就是判断Apk中的META-INF文件夹中是否为空,只有文件就返回true。再来看看isSignedJar方法:/**
* Returns a &code&boolean&/code& indication of whether or not the
* associated jar file is signed.
* @return {@code true} if the JAR is signed, {@code false}
otherwise.
boolean isSignedJar() {
return certificates.size() & 0;
}这个方法直接判断certificates这个集合是否为空。我们全局搜索一下这个集合在哪里存入的数据的地方,找到了verifyCertificate方法,同时我们发现,在上面的readCertificates方法中,就调用了这个方法,其实这个方法就是读取证书信息的。下面来看一下verifyCertificate方法:/**
* @param certFile
private void verifyCertificate(String certFile) {
// Found Digital Sig, .SF should already have been read
String signatureFile = certFile.substring(0, certFile.lastIndexOf('.')) + &.SF&;
byte[] sfBytes = metaEntries.get(signatureFile);
if (sfBytes == null) {
byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);
// Manifest entry is required for any verifications.
if (manifestBytes == null) {
byte[] sBlockBytes = metaEntries.get(certFile);
Certificate[] signerCertChain = JarUtils.verifySignature(
new ByteArrayInputStream(sfBytes),
new ByteArrayInputStream(sBlockBytes));
if (signerCertChain != null) {
certificates.put(signatureFile, signerCertChain);
} catch (IOException e) {
} catch (GeneralSecurityException e) {
throw failedVerification(jarName, signatureFile);
// Verify manifest hash in .sf file
Attributes attributes = new Attributes();
HashMap&String, Attributes& entries = new HashMap&String, Attributes&();
ManifestReader im = new ManifestReader(sfBytes, attributes);
im.readEntries(entries, null);
} catch (IOException e) {
// Do we actually have any signatures to look at?
if (attributes.get(Attributes.Name.SIGNATURE_VERSION) == null) {
boolean createdBySigntool =
String createdBy = attributes.getValue(&Created-By&);
if (createdBy != null) {
createdBySigntool = createdBy.indexOf(&signtool&) != -1;
// Use .SF to verify the mainAttributes of the manifest
// If there is no -Digest-Manifest-Main-Attributes entry in .SF
// file, such as those created before java 1.5, then we ignore
// such verification.
if (mainAttributesEnd & 0 && !createdBySigntool) {
String digestAttribute = &-Digest-Manifest-Main-Attributes&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, mainAttributesEnd, false, true)) {
throw failedVerification(jarName, signatureFile);
// Use .SF to verify the whole manifest.
String digestAttribute = createdBySigntool ? &-Digest& : &-Digest-Manifest&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, manifestBytes.length, false, false)) {
Iterator&Map.Entry&String, Attributes&& it = entries.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, Attributes& entry = it.next();
Manifest.Chunk chunk = manifest.getChunk(entry.getKey());
if (chunk == null) {
if (!verify(entry.getValue(), &-Digest&, manifestBytes,
chunk.start, chunk.end, createdBySigntool, false)) {
throw invalidDigest(signatureFile, entry.getKey(), jarName);
metaEntries.put(signatureFile, null);
signatures.put(signatureFile, entries);
}2》获取证书信息,并且验证CERT.SF文件的签名信息和CERT.RSA中的内容是否一致。// Found Digital Sig, .SF should already have been read
String signatureFile = certFile.substring(0, certFile.lastIndexOf('.')) + &.SF&;
byte[] sfBytes = metaEntries.get(signatureFile);
if (sfBytes == null) {
byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);
// Manifest entry is required for any verifications.
if (manifestBytes == null) {
byte[] sBlockBytes = metaEntries.get(certFile);
Certificate[] signerCertChain = JarUtils.verifySignature(
new ByteArrayInputStream(sfBytes),
new ByteArrayInputStream(sBlockBytes));
if (signerCertChain != null) {
certificates.put(signatureFile, signerCertChain);
} catch (IOException e) {
} catch (GeneralSecurityException e) {
throw failedVerification(jarName, signatureFile);
}这里首先获取到,签名文件。我们在之前的一篇文章中说到了,签名文件和证书文件的名字是一样的。同时这里还调用了JarUtils类:libcore\luni\src\main\java\org\apache\harmony\security\utils\JarUtils.java中的verifySignature方法来获取证书,这里就不做太多的解释了,如何从一个RSA文件中获取证书,这样的代码网上也是有的,而且后面我会演示一下,如何获取。/**
* This method handle all the work with
PKCS7, ASN1 encoding, signature verifying,
* and certification path building.
* See also PKCS #7: Cryptographic Message Syntax Standard:
* http://www.ietf.org/rfc/rfc2315.txt
* @param signature - the input stream of signature file to be verified
* @param signatureBlock - the input stream of corresponding signature block file
* @return array of certificates used to verify the signature file
* @throws IOException - if some errors occurs during reading from the stream
* @throws GeneralSecurityException - if signature verification process fails
public static Certificate[] verifySignature(InputStream signature, InputStream
signatureBlock) throws IOException, GeneralSecurityException {
BerInputStream bis = new BerInputStream(signatureBlock);
ContentInfo info = (ContentInfo)ContentInfo.ASN1.decode(bis);
SignedData signedData = info.getSignedData();
if (signedData == null) {
throw new IOException(&No SignedData found&);
Collection&org.apache.harmony.security.x509.Certificate& encCerts
= signedData.getCertificates();
if (encCerts.isEmpty()) {
X509Certificate[] certs = new X509Certificate[encCerts.size()];
int i = 0;
for (org.apache.harmony.security.x509.Certificate encCert : encCerts) {
certs[i++] = new X509CertImpl(encCert);
List&SignerInfo& sigInfos = signedData.getSignerInfos();
SignerInfo sigI
if (!sigInfos.isEmpty()) {
sigInfo = sigInfos.get(0);
X500Principal issuer = sigInfo.getIssuer();
// Certificate serial number
BigInteger snum = sigInfo.getSerialNumber();
// Locate the certificate
int issuerSertIndex = 0;
for (i = 0; i & certs. i++) {
if (issuer.equals(certs[i].getIssuerDN()) &&
snum.equals(certs[i].getSerialNumber())) {
issuerSertIndex =
if (i == certs.length) { // No issuer certificate found
if (certs[issuerSertIndex].hasUnsupportedCriticalExtension()) {
throw new SecurityException(&Can not recognize a critical extension&);
// Get Signature instance
Signature sig =
String da = sigInfo.getDigestAlgorithm();
String dea = sigInfo.getDigestEncryptionAlgorithm();
String alg =
if (da != null && dea != null) {
alg = da + &with& +
sig = Signature.getInstance(alg, OpenSSLProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {}
if (sig == null) {
if (alg == null) {
sig = Signature.getInstance(alg, OpenSSLProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {
sig.initVerify(certs[issuerSertIndex]);
......这里返回的是一个证书的数组。3、MANIFEST.MF整个文件签名在CERT.SF文件中头属性中的值是否匹配以及验证MANIFEST.MF文件中的各个属性块的签名在CERT.SF文件中是否匹配1》第一件事是:验证MANIFEST.MF整个文件签名在CERT.SF文件中头属性中的值是否匹配// Use .SF to verify the mainAttributes of the manifest
// If there is no -Digest-Manifest-Main-Attributes entry in .SF
// file, such as those created before java 1.5, then we ignore
// such verification.
if (mainAttributesEnd & 0 && !createdBySigntool) {
String digestAttribute = &-Digest-Manifest-Main-Attributes&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, mainAttributesEnd, false, true)) {
throw failedVerification(jarName, signatureFile);
}这里的manifestBytes:byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);就是MANIFEST.MF文件内容。继续看一下verify方法:private boolean verify(Attributes attributes, String entry, byte[] data,
int start, int end, boolean ignoreSecondEndline, boolean ignorable) {
for (int i = 0; i & DIGEST_ALGORITHMS. i++) {
String algorithm = DIGEST_ALGORITHMS[i];
String hash = attributes.getValue(algorithm + entry);
if (hash == null) {
md = MessageDigest.getInstance(algorithm);
} catch (NoSuchAlgorithmException e) {
if (ignoreSecondEndline && data[end - 1] == '\n' && data[end - 2] == '\n') {
md.update(data, start, end - 1 - start);
md.update(data, start, end - start);
byte[] b = md.digest();
byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
return MessageDigest.isEqual(b, Base64.decode(hashBytes));
}这个方法其实很简单,就是验证传入的data数据块的数据摘要算法和传入的attributes中的算法块的值是否匹配,比如这里:String algorithm = DIGEST_ALGORITHMS[i];
String hash = attributes.getValue(algorithm + entry);这里的algorithm是算法:private static final String[] DIGEST_ALGORITHMS = new String[] {
&SHA-512&,
&SHA-384&,
&SHA-256&,
};这里的entry也是传入的,我们看到传入的是:-Digest这样就是CERT.SF文件中的一个条目:2》第二件事是:验证MANIFEST.MF文件中的各个属性块的签名在CERT.SF文件中是否匹配// Use .SF to verify the whole manifest.
String digestAttribute = createdBySigntool ? &-Digest& : &-Digest-Manifest&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, manifestBytes.length, false, false)) {
Iterator&Map.Entry&String, Attributes&& it = entries.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, Attributes& entry = it.next();
Manifest.Chunk chunk = manifest.getChunk(entry.getKey());
if (chunk == null) {
if (!verify(entry.getValue(), &-Digest&, manifestBytes,
chunk.start, chunk.end, createdBySigntool, false)) {
throw invalidDigest(signatureFile, entry.getKey(), jarName);
}这里我们可以看到也是同样调用verify方法来验证CERT.SF中的条目信息的。最后我们再看一下是如何配对签名信息的,在PackageParser中的collectCertificates方法:这里会比对已经安装的apk的签名和准备要安装的apk的签名是否一致,如果不一致的话,就会报错:这个错,也是我们经常会遇到的,就是同样的apk,签名不一致导致的问题。我们从上面的分析代码中可以看到,这里的Signature比对签名,其实就是比对证书中的公钥信息:上面我们就看完了Android中验证签名信息的流程,下面我们再来梳理一下流程吧:所有有关apk文件的签名验证工作都是在JarVerifier里面做的,一共分成三步:1、JarVerifier.VerifierEntry.verify做了验证,即保证apk文件中包含的所有文件,对应的摘要值与MANIFEST.MF文件中记录的一致。2、JarVeirifer.verifyCertificate使用证书文件(在META-INF目录下,以.DSA、.RSA或者.EC结尾的文件)检验签名文件(在META-INF目录下,和证书文件同名,但扩展名为.SF的文件)是没有被修改过的。这里我们可以注意到,Android中在验证的过程中对SF喝RSA文件的名字并不关心,这个在之前的 &文章中介绍到了。3、JarVeirifer.verifyCertificate中使用签名文件CERT.SF,检验MANIFEST.MF文件中的内容也没有被篡改过综上所述:首先,如果你改变了apk包中的任何文件,那么在apk安装校验时,改变后的文件摘要信息与MANIFEST.MF的检验信息不同,于是验证失败,程序就不能成功安装。其次,如果你对更改的过的文件相应的算出新的摘要值,然后更改MANIFEST.MF文件里面对应的属性值,那么必定与CERT.SF文件中算出的摘要值不一样,照样验证失败。这里都会提示安装失败信息:如果你还不死心,继续计算MANIFEST.MF的摘要值,相应的更改CERT.SF里面的值.那么数字签名值必定与CERT.RSA文件中记录的不一样,还是失败。这里的失败信息:那么能不能继续伪造数字签名呢?不可能,因为没有数字证书对应的私钥。所以,如果要重新打包后的应用程序能再Android设备上安装,必须对其进行重签名。从上面的分析可以得出,只要修改了Apk中的任何内容,就必须重新签名,不然会提示安装失败,当然这里不会分析,后面一篇文章会注重分析为何会提示安装失败。总结到这里我们就介绍完了Android中的apk的签名验证过程,再结合之前的一篇文章,我们可以了解到了Android中的签名机制了。这个也是对Android中的安全机制的一个深入了解吧,新年快乐~~PS: 关注微信,最新Android技术实时推送
&&相关文章推荐
参考知识库
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
微信扫一扫加入安全逆向圈
扫一扫加小编微信
添加时请注明:编码美丽!
我的第一个App: 天真无谐
已经上线了,在各大市场都可以搜索到。希望大家多多支持!!
访问:4177427次
积分:28527
积分:28527
排名:第174名
原创:280篇
评论:1510条
文章:37篇
阅读:515111
文章:23篇
阅读:287274
文章:27篇
阅读:420111
文章:30篇
阅读:354662
文章:64篇
阅读:1033530
(2)(3)(4)(4)(4)(5)(4)(8)(7)(8)(5)(5)(8)(1)(4)(4)(2)(1)(4)(3)(2)(4)(1)(1)(1)(30)(8)(4)(7)(12)(3)(12)(13)(6)(20)(6)(32)(32)}
Android(155)
一、前言今天是元旦,也是Single Dog的嚎叫之日,只能写博客来祛除寂寞了,今天我们继续来看一下Android中的签名机制的姊妹篇:Android中是如何验证一个Apk的签名。在前一篇文章中我们介绍了,Android中是如何对程序进行签名的,不了解的同学可以转战:当然在了解我们今天说到的知识点,这篇文章也是需要了解的,不然会有些知识点有些困惑的。二、知识摘要在我们没有开始这篇文章之前,我们回顾一下之前说到的签名机制流程:1、对Apk中的每个文件做一次算法(数据摘要+Base64编码),保存到MANIFEST.MF文件中2、对MANIFEST.MF整个文件做一次算法(数据摘要+Base64编码),存放到CERT.SF文件的头属性中,在对MANIFEST.MF文件中各个属性块做一次算法(数据摘要+Base64编码),存到到一个属性块中。3、对CERT.SF文件做签名,内容存档到CERT.RSA中所以通过上面的流程可以知道,我们今天来验证签名流程也是这三个步骤三、代码分析我们既然要了解Android中的应用程序的签名验证过程的话,那么我们肯定需要从一个类来开始看起,那就是PackageManagerService.java,因为这个类是Apk在安装的过程中核心类:frameworks\base\services\core\java\com\android\server\pm\PackageManagerService.javaprivate void installPackageLI(InstallArgs args, PackageInstalledInfo res) {
PackageParser pp = new PackageParser();
pp.collectCertificates(pkg, parseFlags);
pp.collectManifestDigest(pkg);
} catch (PackageParserException e) {
res.setError(&Failed collect during installPackageLI&, e);
……我们可以看到,有一个核心类:PackageParserframeworks\base\core\java\android\content\pm\PackageParser.java这个类也是见名知意,就是需要解析Apk包,那么就会涉及到签名信息了,下面我们就从这个类开始入手:import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_MANIFEST;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_CERTIFICATE_ENCODING;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_MANIFEST_MALFORMED;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NOT_APK;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES;
import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION;我们看到了几个我们很熟悉的信息:import static android.content.pm.PackageManager.INSTALL_PARSE_FAILED_NO_CERTIFICATES;这个是在安装apk包的时候出现的错误,没有证书:那么我们就先来查找一下这个字段:private static void collectCertificates(Package pkg, File apkFile, int flags)
throws PackageParserException {
final String apkPath = apkFile.getAbsolutePath();
StrictJarFile jarFile =
jarFile = new StrictJarFile(apkPath);
// Always verify manifest, regardless of source
final ZipEntry manifestEntry = jarFile.findEntry(ANDROID_MANIFEST_FILENAME);
if (manifestEntry == null) {
throw new PackageParserException(INSTALL_PARSE_FAILED_BAD_MANIFEST,
&Package & + apkPath + & has no manifest&);
final List&ZipEntry& toVerify = new ArrayList&&();
toVerify.add(manifestEntry);
// If we're parsing an untrusted package, verify all contents
if ((flags & PARSE_IS_SYSTEM) == 0) {
final Iterator&ZipEntry& i = jarFile.iterator();
while (i.hasNext()) {
final ZipEntry entry = i.next();
if (entry.isDirectory())
if (entry.getName().startsWith(&META-INF/&))
if (entry.getName().equals(ANDROID_MANIFEST_FILENAME))
toVerify.add(entry);
// Verify that entries are signed consistently with the first entry
// we encountered. Note that for splits, certificates may have
// already been populated during an earlier parse of a base APK.
for (ZipEntry entry : toVerify) {
final Certificate[][] entryCerts = loadCertificates(jarFile, entry);
if (ArrayUtils.isEmpty(entryCerts)) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Package & + apkPath + & has no certificates at entry &
+ entry.getName());
final Signature[] entrySignatures = convertToSignatures(entryCerts);
if (pkg.mCertificates == null) {
pkg.mCertificates = entryC
pkg.mSignatures = entryS
pkg.mSigningKeys = new ArraySet&PublicKey&();
for (int i=0; i & entryCerts. i++) {
pkg.mSigningKeys.add(entryCerts[i][0].getPublicKey());
if (!Signature.areExactMatch(pkg.mSignatures, entrySignatures)) {
throw new PackageParserException(
INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES, &Package & + apkPath
+ & has mismatched certificates at entry &
+ entry.getName());
} catch (GeneralSecurityException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_CERTIFICATE_ENCODING,
&Failed to collect certificates from & + apkPath, e);
} catch (IOException | RuntimeException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Failed to collect certificates from & + apkPath, e);
} finally {
closeQuietly(jarFile);
}这里看到了,当有异常的时候就会提示这个信息,我们在跟进去看看:// Verify that entries are signed consistently with the first entry
// we encountered. Note that for splits, certificates may have
// already been populated during an earlier parse of a base APK.
for (ZipEntry entry : toVerify) {
final Certificate[][] entryCerts = loadCertificates(jarFile, entry);
if (ArrayUtils.isEmpty(entryCerts)) {
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES,
&Package & + apkPath + & has no certificates at entry &
+ entry.getName());
final Signature[] entrySignatures = convertToSignatures(entryCerts);
if (pkg.mCertificates == null) {
pkg.mCertificates = entryC
pkg.mSignatures = entryS
pkg.mSigningKeys = new ArraySet&PublicKey&();
for (int i=0; i & entryCerts. i++) {
pkg.mSigningKeys.add(entryCerts[i][0].getPublicKey());
if (!Signature.areExactMatch(pkg.mSignatures, entrySignatures)) {
throw new PackageParserException(
INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES, &Package & + apkPath
+ & has mismatched certificates at entry &
+ entry.getName());
}这里有一个重要的方法:loadCertificatesprivate static Certificate[][] loadCertificates(StrictJarFile jarFile, ZipEntry entry)
throws PackageParserException {
InputStream is =
// We must read the stream for the JarEntry to retrieve
// its certificates.
is = jarFile.getInputStream(entry);
readFullyIgnoringContents(is);
return jarFile.getCertificateChains(entry);
} catch (IOException | RuntimeException e) {
throw new PackageParserException(INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION,
&Failed reading & + entry.getName() + & in & + jarFile, e);
} finally {
IoUtils.closeQuietly(is);
}这个方法是加载证书内容的1、验证Apk中的每个文件的算法(数据摘要+Base64编码)和MANIFEST.MF文件中的对应属性块内容是否配对首先获取StrictJarFile文件中的InputStream对象StrictJarFile这个类:libcore\luni\src\main\java\java\util\jar\StrictJarFile.javapublic InputStream getInputStream(ZipEntry ze) {
final InputStream is = getZipInputStream(ze);
if (isSigned) {
JarVerifier.VerifierEntry entry = verifier.initEntry(ze.getName());
if (entry == null) {
return new JarFile.JarFileInputStream(is, ze.getSize(), entry);
}1》获取到VerifierEntry对象entry在JarVerifier.java:libcore\luni\src\main\java\java\util\jar\JarVerifier.javaVerifierEntry initEntry(String name) {
// If no manifest is present by the time an entry is found,
// verification cannot occur. If no signature files have
// been found, do not verify.
if (manifest == null || signatures.isEmpty()) {
Attributes attributes = manifest.getAttributes(name);
// entry has no digest
if (attributes == null) {
ArrayList&Certificate[]& certChains = new ArrayList&Certificate[]&();
Iterator&Map.Entry&String, HashMap&String, Attributes&&& it = signatures.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, HashMap&String, Attributes&& entry = it.next();
HashMap&String, Attributes& hm = entry.getValue();
if (hm.get(name) != null) {
// Found an entry for entry name in .SF file
String signatureFile = entry.getKey();
Certificate[] certChain = certificates.get(signatureFile);
if (certChain != null) {
certChains.add(certChain);
// entry is not signed
if (certChains.isEmpty()) {
Certificate[][] certChainsArray = certChains.toArray(new Certificate[certChains.size()][]);
for (int i = 0; i & DIGEST_ALGORITHMS. i++) {
final String algorithm = DIGEST_ALGORITHMS[i];
final String hash = attributes.getValue(algorithm + &-Digest&);
if (hash == null) {
byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
return new VerifierEntry(name, MessageDigest.getInstance(algorithm), hashBytes,
certChainsArray, verifiedEntries);
} catch (NoSuchAlgorithmException ignored) {
}就是构造一个VerifierEntry对象:/**
* Stores and a hash and a message digest and verifies that massage digest
* matches the hash.
static class VerifierEntry extends OutputStream {
private final S
private final MessageD
private final byte[]
private final Certificate[][] certC
private final Hashtable&String, Certificate[][]& verifiedE
VerifierEntry(String name, MessageDigest digest, byte[] hash,
Certificate[][] certChains, Hashtable&String, Certificate[][]& verifedEntries) {
this.name =
this.digest =
this.hash =
this.certChains = certC
this.verifiedEntries = verifedE
* Updates a digest with one byte.
public void write(int value) {
digest.update((byte) value);
* Updates a digest with byte array.
public void write(byte[] buf, int off, int nbytes) {
digest.update(buf, off, nbytes);
* Verifies that the digests stored in the manifest match the decrypted
* digests from the .SF file. This indicates the validity of the
* signing, not the integrity of the file, as its digest must be
* calculated and verified when its contents are read.
* @throws SecurityException
if the digest value stored in the manifest does &i¬&/i&
agree with the decrypted digest as recovered from the
&code&.SF&/code& file.
void verify() {
byte[] d = digest.digest();
if (!MessageDigest.isEqual(d, Base64.decode(hash))) {
throw invalidDigest(JarFile.MANIFEST_NAME, name, name);
verifiedEntries.put(name, certChains);
}要构造这个对象,必须事先准备好参数。第一个参数很简单,就是要验证的文件名,直接将name传进来就好了。第二个参数是计算摘要的对象,可以通过MessageDigest.getInstance获得,不过要先告知到底要用哪个摘要算法,同样也是通过查看MANIFEST.MF文件中对应名字的属性值来决定的:所以可以知道所用的摘要算法是SHA1。第三个参数是对应文件的摘要值,这是通过读取MANIFEST.MF文件获得的:第四个参数是证书链,即对该apk文件签名的所有证书链信息。为什么是二维数组呢?这是因为Android允许用多个证书对apk进行签名,但是它们的证书文件名必须不同,这个知识点,我在之前的一篇文章中:&中有提到。最后一个参数是已经验证过的文件列表,VerifierEntry在完成了对指定文件的摘要验证之后会将该文件的信息加到其中。2》再去JarFile的JarFileInputStream类中看看:static final class JarFileInputStream extends FilterInputStream {
private ZipEntry zipE
private JarVerifier.VerifierE
private boolean done =
JarFileInputStream(InputStream is, ZipEntry ze,
JarVerifier.VerifierEntry e) {
super(is);
zipEntry =
count = zipEntry.getSize();
public int read() throws IOException {
if (done) {
return -1;
if (count & 0) {
int r = super.read();
if (r != -1) {
entry.write(r);
count = 0;
if (count == 0) {
entry.verify();
entry.verify();
return -1;
public int read(byte[] buf, int off, int nbytes) throws IOException {
if (done) {
return -1;
if (count & 0) {
int r = super.read(buf, off, nbytes);
if (r != -1) {
int size =
if (count & size) {
size = (int)
entry.write(buf, off, size);
count = 0;
if (count == 0) {
entry.verify();
entry.verify();
return -1;
public int available() throws IOException {
if (done) {
return super.available();
public long skip(long byteCount) throws IOException {
return Streams.skipByReading(this, byteCount);
}3》PackageParser的readFullyIgnoringContents方法:public static long readFullyIgnoringContents(InputStream in) throws IOException {
byte[] buffer = sBuffer.getAndSet(null);
if (buffer == null) {
buffer = new byte[4096];
int n = 0;
int count = 0;
while ((n = in.read(buffer, 0, buffer.length)) != -1) {
sBuffer.set(buffer);
}得到第二步之后的一个InputStream对象,然后就开始read操作,这里我没发现什么猫腻,但是我们从第一件事做完之后可以发现,这里的InputStream对象其实是JarInputStream,所以我们可以去看一下他的read方法的实现:玄机原来在这里,这里的JarFileInputStream.read确实会调用其父类的read读取指定的apk内文件的内容,并且将其传给JarVerifier.VerifierEntry.write函数。当文件读完后,会接着调用JarVerifier.VerifierEntry.verify函数对其进行验证。JarVerifier.VerifierEntry.write函数非常简单:就是将读到的文件的内容传给digest,这个digest就是前面在构造JarVerifier.VerifierEntry传进来的,对应于在MANIFEST.MF文件中指定的摘要算法。万事具备,接下来想要验证就很简单了:通过digest就可以算出apk内指定文件的真实摘要值。而记录在MANIFEST.MF文件中对应该文件的摘要值,也在构造JarVerifier.VerifierEntry时传递给了hash变量。不过这个hash值是经过Base64编码的。所以在比较之前,必须通过Base64解码。如果不一致的话,会抛出SecurityException异常:private static SecurityException invalidDigest(String signatureFile, String name,
String jarName) {
throw new SecurityException(signatureFile + & has invalid digest for & + name +
& in & + jarName);
}到这里我们就分析了,Android中是如何验证MANIFEST.MF文件中的内容的,我们这里再来看一下,这里抛出异常出去:这里捕获到异常之后,会在抛异常出去:在这里就会抛出异常信息,所以如果我们修改了一个Apk中的一个文件内容的话,这里肯定是安装不上的。2、验证CERT.SF文件的签名信息和CERT.RSA中的内容是否一致1》我们就来看看StrictJarFile中的getCertificateChains方法:/**
* Return all certificate chains for a given {@link ZipEntry} belonging to this jar.
* This method MUST be called only after fully exhausting the InputStream belonging
* to this entry.
* Returns {@code null} if this jar file isn't signed or if this method is
* called before the stream is processed.
public Certificate[][] getCertificateChains(ZipEntry ze) {
if (isSigned) {
return verifier.getCertificateChains(ze.getName());
}这里有一个变量判断:isSigned,他是在构造方法中赋值的:public StrictJarFile(String fileName) throws IOException {
this.nativeHandle = nativeOpenJarFile(fileName);
this.raf = new RandomAccessFile(fileName, &r&);
// Read the MANIFEST and signature files up front and try to
// parse them. We never want to accept a JAR File with broken signatures
// or manifests, so it's best to throw as early as possible.
HashMap&String, byte[]& metaEntries = getMetaEntries();
this.manifest = new Manifest(metaEntries.get(JarFile.MANIFEST_NAME), true);
this.verifier = new JarVerifier(fileName, manifest, metaEntries);
isSigned = verifier.readCertificates() && verifier.isSignedJar();
} catch (IOException ioe) {
nativeClose(this.nativeHandle);
guard.open(&close&);
}去verifier中看看这两个方法:/**
* If the associated JAR file is signed, check on the validity of all of the
* known signatures.
* @return {@code true} if the associated JAR is signed and an internal
check verifies the validity of the signature(s). {@code false} if
the associated JAR file has no entries at all in its {@code
META-INF} directory. This situation is indicative of an invalid
Will also return {@code true} if the JAR file is &i¬&/i&
* @throws SecurityException
if the JAR file is signed and it is determined that a
signature block file contains an invalid signature for the
corresponding signature file.
synchronized boolean readCertificates() {
if (metaEntries.isEmpty()) {
Iterator&String& it = metaEntries.keySet().iterator();
while (it.hasNext()) {
String key = it.next();
if (key.endsWith(&.DSA&) || key.endsWith(&.RSA&) || key.endsWith(&.EC&)) {
verifyCertificate(key);
it.remove();
}这个方法其实很简单,就是判断metaEntries中是否为空,说白了,就是判断Apk中的META-INF文件夹中是否为空,只有文件就返回true。再来看看isSignedJar方法:/**
* Returns a &code&boolean&/code& indication of whether or not the
* associated jar file is signed.
* @return {@code true} if the JAR is signed, {@code false}
otherwise.
boolean isSignedJar() {
return certificates.size() & 0;
}这个方法直接判断certificates这个集合是否为空。我们全局搜索一下这个集合在哪里存入的数据的地方,找到了verifyCertificate方法,同时我们发现,在上面的readCertificates方法中,就调用了这个方法,其实这个方法就是读取证书信息的。下面来看一下verifyCertificate方法:/**
* @param certFile
private void verifyCertificate(String certFile) {
// Found Digital Sig, .SF should already have been read
String signatureFile = certFile.substring(0, certFile.lastIndexOf('.')) + &.SF&;
byte[] sfBytes = metaEntries.get(signatureFile);
if (sfBytes == null) {
byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);
// Manifest entry is required for any verifications.
if (manifestBytes == null) {
byte[] sBlockBytes = metaEntries.get(certFile);
Certificate[] signerCertChain = JarUtils.verifySignature(
new ByteArrayInputStream(sfBytes),
new ByteArrayInputStream(sBlockBytes));
if (signerCertChain != null) {
certificates.put(signatureFile, signerCertChain);
} catch (IOException e) {
} catch (GeneralSecurityException e) {
throw failedVerification(jarName, signatureFile);
// Verify manifest hash in .sf file
Attributes attributes = new Attributes();
HashMap&String, Attributes& entries = new HashMap&String, Attributes&();
ManifestReader im = new ManifestReader(sfBytes, attributes);
im.readEntries(entries, null);
} catch (IOException e) {
// Do we actually have any signatures to look at?
if (attributes.get(Attributes.Name.SIGNATURE_VERSION) == null) {
boolean createdBySigntool =
String createdBy = attributes.getValue(&Created-By&);
if (createdBy != null) {
createdBySigntool = createdBy.indexOf(&signtool&) != -1;
// Use .SF to verify the mainAttributes of the manifest
// If there is no -Digest-Manifest-Main-Attributes entry in .SF
// file, such as those created before java 1.5, then we ignore
// such verification.
if (mainAttributesEnd & 0 && !createdBySigntool) {
String digestAttribute = &-Digest-Manifest-Main-Attributes&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, mainAttributesEnd, false, true)) {
throw failedVerification(jarName, signatureFile);
// Use .SF to verify the whole manifest.
String digestAttribute = createdBySigntool ? &-Digest& : &-Digest-Manifest&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, manifestBytes.length, false, false)) {
Iterator&Map.Entry&String, Attributes&& it = entries.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, Attributes& entry = it.next();
Manifest.Chunk chunk = manifest.getChunk(entry.getKey());
if (chunk == null) {
if (!verify(entry.getValue(), &-Digest&, manifestBytes,
chunk.start, chunk.end, createdBySigntool, false)) {
throw invalidDigest(signatureFile, entry.getKey(), jarName);
metaEntries.put(signatureFile, null);
signatures.put(signatureFile, entries);
}2》获取证书信息,并且验证CERT.SF文件的签名信息和CERT.RSA中的内容是否一致。// Found Digital Sig, .SF should already have been read
String signatureFile = certFile.substring(0, certFile.lastIndexOf('.')) + &.SF&;
byte[] sfBytes = metaEntries.get(signatureFile);
if (sfBytes == null) {
byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);
// Manifest entry is required for any verifications.
if (manifestBytes == null) {
byte[] sBlockBytes = metaEntries.get(certFile);
Certificate[] signerCertChain = JarUtils.verifySignature(
new ByteArrayInputStream(sfBytes),
new ByteArrayInputStream(sBlockBytes));
if (signerCertChain != null) {
certificates.put(signatureFile, signerCertChain);
} catch (IOException e) {
} catch (GeneralSecurityException e) {
throw failedVerification(jarName, signatureFile);
}这里首先获取到,签名文件。我们在之前的一篇文章中说到了,签名文件和证书文件的名字是一样的。同时这里还调用了JarUtils类:libcore\luni\src\main\java\org\apache\harmony\security\utils\JarUtils.java中的verifySignature方法来获取证书,这里就不做太多的解释了,如何从一个RSA文件中获取证书,这样的代码网上也是有的,而且后面我会演示一下,如何获取。/**
* This method handle all the work with
PKCS7, ASN1 encoding, signature verifying,
* and certification path building.
* See also PKCS #7: Cryptographic Message Syntax Standard:
* http://www.ietf.org/rfc/rfc2315.txt
* @param signature - the input stream of signature file to be verified
* @param signatureBlock - the input stream of corresponding signature block file
* @return array of certificates used to verify the signature file
* @throws IOException - if some errors occurs during reading from the stream
* @throws GeneralSecurityException - if signature verification process fails
public static Certificate[] verifySignature(InputStream signature, InputStream
signatureBlock) throws IOException, GeneralSecurityException {
BerInputStream bis = new BerInputStream(signatureBlock);
ContentInfo info = (ContentInfo)ContentInfo.ASN1.decode(bis);
SignedData signedData = info.getSignedData();
if (signedData == null) {
throw new IOException(&No SignedData found&);
Collection&org.apache.harmony.security.x509.Certificate& encCerts
= signedData.getCertificates();
if (encCerts.isEmpty()) {
X509Certificate[] certs = new X509Certificate[encCerts.size()];
int i = 0;
for (org.apache.harmony.security.x509.Certificate encCert : encCerts) {
certs[i++] = new X509CertImpl(encCert);
List&SignerInfo& sigInfos = signedData.getSignerInfos();
SignerInfo sigI
if (!sigInfos.isEmpty()) {
sigInfo = sigInfos.get(0);
X500Principal issuer = sigInfo.getIssuer();
// Certificate serial number
BigInteger snum = sigInfo.getSerialNumber();
// Locate the certificate
int issuerSertIndex = 0;
for (i = 0; i & certs. i++) {
if (issuer.equals(certs[i].getIssuerDN()) &&
snum.equals(certs[i].getSerialNumber())) {
issuerSertIndex =
if (i == certs.length) { // No issuer certificate found
if (certs[issuerSertIndex].hasUnsupportedCriticalExtension()) {
throw new SecurityException(&Can not recognize a critical extension&);
// Get Signature instance
Signature sig =
String da = sigInfo.getDigestAlgorithm();
String dea = sigInfo.getDigestEncryptionAlgorithm();
String alg =
if (da != null && dea != null) {
alg = da + &with& +
sig = Signature.getInstance(alg, OpenSSLProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {}
if (sig == null) {
if (alg == null) {
sig = Signature.getInstance(alg, OpenSSLProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException e) {
sig.initVerify(certs[issuerSertIndex]);
......这里返回的是一个证书的数组。3、MANIFEST.MF整个文件签名在CERT.SF文件中头属性中的值是否匹配以及验证MANIFEST.MF文件中的各个属性块的签名在CERT.SF文件中是否匹配1》第一件事是:验证MANIFEST.MF整个文件签名在CERT.SF文件中头属性中的值是否匹配// Use .SF to verify the mainAttributes of the manifest
// If there is no -Digest-Manifest-Main-Attributes entry in .SF
// file, such as those created before java 1.5, then we ignore
// such verification.
if (mainAttributesEnd & 0 && !createdBySigntool) {
String digestAttribute = &-Digest-Manifest-Main-Attributes&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, mainAttributesEnd, false, true)) {
throw failedVerification(jarName, signatureFile);
}这里的manifestBytes:byte[] manifestBytes = metaEntries.get(JarFile.MANIFEST_NAME);就是MANIFEST.MF文件内容。继续看一下verify方法:private boolean verify(Attributes attributes, String entry, byte[] data,
int start, int end, boolean ignoreSecondEndline, boolean ignorable) {
for (int i = 0; i & DIGEST_ALGORITHMS. i++) {
String algorithm = DIGEST_ALGORITHMS[i];
String hash = attributes.getValue(algorithm + entry);
if (hash == null) {
md = MessageDigest.getInstance(algorithm);
} catch (NoSuchAlgorithmException e) {
if (ignoreSecondEndline && data[end - 1] == '\n' && data[end - 2] == '\n') {
md.update(data, start, end - 1 - start);
md.update(data, start, end - start);
byte[] b = md.digest();
byte[] hashBytes = hash.getBytes(StandardCharsets.ISO_8859_1);
return MessageDigest.isEqual(b, Base64.decode(hashBytes));
}这个方法其实很简单,就是验证传入的data数据块的数据摘要算法和传入的attributes中的算法块的值是否匹配,比如这里:String algorithm = DIGEST_ALGORITHMS[i];
String hash = attributes.getValue(algorithm + entry);这里的algorithm是算法:private static final String[] DIGEST_ALGORITHMS = new String[] {
&SHA-512&,
&SHA-384&,
&SHA-256&,
};这里的entry也是传入的,我们看到传入的是:-Digest这样就是CERT.SF文件中的一个条目:2》第二件事是:验证MANIFEST.MF文件中的各个属性块的签名在CERT.SF文件中是否匹配// Use .SF to verify the whole manifest.
String digestAttribute = createdBySigntool ? &-Digest& : &-Digest-Manifest&;
if (!verify(attributes, digestAttribute, manifestBytes, 0, manifestBytes.length, false, false)) {
Iterator&Map.Entry&String, Attributes&& it = entries.entrySet().iterator();
while (it.hasNext()) {
Map.Entry&String, Attributes& entry = it.next();
Manifest.Chunk chunk = manifest.getChunk(entry.getKey());
if (chunk == null) {
if (!verify(entry.getValue(), &-Digest&, manifestBytes,
chunk.start, chunk.end, createdBySigntool, false)) {
throw invalidDigest(signatureFile, entry.getKey(), jarName);
}这里我们可以看到也是同样调用verify方法来验证CERT.SF中的条目信息的。最后我们再看一下是如何配对签名信息的,在PackageParser中的collectCertificates方法:这里会比对已经安装的apk的签名和准备要安装的apk的签名是否一致,如果不一致的话,就会报错:这个错,也是我们经常会遇到的,就是同样的apk,签名不一致导致的问题。我们从上面的分析代码中可以看到,这里的Signature比对签名,其实就是比对证书中的公钥信息:上面我们就看完了Android中验证签名信息的流程,下面我们再来梳理一下流程吧:所有有关apk文件的签名验证工作都是在JarVerifier里面做的,一共分成三步:1、JarVerifier.VerifierEntry.verify做了验证,即保证apk文件中包含的所有文件,对应的摘要值与MANIFEST.MF文件中记录的一致。2、JarVeirifer.verifyCertificate使用证书文件(在META-INF目录下,以.DSA、.RSA或者.EC结尾的文件)检验签名文件(在META-INF目录下,和证书文件同名,但扩展名为.SF的文件)是没有被修改过的。这里我们可以注意到,Android中在验证的过程中对SF喝RSA文件的名字并不关心,这个在之前的 &文章中介绍到了。3、JarVeirifer.verifyCertificate中使用签名文件CERT.SF,检验MANIFEST.MF文件中的内容也没有被篡改过综上所述:首先,如果你改变了apk包中的任何文件,那么在apk安装校验时,改变后的文件摘要信息与MANIFEST.MF的检验信息不同,于是验证失败,程序就不能成功安装。其次,如果你对更改的过的文件相应的算出新的摘要值,然后更改MANIFEST.MF文件里面对应的属性值,那么必定与CERT.SF文件中算出的摘要值不一样,照样验证失败。这里都会提示安装失败信息:如果你还不死心,继续计算MANIFEST.MF的摘要值,相应的更改CERT.SF里面的值.那么数字签名值必定与CERT.RSA文件中记录的不一样,还是失败。这里的失败信息:那么能不能继续伪造数字签名呢?不可能,因为没有数字证书对应的私钥。所以,如果要重新打包后的应用程序能再Android设备上安装,必须对其进行重签名。从上面的分析可以得出,只要修改了Apk中的任何内容,就必须重新签名,不然会提示安装失败,当然这里不会分析,后面一篇文章会注重分析为何会提示安装失败。总结到这里我们就介绍完了Android中的apk的签名验证过程,再结合之前的一篇文章,我们可以了解到了Android中的签名机制了。这个也是对Android中的安全机制的一个深入了解吧,新年快乐~~PS: 关注微信,最新Android技术实时推送
&&相关文章推荐
参考知识库
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
微信扫一扫加入安全逆向圈
扫一扫加小编微信
添加时请注明:编码美丽!
我的第一个App: 天真无谐
已经上线了,在各大市场都可以搜索到。希望大家多多支持!!
访问:4177427次
积分:28527
积分:28527
排名:第174名
原创:280篇
评论:1510条
文章:37篇
阅读:515111
文章:23篇
阅读:287274
文章:27篇
阅读:420111
文章:30篇
阅读:354662
文章:64篇
阅读:1033530
(2)(3)(4)(4)(4)(5)(4)(8)(7)(8)(5)(5)(8)(1)(4)(4)(2)(1)(4)(3)(2)(4)(1)(1)(1)(30)(8)(4)(7)(12)(3)(12)(13)(6)(20)(6)(32)(32)}
我要回帖
更多关于 美团众包不培训只能50 的文章
更多推荐
- ·京剧猫身宗谁最美墨兰宗主和手宗灵锡宗主谁更强?
- ·邓紫棋和崔世越演唱会门票多少钱给崔世越写过歌吗?
- ·用球杆拨台球杆对打球影响大吗会损伤球杆吗?
- ·找一必看的50部武侠电视剧剧,名字不记得了,就记得一个剧情?
- ·这是女主叫舞的韩国动漫叫什么动漫?
- ·请问您知道怎么解封快手号解封吗
- ·快七夕了,去哪里选购淋浴房选购好呢?
- ·为什么在直聘店长里微信小程序发布会视频在微信群里都有
- ·千策良品工业设计大赛是不是有为一些国内外的大公司做过设计?
- ·有谁知道这QQ主题背景的背景是什么?
- ·奉贤区中心医院怎么样手机上怎预约做胃镜
- ·关于微信的信息网删除才恢复不了上的所有信息都忘了但是红包里有一干元有什么办法可以把这一
- ·手机金融理财收益率理财软件哪个收益高点?
- ·有什么好的理财软件哪个好吗?
- ·哪个好用的理财appp好用?
- ·目前哪种理财APP收益高安全有本息保障投资理财收益?
- ·暗黑起源手游属于什么游戏开发
- ·好用比较好的购物appp有哪些?
- ·营业厅通移动光纤普通宽带与光纤的区别说免费用一年,一年后还有活动,反正不要钱,,我觉得是骗人的??
- ·和跟女朋友在一起很累没多久 她很爱我 但最近我总感觉她对我淡了 想留一段QQ留言来表达 跪求例子
- ·在无锡下载的美团众包不培训只能50在山东能用吗
- ·中通手机号查快递包裹快递太垃圾了,我的包裹从昨天早上到南充到现在还是到达南充中转你们说能不能中通手机号查快递包裹快递真的是垃圾
- ·appios代退款有风险吗的安全吗
- ·精神征信有问题可以贷款吗在网上贷款还不上怎么办
- ·激光标签刻印一体机机在打标过程中按了F3在按空格键会出现什么问题?怎么维修?
- ·wxid_微信号是什么意思什么意思
- ·阿里云怎么样未来会发展成什么样?
- ·差旅管理系统哪些品牌好?行旅国际差旅费怎么样?
- ·打算用链家理房通官网交易房子,但是网上说买房子的钱都进了链家理房通官网的口袋,链家理房通官网擅挪用客户资 金,真的假的啊?
- ·在Java中同类中的php 调用静态方法法能否调用类成员变量呢?为什么?
- ·水中色度第七空间vr多少钱
- ·qq如果被拉黑中国电信,或者中国移动,拉黑会怎样
- ·o速配适合于o2g是什么模式式?
- ·java类是否可以多继承,怎么java内部类实现多继承承?
- ·最近有没有新出的怎样看一个电脑是否是新电脑,价格上不要太贵就好?
- ·道路运输管理系统统为什么会选择oTMS?
