There are three files in the META-INF folder after apk is decompressed: MANIFEST. MF，CERT。 SF and CERT Republic of South Africa (Republic of South Africa)

The contents saved in this file actually traverse all the entries of APK one by one.

Here is the generated certificate. The SF file will calculate the signature with the private key, and then write the signature and the digital certificate containing public key information into CERT. RSA is used to save. It should be noted here that. The RSA certificate in Android APK is self-signed, and it does not need to be issued or certified by a third-party authority. The user can generate this self-signed certificate on the local computer. At present, Android does not carry out CA authentication of application certificates.

RSA file is encrypted, so we need openssl command to view its contents.

Signature verification takes place during APK installation and is divided into three steps:

In order to solve the shortcomings of V 1, a brand-new APK signature scheme v2 is introduced into Android 7.0 nougat.

APK signature scheme v2 is a complete file signature scheme, which can discover all changes made to the protected part of APK, thus contributing to accelerating verification and enhancing integrity assurance.

Because only one ZIP entry is verified in v 1, many modifications can be made after APK is signed-the file can be moved or even recompressed. In fact, the ZIPalign tool used in the compilation process does just that. It is used to adjust ZIP entries according to the correct byte limit to improve runtime performance. Moreover, we can also use this thing to modify the contents in the META-INF directory after packaging, or modify the comments of ZIP to realize multi-packaging, which can be verified in the signature of v 1

V2 signature verifies all bytes in the archive, not a single ZIP entry, so you can't run ZIPalign after signing (it must be executed before signing). For this reason, now, in the compilation process, Google will combine compression, adjustment and signature.

Simply put, v2 signature mode adds a new block (signature block) to the original APK block. The new block stores information such as signature, digest, signature algorithm, certificate chain, additional attributes and so on. The block has a specific format. See below for the specific format analysis. Let's see what APK looks like now.

In order to protect the APK content, the whole APK(ZIP file format) is divided into the following four blocks:

Among them, the signature information of the application signature scheme will be saved in block 2(APK signature block), while block 1 (the content of the ZIP entry), block 3 (the zip central directory) and block 4 (the zip end of the central directory) are protected, and any modification to block1,block 3 and block 4 after signing cannot escape the check of the new application signature scheme.

Only Android 7.0 and above supports v2 signature mechanism. Therefore, for Android 7.0 and above, if the v2 signature block is found during the installation process, the v2 signature mechanism must be adopted and cannot be bypassed. Otherwise, it is degraded to v 1 signature mechanism.

The signature mechanism of v 1 and v2 can coexist. When v 1 and v2 exist at the same time, in. SF file attribute of v 1 version META_INF, so it is impossible to check v 1 by bypassing v2.

The previous channel package generation scheme is to add an empty file to the META-INF directory and use the name of the empty file as the unique identifier of the channel. However, under the new application signature scheme, META-INF has been included in the protected area, and the scheme of adding empty files to META-INF will have an impact on block 1, 3,4.

You can refer to: Meituan Solution.

In Android 9.0, a new signature method is introduced, and its format is roughly similar to v2. In the signature block (APK signature block v2) inserted by V2, a new fast (Attr block) is added.

In this new block, our previous signature information and new signature information will be recorded, and the signature will be replaced and upgraded by the key wheel scheme. This means that as long as the old signing certificate is in hand, we can change the signature in the new APK file through it.

The new block (attr) added by v3 signature stores all the signature information, which is stored by a smaller block in the form of linked list.

Each node contains a signing certificate, which is used to sign the previous version of the application. The earliest signing certificate corresponds to the root node. The system will make the certificate in each node sign the next certificate in the list, thus providing evidence for each new key to prove that it should be as trustworthy as the old key.

This process is somewhat similar to the authentication process of CA certificate. The old signature of the installed application ensures that the new signature of cover the installation's APK is correct and the trust is passed.

It should be noted that in the case of cover the installation, signature verification only supports upgrading, not downgrading. That is to say, an APK with v 1 signature is installed on the equipment, so you can use the APK with v2 signature to come to cover the installation, otherwise it is not allowed.