Android APK, Self Signing

I am开发者_运维百科 working on a proof of concept related to attestation of a software component ( to be specific, an apk file ) on an android device. To that end I did the following:

1. I programmatically retrieved the digests stored in META/CERT.SF of an application installed on my android tablet( say maps.apk), belonging to AndroidManifest.xml, resources.arsc and classes.dex.

2. Then, I computed the SHA-1 digests of these files and after that did base64 on those digests. I was able match these to the ones in step 1.

My question is, where is the role of public key stored in META-INF/CERT.RSA? Aren’t Digests stored in META-INF/CERT.SF supposed to be signed by private key corresponding to the public key in META-INF/CERT.RSA?

The real question is: What is the role of CERT.SF??

The file CERT.SF does NOT contain signed data but it is build from MANIFEST.MF only. This means it does not contain any information that cannot be extracted from MANIFEST.MF.

The CERT.RSA or CERT.DSA (depending on the algorithm used) file contains the actual signature for CERT.SF. To build CERT.RSA from CERT.SF the private key is needed...

-- EDIT --

Sorry. First time I read your question I understood it in another way.

The first step for checking the integrity of the archive is really checking if the hashes in CERT.SF are correct. Next step is to check if CERT.SF itself has been modified.

This is done using CERT.RSA and can be done in two ways:

1. If you have the public key of the signer of the file you use this key to check the signature; you ignore the public key in the RSA file. In this case you are sure the file has been modified by the person that signed with his private key.

2. An RSA file always contains the public key and the name/address of the owner of this key. This information is signed using (the same or another) private key. If the person/organisation that signed the key/name in the RSA file can be trusted and you have the public key of the organisation you know at least that the name/address in the file was the person that last modified the file.

For "self-signed certificates" (you do not have a trustable public key) there is no possibility to check the file...

Signing is NOT used to check if the file has not been changed. This would be done just by hashing manifest.mf. The one who has the private key can modify the software in any way!

Martin