| Name | Date | Size | #Lines | LOC | ||
|---|---|---|---|---|---|---|
| .. | - | - | ||||
| CtsPkgInstallTinyAppV2V3V4-Sha512withEC.apk.idsig | D | 06-Sep-2024 | 4.8 KiB | |||
| CtsPkgInstallTinyAppV2V3V4-Verity.apk.idsig | D | 06-Sep-2024 | 6.9 KiB | |||
| CtsPkgInstallTinyAppV2V3V4.apk.idsig | D | 06-Sep-2024 | 6.9 KiB | |||
| CtsPkgInstallTinyAppV2V3V4.digests | D | 06-Sep-2024 | 104 | |||
| CtsPkgInstallTinyAppV2V3V4.digests.signature | D | 06-Sep-2024 | 2.4 KiB | |||
| HelloWorld5.digests | D | 06-Sep-2024 | 64 | |||
| HelloWorld5.digests.signature | D | 06-Sep-2024 | 2.4 KiB | |||
| HelloWorld5_hdpi-v4.digests | D | 06-Sep-2024 | 64 | |||
| HelloWorld5_hdpi-v4.digests.signature | D | 06-Sep-2024 | 2.4 KiB | |||
| HelloWorld5_mdpi-v4.digests | D | 06-Sep-2024 | 64 | |||
| HelloWorld5_mdpi-v4.digests.signature | D | 06-Sep-2024 | 2.4 KiB | |||
| cts-testkey1.x509.pem | D | 06-Sep-2024 | 1.6 KiB | 28 | 27 | |
| icon.png | D | 06-Sep-2024 | 9.2 KiB | |||
| icon_mono.png | D | 06-Sep-2024 | 876 | |||
| readme.txt | D | 06-Sep-2024 | 3.9 KiB | 42 | 33 | |
| test-cert.x509.pem | D | 06-Sep-2024 | 2.1 KiB | 36 | 35 | |
| test-key.pem | D | 06-Sep-2024 | 3.2 KiB | 53 | 52 |
readme.txt
1Fixed APKs, along with v4 signatures and digests used in ChecksumsTest.java. 2Has to be submitted instead of built to keep hashes constant. 3 4Generation of these apks was performed using the `apksigner` command-line tool, 5which lives at `tools/apksig/src/apksigner/java/com/android/apksigner/` in the 6android source tree. Please refer to the usage instructions there for how to 7sign APKs using different keystores, providers, etc. 8 9Source app: 10 cts/hostsidetests/appsecurity/test-apps/tinyapp 11 12Use this command to re-generate the apk and v4 signature file: 13 apksigner sign --v2-signing-enabled false --v3-signing-enabled false --v4-signing-enabled false --key cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.pk8 --cert cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.x509.pem -out cts/tests/tests/content/data/CtsPkgInstallTinyAppV1.apk cts/hostsidetests/appsecurity/res/pkgsigverify/original.apk 14 apksigner sign --v2-signing-enabled true --v3-signing-enabled true --v4-signing-enabled --key cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.pk8 --cert cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.x509.pem -out cts/tests/tests/content/data/CtsPkgInstallTinyAppV2V3V4.apk cts/hostsidetests/appsecurity/res/pkgsigverify/original.apk 15 apksigner sign --v2-signing-enabled true --v3-signing-enabled true --v4-signing-enabled --key cts/hostsidetests/appsecurity/certs/pkgsigverify/ec-p384.pk8 --cert cts/hostsidetests/appsecurity/certs/pkgsigverify/ec-p384.x509.pem -out cts/tests/tests/content/data/CtsPkgInstallTinyAppV2V3V4-Sha512withEC.apk cts/hostsidetests/appsecurity/res/pkgsigverify/original.apk 16 apksigner sign --v2-signing-enabled true --v3-signing-enabled true --v4-signing-enabled --verity-enabled --key cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.pk8 --cert cts/hostsidetests/appsecurity/certs/pkgsigverify/dsa-3072.x509.pem -out cts/tests/tests/content/data/CtsPkgInstallTinyAppV2V3V4-Verity.apk cts/hostsidetests/appsecurity/res/pkgsigverify/original.apk 17 18!Please note that all hardcoded hashes in ChecksumsTest.java will have to be changed! 19Use md5sum, sha1sum, sha256sum, sha512sum to regenerate full apk hashes. 20 21To enable signature check, use ApkChecksums.writeChecksums to store the required checksums: 22 CtsPkgInstallTinyAppV2V3V4.digests 23 HelloWorld5.digests 24 HelloWorld5_hdpi-v4.digests 25 HelloWorld5_mdpi-v4.digests 26 27Create a self-signed certificate: 28 openssl req -x509 -newkey rsa:4096 -nodes -keyout test-key.pem -out test-cert.x509.pem -days 36500 -subj "/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=incremental-dev@google.com" 29Sign: 30 openssl cms -sign -binary -nosmimecap -in CtsPkgInstallTinyAppV2V3V4.digests -signer test-cert.x509.pem -inkey test-key.pem -outform der -out CtsPkgInstallTinyAppV2V3V4.digests.signature 31 openssl cms -sign -binary -nosmimecap -in HelloWorld5.digests -signer test-cert.x509.pem -inkey test-key.pem -outform der -out HelloWorld5.digests.signature 32 openssl cms -sign -binary -nosmimecap -in HelloWorld5_hdpi-v4.digests -signer test-cert.x509.pem -inkey test-key.pem -outform der -out HelloWorld5_hdpi-v4.digests.signature 33 openssl cms -sign -binary -nosmimecap -in HelloWorld5_mdpi-v4.digests -signer test-cert.x509.pem -inkey test-key.pem -outform der -out HelloWorld5_mdpi-v4.digests.signature 34 35Verify the resulting signature: 36 openssl cms -verify -binary -in CtsPkgInstallTinyAppV2V3V4.digests.signature -inform der -CAfile test-cert.x509.pem -signer test-cert.x509.pem -content CtsPkgInstallTinyAppV2V3V4.digests 37Print out the content of the signature: 38 openssl pkcs7 -print -inform DER -in CtsPkgInstallTinyAppV2V3V4.digests.signature 39 40malformed.apk is a copy of CtsPkgInstallTinyAppV2V3V4.apk, and malformed.apk.idsig is a purposefully created idsig causing OOM 41 42cts-testkey1.x509.pem is a copy of cts/hostsidetests/appsecurity/certs/cts-testkey1.x509.pem