You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.6 KiB
34 lines
1.6 KiB
# pkgsigverify
|
|
|
|
## Valid cases
|
|
|
|
APKs in this directory are used by `PkgInstallSignatureVerificationTest`.
|
|
See that class for additional information about their use.
|
|
|
|
In general, they are differently signed forms of the tinyapp APK and follow
|
|
the following naming scheme:
|
|
|
|
`${version}-with-${signing-algorithm}-${OID-params}-${keysize}-${extra_info}`
|
|
|
|
where some fields may not be present, but have the following meaning:
|
|
|
|
- version: denotes which APK Signature Scheme (v1, v2, and/or v3) was used
|
|
- signing-algorithm: indicates how the signature was generated
|
|
- OID-params: PKI object identifiers indicating how to use the provided key
|
|
to generate the signature. See, e.g. rfc3279 and rfc4055.
|
|
- keysize: the size of the key used for signing
|
|
- extra_info: additional notes to distinguish packages. Currently this denotes
|
|
which test certificates were used to generate a proof-of-rotation object,
|
|
if one exists, included in the signing block of the APK, as well as the
|
|
capabilities of those certificates according to APK Signature Scheme v3.
|
|
|
|
Generation of these apks was performed using the `apksigner` command-line tool,
|
|
which lives at `tools/apksig/src/apksigner/java/com/android/apksigner/` in the
|
|
android source tree. Please refer to the usage instructions there for how to
|
|
sign APKs using different keystores, providers, etc. The generation commands
|
|
for some of the APKs are in `generate-apks.sh`.
|
|
|
|
## Invalid cases
|
|
|
|
Some of the APKs in this directory were generated by modifying the apksig library (see
|
|
README in tools/apksig/) to create invalid or unsupported outcomes (e.g. ag/11575267). |