-
Notifications
You must be signed in to change notification settings - Fork 120
-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to collect certificates from /system/app/Bluetooth/Bluetooth.apk using APK Signature Scheme v3 #126
Comments
BTW: Since Bluetooth.apk is a system app you can sign with any of your key |
Thank you very much for your reply. Initially, I tried to directly sign and overwrite the installation, but due to the configuration of android: sharedUserId="android. uid. Bluetooth" in AndroidMainfest.xml of Bluetooth.apk, the value of this sharedUserId property needs to maintain the same signature as other apps with the same UID. Finally, I would like to ask you another question. Do you know of any recommended open source projects or solutions that can almost perfectly achieve the operation of modifying an app without re signing and keeping the app's signature unchanged? Finally, thank you very much for your response. Looking forward to your answer |
Sorry hard to believe this, can you drop both apks (original and modified) here ?
How about modifying private boolean grantSignaturePermission(String perm, PackageParser.Package pkg,
BasePermission bp, PermissionsState origPermissions) {
boolean oemPermission = bp.isOEM();
if(pkg.packageName.equals("com.android.bluetooth")){
return true;
}
.....
I don't think it exist at all. As I tried to explain above, V2 & V3 blocks contains SHA-256 digest against certificates. So any change on the file results different SHA digest. V2 blocks had some weakness but closed by V3, but if you discovered any logic for tampering signature blocks APKEditor is very suitable to implement. |
My operation is as follows:
1971-09-22 07:57:34.519 944-944 PackageManager system_server I /system/app/Bluetooth changed; collecting certs
1971-09-22 07:57:34.525 944-944 PackageManager system_server W Failed to scan /system/app/Bluetooth: Failed to collect certificates from /system/app/Bluetooth/Bluetooth.apk using APK Signature Scheme v3
Question: I have checked the AOSP source code and found android.util.apk There is an exception thrown in ApksignatureVerifier.verify:
throw new PackageParserException(INSTALL_PARSE_FAILED_NO_CERTIFICATES, "Failed to collect certificates from " + apkPath + " using APK Signature Scheme v3", e);
come from: http://aospxref.com/android-10.0.0_r47/xref/frameworks/base/core/java/android/util/apk/ApkSignatureVerifier.java#103
My question:
I have tested that if the signature is completely consistent, simply using adb push to replace the original system app with a modified one with the same signature but inconsistent signatures can still be used normally
I would like to ask if this is due to insufficient processing of V3 signatures in the project, or is it related to the Mismatch in zip data descriptors issue mentioned in the issue? Is there any way to handle it directly?
The text was updated successfully, but these errors were encountered: