Menu
I want to know what are the differences between a MANIFEST.MF file and a .SF file in the Android context.
As I can see, MANIFEST.MF file has the sha1 digest of each source file of an Android .apk.
However .SF also lists all sources and computes a SHA1 digest. On what is this digest value computed??
Any ideas?
Also how to view a .RSA(Signature block file)?
Thanks in advance
561
Jar files are used by all types of java applications, they have a specific structure - the META-INF folder contains the manifest information and other metadata about the java package carried by the jar file.
MF contains sha1-digest encoded in base64 for all the files in apk, CERT. SF contains sha1-digest of file MANIFEST. MF and all items in it, and CERT. RSA contains signature for file CERT.
The digests in the .SF file are computed by hashing the 3 lines of the corresponding entry in the .MF file. The .RSA (or .DSA) file contains a signature of the .SF file created from the signing private key, along with the public certificate chain of the signing key. The .RSA (or .DSA) file is in a binary (i.e. non-human readable) format that can be programmatically parsed with effort. More information can be found at http://download.oracle.com/javase/1.3/docs/tooldocs/win32/jarsigner.html
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
