Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PackageSignatures from adb shell dumpsys

Tags:

android

security

adb

I would like to know what exactly means the hashes from the field PackageSignatures when you obtain it with

adb shell dumpsys package com.myapp

for a given installed app.

I see two hashes:

signatures=PackageSignatures{abcabca [xyzxyzxy]}

The first one (abc) is different in each installation. The second one (xyz) is fixed for a given apk.

Moreover, I would like to know whether the second one has any relationship with the public signature of the APK. I have several apks with the same public signature, but the second hash is different. Is that normal?

like image 381
Fran J Martínez Avatar asked Nov 07 '18 14:11

Fran J Martínez

1 Answers

The signatures line on a recent Android version looks as follows: 

signatures=PackageSignatures{9122424 version:2, signatures:[bbb2e2d2], past signatures:[]}

To understand this line we just have to look into the AOSP source code: PackageSignatures.java

First part

The first part abcabca comes from System.identityHashCode(this). Hence it generated the Java hashcode fro the current PackageSignatures instance. As this class has only one filed PackageParser.SigningDetails mSigningDetails; the hash code totally depends on the fields of the class SigningDetails:

  • Signature[] signatures;
  • int signatureSchemeVersion;
  • ArraySet publicKeys;

Version part (newer Android versions)

Your used Android version seems to be a bit old, as nowadays the second part is the signatureSchemeVersion - at the moment there are three signature schemes known: V1 (jarsigner), v2 and v3.

Third part (signatures)

The signatures you are interested in is generated by the following code:

Integer.toHexString(mSigningDetails.signatures[i].hashCode())

Where signatures[i] is an instance of the class [android.content.pm.Signature](https://github.com/aosp-mirror/platform_frameworks_base/blob/master/core/java/android/content/pm/Signature.java ).

The hashCode() is defined in this class to be generated by Arrays.hashCode(mSignature); where mSignature is a byte array that seem to contain the encoded version of the used X.509 signature certificate. Alternatively the raw byte[] can be supplied, hence it is difficult to tell the concrete content.

But from my understanding on your device this part should be directly linked to the signature of the APK file.

like image 124
Robert Avatar answered Nov 15 '22 01:11

Robert
Sign in to Comment

Related questions

Synchronization between Context.openFileInput and Context.openFileOutput
Android getOrientation description does not match output values
Databinding errors after migrating to AndroidX
java.lang.NoClassDefFoundError: Failed resolution of: Landroid/webkit/SafeBrowsingResponse
How to record microphone to more compressed format during WebRTC call on Android?
Activity layout jumping behind statusbar, when updated from Fragment
React Native: android emulator won't show up developer menu
RecyclerView doesn't Update until Soft Keyboard is Open/Close
With a Cordova Android Project, getting error - Failed to find target with hash string 'android-26'
Can I send exoplayer buffered data to other activity exoplayer
Google Play and Launcher launched separated activities
How can I update a TypeConverted column of an entity in Room Dao function
How to diagnose notifications that have a GCM outcome of 'Success' but don't reach the device
Sign in issue using Facebook Authentication
Exception raised during rendering: 16 (Details)
How to use Android Selector to change item color in PopupMenu?
How to use google-services.json and Google Maps API key?
How do I use firebase firestore for my desktop app?
How to pass Complex Types of Objects to WorkManager in android. i.e lists, maps, POJO
How to create youtube's double-tap gesture on Android?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!