I think we're finally understanding each other, Dan. I am using the public key as a secure way of identifying that the app is mine before I pass data back from the server. The CRC323 isn't really used. I do pass it as an extra piece of information that loosely identifies a specific build.
The key identifies the app as validly signed by me. The CRC32 just loosely says that this build is different from that build. I do not depend on it for anything important. On Oct 8, 6:00 am, DanH <danhi...@ieee.org> wrote: > I may have misinterpreted. Presumably there's a checksum of the APK > data in the signed certificate. I would assume (hope) that's a > cryptographically strong checksum. (If not, the entire Android > platform is in jeopardy.) > > If one wants a sure "signature" (in a generic sense) that uniquely and > reliably identifies a SPECIFIC version of code, that cryptographic > checksum would be what you want (though I don't know how you'd access > that). Otherwise, the public key (which Diane has finally explained > is what the package "signature" is) is a secure, reliable way to > identify the publisher (and, with the package name, the specific app > (though not it's version)). > > There's no point in creating a separate CRC32 over the app, to use as > an identity to send back to a server or whatever. > > On Oct 8, 6:21 am, Mark Murphy <mmur...@commonsware.com> wrote: > > > > > > > > > What CRC32 checksum? > > > Trevor Johns, in a discussion of LVL, offered up CRC32 as a means of > > helping detect tampering, but that was simply an example. Otherwise, I > > am coming up with zero references to the use of CRC32 with respect to > > APKs. > > > Do you have a pointer to somewhere in the open source code where they > > are using a CRC32 checksum in this fashion? > > > Thanks! > > > On Fri, Oct 8, 2010 at 7:12 AM, DanH <danhi...@ieee.org> wrote: > > > What I mean is that if the bad actor can manipulate the apk bytes > > > while still maintaining the same checksum, then the whole scheme is > > > insecure -- there's no point in having it signed. A CRC32 checksum is > > > easily spoofed -- the apk bytes need to be checksummed with a > > > cryptographic checksum of some sort. > > > -- > > Mark Murphy (a Commons > > Guy)http://commonsware.com|http://github.com/commonsguyhttp://commonsware.com/blog|http://twitter.com/commonsguy > > > Warescription: Three Android Books, Plus Updates, One Low Price! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
