[BUG] APK file got from the "Ad Hoc" menu has only the v1 signature scheme and you can't change that

Auto72 commented 5 years ago

Steps to Reproduce

Visual Studio 2019 is able to sign the APK file of your Xamarin Android project, through the "Archive", "Distribute ...", "Ad Hoc" menu options. I checked the signature of the .apk file i got , using the "apksigner.bat" file, that is part of the Android SDK ("C:\Users\\AppData\Local\Android\Sdk\build-tools\29.0.0") with the following command:

apksigner.bat verify --verbose --print-certs C:\App\temp\com.companyname.App1.apk

Verifies Verified using v1 scheme (JAR signing): true Verified using v2 scheme (APK Signature Scheme v2): false Number of signers: 1 ...

The apk file got from there is not signed with v2 signature scheme.

Expected Behavior

The apk file got from there should have at least the v2 signature scheme.

Actual Behavior

You get only v1 signature scheme of the apk file and you can't change that.

Version Information

Microsoft Visual Studio Enterprise 2019 Version 16.1.6 VisualStudio.16.Release/16.1.6+29102.190 Microsoft .NET Framework Version 4.8.03752

Installed Version: Enterprise

Visual C++ 2019 00435-60000-00000-AA907 Microsoft Visual C++ 2019

Application Insights Tools for Visual Studio Package 9.1.00429.1 Application Insights Tools for Visual Studio

ASP.NET and Web Tools 2019 16.1.429.50124 ASP.NET and Web Tools 2019

ASP.NET Web Frameworks and Tools 2019 16.1.429.50124 For additional information, visit https://www.asp.net/

Azure App Service Tools v3.0.0 16.1.429.50124 Azure App Service Tools v3.0.0

C# Tools 3.1.1-beta4-19281-06+58a4b1e79aea28115e66b06f850c83a3f1fcb6d3 C# components used in the IDE. Depending on your project type and settings, a different version of the compiler may be used.

Common Azure Tools 1.10 Provides common services for use by Azure Mobile Services and Microsoft Azure Tools.

Dotfuscator Community Edition 5.42.0.9514-e0e25f754 PreEmptive Protection - Dotfuscator CE

Extensibility Message Bus 1.1.77 (master@24013d5) Provides common messaging-based MEF services for loosely coupled Visual Studio extension components communication and integration.

ILSpy.AddIn 1.0 Integration of the ILSpy Decompiler into Visual Studio.

Microsoft Continuous Delivery Tools for Visual Studio 0.4 Simplifying the configuration of Azure DevOps pipelines from within the Visual Studio IDE.

Microsoft JVM Debugger 1.0 Provides support for connecting the Visual Studio debugger to JDWP compatible Java Virtual Machines

Microsoft Library Manager 1.0 Install client-side libraries easily to any web project

Microsoft MI-Based Debugger 1.0 Provides support for connecting Visual Studio to MI compatible debuggers

Microsoft Visual C++ Wizards 1.0 Microsoft Visual C++ Wizards

Microsoft Visual Studio Tools for Containers 1.1 Develop, run, validate your ASP.NET Core applications in the target environment. F5 your application directly into a container with debugging, or CTRL + F5 to edit & refresh your app without having to rebuild the container.

Microsoft Visual Studio VC Package 1.0 Microsoft Visual Studio VC Package

Mono Debugging for Visual Studio 16.1.1 (2473f22) Support for debugging Mono processes with Visual Studio.

NuGet Package Manager 5.1.0 NuGet Package Manager in Visual Studio. For more information about NuGet, visit https://docs.nuget.org/

ProjectServicesPackage Extension 1.0 ProjectServicesPackage Visual Studio Extension Detailed Info

ResourcePackage Extension 1.0 ResourcePackage Visual Studio Extension Detailed Info

SQL Server Data Tools 16.0.61904.23160 Microsoft SQL Server Data Tools

Syntax Visualizer 1.0 An extension for visualizing Roslyn SyntaxTrees.

TypeScript Tools 16.0.10506.2004 TypeScript Tools for Microsoft Visual Studio

Visual Basic Tools 3.1.1-beta4-19281-06+58a4b1e79aea28115e66b06f850c83a3f1fcb6d3 Visual Basic components used in the IDE. Depending on your project type and settings, a different version of the compiler may be used.

Visual F# Tools 10.4 for F# 4.6 16.1.0-beta.19253.3+42526fe359672a05fd562dc16a91a43d0fe047a7 Microsoft Visual F# Tools 10.4 for F# 4.6

Visual Studio Code Debug Adapter Host Package 1.0 Interop layer for hosting Visual Studio Code debug adapters in Visual Studio

Visual Studio Tools for Containers 1.0 Visual Studio Tools for Containers

VisualStudio.Mac 1.0 Mac Extension for Visual Studio

Xamarin 16.1.0.545 (d16-1@db7c858e8) Visual Studio extension to enable development for Xamarin.iOS and Xamarin.Android.

Xamarin Designer 16.1.0.418 (remotes/origin/d16-1@5b958bb10) Visual Studio extension to enable Xamarin Designer tools in Visual Studio.

Xamarin Templates 16.2.112 (4db4af4) Templates for building iOS, Android, and Windows apps with Xamarin and Xamarin.Forms.

Xamarin.Android SDK 9.3.0.23 (HEAD/d0b48056f) Xamarin.Android Reference Assemblies and MSBuild support. Mono: mono/mono/2018-08@3a07bd426d3 Java.Interop: xamarin/java.interop/d16-1@5ddc3e3 LibZipSharp: grendello/LibZipSharp/d16-1@44de300 LibZip: nih-at/libzip/rel-1-5-1@b95cf3f ProGuard: xamarin/proguard/master@905836d SQLite: xamarin/sqlite/3.27.1@8212a2d Xamarin.Android Tools: xamarin/xamarin-android-tools/d16-1@acabd26

Xamarin.iOS and Xamarin.Mac SDK 12.10.0.157 (6bd9475) Xamarin.iOS and Xamarin.Mac Reference Assemblies and MSBuild support.

Log File

apksigner.bat verify --verbose --print-certs C:\App\temp\com.companyname.App1.apk

Verifies Verified using v1 scheme (JAR signing): true Verified using v2 scheme (APK Signature Scheme v2): false Number of signers: 1 ...

edetoc commented 5 years ago

To add on what @Auto72 described, we added two packaging properties in the .csproj in order to use ApkSigner (instead of default Jarsigner) and enable v2 signing:

<AndroidUseApkSigner>True</AndroidUseApkSigner>
<AndroidApkSignerAdditionalArguments>--v2-signing-enabled true</AndroidApkSignerAdditionalArguments>

The detailed build output for Release, shows the APK is now signed with v2 scheme signature:

2>C:\Program Files\Java\jdk1.8.0_172\\bin\keytool.exe -list -alias androiddebugkey -storepass android -keypass android -keystore "C:\Users\e_det\AppData\Local\Xamarin\Mono for Android\debug.keystore" 
2>D:\Android-Sdk\build-tools\27.0.3\zipalign.exe 4 "D:\Case_Work\x.y\App1\App1\obj\Release\90\android\bin\com.companyname.App1.apk" "bin\Release\\com.companyname.App1-Signed.apk" 
2>C:\Program Files\Java\jdk1.8.0_172\\bin\java.exe -jar D:\Android-Sdk\build-tools\27.0.3\lib\apksigner.jar sign --ks "C:\Users\e_det\AppData\Local\Xamarin\Mono for Android\debug.keystore" --ks-pass pass:android --ks-key-alias androiddebugkey --key-pass pass:android --min-sdk-version 26 --max-sdk-version 28 --v2-signing-enabled true  D:\Case_Work\x.y\App1\App1\bin\Release\com.companyname.App1-Signed.apk 
2>Signed android package 'bin\Release\com.companyname.App1-Signed.apk'

Here's the signature verification :

C:\Program Files\Java\jdk1.8.0_172\bin>java.exe -jar D:\Android-Sdk\build-tools\27.0.3\lib\apksigner.jar verify --verbose --print-certs D:\Case_Work\x.y\App1\App1\bin\Release\com.companyname.App1-Signed.apk
Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
Signer #1 certificate DN: CN=Android Debug, O=Android, C=US
Signer #1 certificate SHA-256 digest: 7927a0b70db199c67b349ad8b2f855281859db7265cbd3e2babbfb6120f2e94c
Signer #1 certificate SHA-1 digest: a890f472c8f5b65548eabab4c326e1d721bf04a9
Signer #1 certificate MD5 digest: 9afb29698027732cad638972e447494c
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: 5e0d4e4618ec6eca1f24a69730a087aefd961ca763ceb03d23f75f40e1b65edc
Signer #1 public key SHA-1 digest: 4fadb8a1e132315cff5ac6bd6fda56635227fe2b
Signer #1 public key MD5 digest: c0c91bec51a19e28818f84be51e89fc7

HOWEVER when doing "Archive"-> "Distribute ..." -> "Ad Hoc” the resulting signed APK is always scheme v1 (even though the .csproj is configured with AndroidUseApkSigner and AndroidApkSignerAdditionalArguments properties). A Process Monitor confirms that jarsigner is used in this case, and not ApkSigner as defined in the .csproj

so it seems that v1 scheme is 'hardcoded' when creating the archive for distribution. We don't see an option to change this.

dellis1972 commented 5 years ago

Looking at the Archive Tooling code, it does already support apksigner. But it does ignore the setting in the csproj. If it can find apksigner in the build-tools it will use it. So first thing is to make sure your build-tools is up to date, and remove older versions of the build-tools. Also check to see how many copies of the Android SDK are installed on your machine, its possible that there are multiple copies which have different versions of build-tools.

Generally if you are targeting api level 28, you should be using build-tools that match (ie 28).

Next looking at the apksigner docs the signing scheme is dependent on the min/max api level settings I the manifest.

--v1-signing-enabled Whether to enable signing using JAR signing scheme (aka v1 signing scheme) used in Android since day one. By default, signing using this scheme is enabled based on min and max SDK version (see --min-sdk-version and --max-sdk-version).

--v2-signing-enabled Whether to enable signing using APK Signature Scheme v2 (aka v2 signing scheme) introduced in Android Nougat, API Level 24. By default, signing using this scheme is enabled based on min and max SDK version (see --min-sdk-version and --max-sdk-version).

--v3-signing-enabled Whether to enable signing using APK Signature Scheme v3 (aka v3 signing scheme) introduced in Android P, API Level 28. By default, signing using this scheme is enabled based on min and max SDK version (see --min-sdk-version and --max-sdk-version). Multiple signers are not supported when using v3 signing, but multiple signers may be provided in conjunction with the "lineage" option to make sure that the app is signed by an appropriate signer on all supported platform versions.

--min-sdk-version Lowest API Level on which this APK's signatures will be verified. By default, the value from AndroidManifest.xml is used. The higher the value, the stronger security parameters are used when signing.

--max-sdk-version Highest API Level on which this APK's signatures will be verified. By default, the highest possible value is used.

So if you are using a min sdk values of say 9 or 14 you will get a lower signing scheme. It might be worth looking a what your min/max sdk values are to see if that is causing it to default to v1.

If the Archive system is not picking up apksigner after updating build tools, then this will be a bug in the IDE based code.

Auto72 commented 5 years ago

The build-tools are up to date and I removed the older versions of the build-tools. The min/max api level settings in the manifest are the following:

uses-sdk android:minSdkVersion="24" android:targetSdkVersion="28"

I rebuilt the project in release mode and exported the apk file with the "Ad Hoc" menu, but I get the same issue. The apk is still signed with the v1 scheme.

C:\App\temp>"C:\Program Files (x86)\Android\android-sdk\build-tools\28.0.3\apksigner.bat" verify --verbose --print-certs com.companyname.App1.apk Verifies Verified using v1 scheme (JAR signing): true Verified using v2 scheme (APK Signature Scheme v2): false

I attach few pictures and the xamarin android project I used, so you can test it

App1.zip apksigner_location build_tools_after build_tools_before