Insecure Signature Algorithm
 |
LOW | ||
| Detection method | SAST APK |
Description
An algorithm used for APK signature is considered to be insecure.
Signature algorithms (MD2withRSA, MD5withRSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA) based on hash functions MD2, MD5, SHA1 and other outdated encryption algorithms contain known vulnerabilities and are prone to collisions. The main risk in using of a weak key is that a malicious person could break it to forge APK signatures. Thereafter, the malicious APK signed with your key could be installed as an update for your application. Depending on how a key is used in an application, there are other possible attacks involving a compromised key.
Also, some application stores (for example, by Huawei) don't recommend signing an application using such algorithms. Moreover, they don't allow uploading such applications.
Recommendations
To repair this vulnerability, you need to sign an application using up-to-date algorithms, such as SHA256withRSA or SHA512withRSA. Note, that earlier Android versions may not support algorithms beyond SHA1. This article highlights the above problem and provides guidance through the process of signature changing.
Example: Generation of key using SHA512withRSA
keytool -genkey -v -keystore test.keystore -alias testkey -keyalg RSA -keysize 4096 -sigalg SHA512withRSA -dname "cn=Test,ou=Test,c=CA" -validity 10000
Example: Signature with a generated key
jarsigner -verbose -sigalg SHA512withRSA -digestalg SHA512 -keystore test.keystore test.apk testkey