New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign APK with TREZOR #143

Closed
ligi opened this Issue Dec 19, 2017 · 30 comments

Comments

Projects
None yet
5 participants
@ligi
Member

ligi commented Dec 19, 2017

Motivation:

  • Hardware wallets like the TREZOR can be a great and secure way to sign APKs
  • Currently I am signing WallETH with an old separate offline laptop - but the process is painful (USB stick juggling) and when I am on the road I most of the time do not have this offline laptop with me - this might be bad if e.g. a urgent HotFix is needed
  • Backups of signing keys are important - if you loose your key you are not able to publish an update of the app anymore - usually people do backups of their hardware wallet - so this could also be a good argument for using a HardWare wallet here
  • Signing keys are often not handled with the care they deserve (I have seen companies having them on the CI-Server with the potential of extracting them with a PR ..) If the process is easy with a Hardware wallet perhaps we can convince more people to treat signing keys with more respect

Bounty acceptance criteria:

  • Deliver a small CLI program that allows to sign APKs with a TREZOR
  • That program should be written in Kotlin or Java - I would prefer Kotlin. Limiting the languages has 2 main reasons: 1) I want to be able to give it a meaningful review 2) Make a potential future reuse in an Android app easier
  • Should not need modifications of the TREZOR firmware (If there are good reasons that this is needed there might be an exemption - e.g. if one would go the extra mile of supporting RSA to lower the minSDK)
  • Support signature scheme v1 and optionally v2 - but at least v1 so we do not have a high impact on the minSDK
  • support to specify a derviation path so different APKs can be signed with different keys

Links:

@issueth

This comment has been minimized.

issueth bot commented Dec 19, 2017

This issue now has a bounty-address via issuETH.

Your bounty-address is eabf879012b5aa7968103bf9c932b7e3ca27744b
Watch on rinkeby
Watch on main

@ligi ligi added bounty 🥇 and removed bounty 🥇 labels Dec 19, 2017

@ligi

This comment has been minimized.

Member

ligi commented Mar 11, 2018

We might be able to use signature scheme v3 : https://developer.android.com/preview/features/security-behav.html

@ligi

This comment has been minimized.

Member

ligi commented Apr 9, 2018

Interesting tweet by @prusnak https://twitter.com/pavolrusnak/status/982944347418177536 - not yet sure if he means ECDSA signatures here or also sees a way for RSA signatures already. I think we still need RSA to not need to increase the minSDK too much.

@prusnak

This comment has been minimized.

prusnak commented Apr 9, 2018

@ligi

This comment has been minimized.

Member

ligi commented Apr 9, 2018

thanks for the info! Too bad - hoped a bit for RSA - will have to think about this a bit deeper - perhaps make a special flavor that is signed with the TREZOR that is minSDK 18 (for the record here the issue with the info that it is introduced with 18: https://issuetracker.google.com/issues/36956587 )
Do you have a link with some information what the problem with including RSA is?

@prusnak

This comment has been minimized.

prusnak commented Apr 9, 2018

@ligi

This comment has been minimized.

Member

ligi commented Apr 9, 2018

Ah I see. My thinking was the following: the RSA key is encrypted on the SD-Card that is now available on the model T ..

@ligi

This comment has been minimized.

@ligi

This comment has been minimized.

Member

ligi commented May 30, 2018

when digging a bit deeper I found this - so I will have to use SHA-1 - don't really want to use minSDK 21 - minSDK 18/19 is my acceptance limit currently.

} else if ("DSA".equalsIgnoreCase(keyAlgorithm)) {
            // Prior to API Level 21, only SHA-1 can be used with DSA                                                                             
            if (minSdkVersion < 21) {
                return DigestAlgorithm.SHA1;
            } else {
                return DigestAlgorithm.SHA256;
            }
        }

@ligi ligi changed the title from Sign WALLETH APK with TREZOR to Sign APK with TREZOR Jun 5, 2018

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jun 5, 2018

Issue Status: 1. Open 2. Started 3. Submitted 4. Done


This issue now has a funding of 0.3 ETH (183.28 USD @ $610.92/ETH) attached to it.

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jun 10, 2018

@omar408 Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

@omar408

This comment has been minimized.

omar408 commented Jun 11, 2018

Yea I'm stil working on it

@ceresstation

This comment has been minimized.

ceresstation commented Jun 14, 2018

@omar408 Hey Omar, unfortunately since we haven't seen a WIP PR in 8 days we're going to have to pull this one back to the crowd pretty soon. If you have any significant progress to show please respond with it so we can keep you on :)

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jun 16, 2018

@omar408 Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

@ceresstation

This comment has been minimized.

ceresstation commented Jun 20, 2018

@rafaelboyero Hi Rafael, thanks for taking on this issue! Can you confirm that you're ready and able to turn around this issue? I just want to double check as I don't see any activity on your account. Please let us know within 24 hours to stay on the bounty :)

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jun 23, 2018

@rafaelboyero Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

1 similar comment
@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jun 23, 2018

@rafaelboyero Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

@ceresstation

This comment has been minimized.

ceresstation commented Jul 3, 2018

Hey @rafaelboyero unfortunately we'll have to return this issue to the crowd. If you think we've made a mistake please let us know!

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Jul 13, 2018

Issue Status: 1. Open 2. Started 3. Submitted 4. Done


The funding of this issue was increased to 0.55 ETH (240.69 USD @ $437.61/ETH).

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Aug 7, 2018

Issue Status: 1. Open 2. Started 3. Submitted 4. Done


The funding of this issue was increased to 0.8 ETH (326.67 USD @ $408.33/ETH) .

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Aug 12, 2018

@kenovska Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

@ghost

This comment has been minimized.

ghost commented Aug 14, 2018

Have acquired a Trezor hardware wallet (Trezor One).
Will receive this weekend and work with that.

@ligi

This comment has been minimized.

Member

ligi commented Aug 14, 2018

@kenovska Great! Happy coding!!

@gitcoinbot

This comment has been minimized.

gitcoinbot commented Aug 24, 2018

@kenovska Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

  • warning (3 days)
  • escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

@ghost

This comment has been minimized.

ghost commented Aug 24, 2018

Still working on it, here is an update:

I have the trezor wallet in my power, and apparently the only type of ECDSA supported by both the device and the different APK signing schemes is NIST P-256.

As a consequence, only this type of elliptic curve will be supported, if this project arrives to completion.

I have my doubts of the feasibility of this project without delivering a modified firmware for the device the same way SSH key storage support is achieved, although I still have to explore the android-library to verify this.

The nearest thing to signing an APK with the Trezor already implemented is signing a transaction, which occurs inside the device as the private key cannot leave the Trezor as far as I understood from the API workflows docs.

This signing is made by parts, as the Trezor only has 64KB of memory versus the hundreds of KB a transaction may have. The hashing is made inside the Trezor.

The only feasible way I imagine an APK signature can be done is by obtaining the digest of the APK in the computer, sending it to the Trezor, signing it inside the device as if it where a transaction, then retrieving the signature and incorporate it on the signature scheme.

This might imply that the key pair used would be the same as for a bitcoin wallet. A developer would use a bitcoin account to sign her apps.

I will explore this course of action in the following days.

That is all for now.

@prusnak

This comment has been minimized.

prusnak commented Aug 25, 2018

@ghost

This comment has been minimized.

ghost commented Sep 1, 2018

You should look at SignIdentity message. SignTx will not help you in what you are trying to achieve.

Thanks for the tip! I will look onto it.

PROGRESS: Working on connecting to the Trezor by USB using HID.

@ceresstation

This comment has been minimized.

ceresstation commented Sep 18, 2018

@ghost any updates on this? Thanks!

@prusnak

This comment has been minimized.

prusnak commented Sep 19, 2018

@ceresstation ghost is a Github fake user which is shown when the original user has deleted their account. So I guess, there won't be any updates on this.

This issue is a very good and sad manifestation of how bounties rarely work in open source. If you don't have internal motivation to work on stuff, money won't help you that much.

@ligi

This comment has been minimized.

Member

ligi commented Nov 25, 2018

Closing this issue as this does not seem to go anywhere and I think I will go the java-card way here now. So I think the bounty should better go to: trezor/trezor-android#29

@ligi ligi closed this Nov 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment