Sign APK with TREZOR #143
Sign APK with TREZOR #143
Comments
This issue now has a bounty-address via issuETH. |
We might be able to use signature scheme v3 : https://developer.android.com/preview/features/security-behav.html |
Interesting tweet by @prusnak https://twitter.com/pavolrusnak/status/982944347418177536 - not yet sure if he means ECDSA signatures here or also sees a way for RSA signatures already. I think we still need RSA to not need to increase the minSDK too much. |
We don't plan to include RSA in TREZOR, so this is about ECDSA only.
|
thanks for the info! Too bad - hoped a bit for RSA - will have to think about this a bit deeper - perhaps make a special flavor that is signed with the TREZOR that is minSDK 18 (for the record here the issue with the info that it is introduced with 18: https://issuetracker.google.com/issues/36956587 ) |
Every key in TREZOR comes from a deterministic hierarchy. While for
ECDSA it's (almost) true that any 256-bit random number is a private
key, this is not true for RSA (as keys need to be a prime couple). Thus
there is not an obvious way how to generate RSA key from hierarchy-
deterministic wallet.
|
Ah I see. My thinking was the following: the RSA key is encrypted on the SD-Card that is now available on the model T .. |
here some examples of ECDSA signed apk's: |
when digging a bit deeper I found this - so I will have to use SHA-1 - don't really want to use minSDK 21 - minSDK 18/19 is my acceptance limit currently.
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done This issue now has a funding of 0.3 ETH (183.28 USD @ $610.92/ETH) attached to it.
|
@omar408 Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
Yea I'm stil working on it |
@omar408 Hey Omar, unfortunately since we haven't seen a WIP PR in 8 days we're going to have to pull this one back to the crowd pretty soon. If you have any significant progress to show please respond with it so we can keep you on :) |
@omar408 Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
@rafaelboyero Hi Rafael, thanks for taking on this issue! Can you confirm that you're ready and able to turn around this issue? I just want to double check as I don't see any activity on your account. Please let us know within 24 hours to stay on the bounty :) |
@rafaelboyero Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
1 similar comment
@rafaelboyero Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
Hey @rafaelboyero unfortunately we'll have to return this issue to the crowd. If you think we've made a mistake please let us know! |
Issue Status: 1. Open 2. Started 3. Submitted 4. Done The funding of this issue was increased to 0.55 ETH (240.69 USD @ $437.61/ETH).
|
Issue Status: 1. Open 2. Started 3. Submitted 4. Done The funding of this issue was increased to 0.8 ETH (326.67 USD @ $408.33/ETH) .
|
@kenovska Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
Have acquired a Trezor hardware wallet (Trezor One). |
@kenovska Great! Happy coding!! |
@kenovska Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!
Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days |
Still working on it, here is an update: I have the trezor wallet in my power, and apparently the only type of ECDSA supported by both the device and the different APK signing schemes is NIST P-256. As a consequence, only this type of elliptic curve will be supported, if this project arrives to completion. I have my doubts of the feasibility of this project without delivering a modified firmware for the device the same way SSH key storage support is achieved, although I still have to explore the android-library to verify this. The nearest thing to signing an APK with the Trezor already implemented is signing a transaction, which occurs inside the device as the private key cannot leave the Trezor as far as I understood from the API workflows docs. This signing is made by parts, as the Trezor only has 64KB of memory versus the hundreds of KB a transaction may have. The hashing is made inside the Trezor. The only feasible way I imagine an APK signature can be done is by obtaining the digest of the APK in the computer, sending it to the Trezor, signing it inside the device as if it where a transaction, then retrieving the signature and incorporate it on the signature scheme. This might imply that the key pair used would be the same as for a bitcoin wallet. A developer would use a bitcoin account to sign her apps. I will explore this course of action in the following days. That is all for now. |
You should look at SignIdentity message. SignTx will not help you in
what you are trying to achieve.
|
Thanks for the tip! I will look onto it. PROGRESS: Working on connecting to the Trezor by USB using HID. |
@ghost any updates on this? Thanks! |
@ceresstation ghost is a Github fake user which is shown when the original user has deleted their account. So I guess, there won't be any updates on this. This issue is a very good and sad manifestation of how bounties rarely work in open source. If you don't have internal motivation to work on stuff, money won't help you that much. |
Closing this issue as this does not seem to go anywhere and I think I will go the java-card way here now. So I think the bounty should better go to: trezor/trezor-android#29 |
Issue Status: 1. Open 2. Cancelled The funding of 0.8 ETH (100.65 USD @ $125.81/ETH) attached to this issue has been cancelled by the bounty submitter
|
Motivation:
Bounty acceptance criteria:
Links:
https://android.googlesource.com/platform/cts/+/android-n-mr1-preview-1/hostsidetests/appsecurity/res/pkgsigverify?autodive=0%2F%2F
The text was updated successfully, but these errors were encountered: