Opened 3 weeks ago

Last modified 30 hours ago

#26536 needs_information task

Create APK signing keys

Reported by: sysrqb Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-mobile
Cc: igt0, gk Actual Points:
Parent ID: #26531 Points:
Reviewer: Sponsor:

Description

This is the ticket so we can decide how we create it, where we store it, what mechanisms can we use for securing it.

Child Tickets

Change History (1)

comment:1 Changed 30 hours ago by sysrqb

Status: newneeds_information

It appears we can create and store the key offline.

I was hoping we could create an "identity" key and a "signing" key for Android, but it seems like this won't work. Specifically, newer versions of Android support signing an app where the public key for verifying the signature is stored in two places. The first place is at the end of the signing block. This key has only one purpose - for verifying the signing block signatures are valid. The second place is the public key is stored within the signing block but here we may include a certificate chain. I was hoping we could create a long-term identity key and then a short-term signing keys, similar to PGP primary key and subkeys. However, from my code diving, Android does not verify the certificate chain embedded in the app. Android only verifies the first (leaf) certificate in the embedded certificate chain contains the same public key as the public key provided at the end of the signing block used for verifying the signature.

We should generate the key offline - Hans published a nice script for this (although its a little old) https://github.com/guardianproject/smartcard-apk-signing/blob/master/openssl-gen/gen.sh

We can use a Yubikey or Nitrokey for storing the key. I'll feel more comfortable if we have more than one copy of the key.

Newer versions of Android support something called (upgrade) keysets for verifying the apps authenticity. I'm not sure how we can use it yet. I think it allows for adding more signatures using more keys, but I'm not sure if there's a way we can use it for rotating keys.

With all this being said, we can likely generate our first APK signing key using a similar method as the Tor Browser PGP signing key - using an offline laptop booted with TAILS, etc.

Note: See TracTickets for help on using tickets.