Can I specify digest algorithm apksigner uses?

Question

Due to recent SHA1-collision news, I want to ensure that SHA1 is no longer used in my apk signing. However I cannot find a parameter in apksigner.

Is there a way to

Answer 1

Not directly. apksigner attempts to use only secure digests and signing algorithms, but it does that within the constraints imposed by your signing key (size, algorithm) and Android platform versions supported by the APK being signed. In particular, for JAR signatures, apksigner uses SHA-256 or stronger by default, but only for APKs which support only API Level 18 or newer (as declared in minSdkVersion in their AndroidManifest.xml). APKs which run on earlier platforms must use SHA-1 because these earlier platforms don't support verifying APKs using SHA-256 or stronger. For APK Signature Scheme v2 signature, only SHA-256 or stronger is used, because this signature scheme does not even support SHA-1.

If you want apksigner to sign your APK with SHA-256, you can:

• Set the APK's minSdkVersion to 18 or higher, but this will make Android platforms with API Level 17 and lower reject the APK at install time.
• Pass in --min-sdk-version=18 to apksigner, but this will make Android platforms with API Level 17 and lower reject the APK at install time.
• Sign the APK only with APK Signature Scheme v2, by passing in --v1-signing-enabled=false to apksigner, but this will make Android platforms with API Level 23 and lower reject the APK at install time.

P. S. Even if you switched to signing your APKs using only SHA-256, Android will still accept APKs with your package name and signing cert, signed with SHA-1 or MD5. So, depending on your threat model, you may need to switch to new signing keys which have never been used with SHA-1 or weaker digest algorithms. And this is not only for the digest algorithm used in the actual cryptographic signature, but also for the digest algorithms used in .SF and MANIFEST.MF files.