[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27514 [Webpages/Website]: Add instructions how to verify signatures on Android



#27514: Add instructions how to verify signatures on Android
------------------------------+------------------------
 Reporter:  traumschule       |          Owner:  (none)
     Type:  task              |         Status:  new
 Priority:  Medium            |      Milestone:
Component:  Webpages/Website  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:  #3893             |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+------------------------

Comment (by traumschule):

 Please help to make this more useful for less advanced users:

 1. To show the applications signature you need the app Checkey. It can be
 installed via
 [https://f-droid.org/en/packages/info.guardianproject.checkey F-Droid] or
 from [https://github.com/guardianproject/checkey source], if you know how
 to do it.

 2. APK files are signed java JAR files, so you need the application
 jarsigner or [https://developer.android.com/studio/command-line/apksigner
 apksigner]

 {{{
 jarsigner -verify -verbose -certs my_application.apk
 }}}
 or
 {{{
 apksigner: apksigner verify --print-certs application-development-
 release.apk
 }}}

 Details: https://android.stackexchange.com/questions/9312/how-can-i
 -verify-the-authenticity-of-an-apk-file-i-downloaded

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27514#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs