Found an APK inside another APK










1














for some testing purposes I use the Google Pixels 2 with the Android Version 8.0. Yes I know there is an Update to 9.0 but I do not want to right now.



On this Device there is the Google keep App (Pakage: com.google.android.keep) installed. I pulled this App via ADB, renamed to .zip and extracted it to a folder. Now I found another APK inside the /res/raw folder and I do not know why there is a second APK. Please explain to me why there is a second APK. Is there any security reason to do so? Also if I try to verify the signature I receive the error:



DOES NOT VERIFY



ERROR: APK Signature Scheme v2 signer #1: Malformed additional attribute #1



i used the apksignier but with jarsigner I do not receive any error. There i receive jar verified and some Warnings. Now I think its probably one of the Warnings which is causing my error with apksigner.



Warning:



This jar contains entries whoes certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to request target.



and some Timestamp error which I do not think will cause the error. The algorithm which is used by this app is MD5withRSA. Maybe it throws the error because MD5withRSA is a security risk.



I also deinstalled the APK und reinstalled it via Google Playstore but it still contains two APKs and the signature failed too.



Every advice is appreciated.




EDIT:



It seems that this second APKs are Android-Wear OS APKs. Seems like the second APK problem is solved but i still get the signature error.










share|improve this question




























    1














    for some testing purposes I use the Google Pixels 2 with the Android Version 8.0. Yes I know there is an Update to 9.0 but I do not want to right now.



    On this Device there is the Google keep App (Pakage: com.google.android.keep) installed. I pulled this App via ADB, renamed to .zip and extracted it to a folder. Now I found another APK inside the /res/raw folder and I do not know why there is a second APK. Please explain to me why there is a second APK. Is there any security reason to do so? Also if I try to verify the signature I receive the error:



    DOES NOT VERIFY



    ERROR: APK Signature Scheme v2 signer #1: Malformed additional attribute #1



    i used the apksignier but with jarsigner I do not receive any error. There i receive jar verified and some Warnings. Now I think its probably one of the Warnings which is causing my error with apksigner.



    Warning:



    This jar contains entries whoes certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to request target.



    and some Timestamp error which I do not think will cause the error. The algorithm which is used by this app is MD5withRSA. Maybe it throws the error because MD5withRSA is a security risk.



    I also deinstalled the APK und reinstalled it via Google Playstore but it still contains two APKs and the signature failed too.



    Every advice is appreciated.




    EDIT:



    It seems that this second APKs are Android-Wear OS APKs. Seems like the second APK problem is solved but i still get the signature error.










    share|improve this question


























      1












      1








      1


      1





      for some testing purposes I use the Google Pixels 2 with the Android Version 8.0. Yes I know there is an Update to 9.0 but I do not want to right now.



      On this Device there is the Google keep App (Pakage: com.google.android.keep) installed. I pulled this App via ADB, renamed to .zip and extracted it to a folder. Now I found another APK inside the /res/raw folder and I do not know why there is a second APK. Please explain to me why there is a second APK. Is there any security reason to do so? Also if I try to verify the signature I receive the error:



      DOES NOT VERIFY



      ERROR: APK Signature Scheme v2 signer #1: Malformed additional attribute #1



      i used the apksignier but with jarsigner I do not receive any error. There i receive jar verified and some Warnings. Now I think its probably one of the Warnings which is causing my error with apksigner.



      Warning:



      This jar contains entries whoes certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to request target.



      and some Timestamp error which I do not think will cause the error. The algorithm which is used by this app is MD5withRSA. Maybe it throws the error because MD5withRSA is a security risk.



      I also deinstalled the APK und reinstalled it via Google Playstore but it still contains two APKs and the signature failed too.



      Every advice is appreciated.




      EDIT:



      It seems that this second APKs are Android-Wear OS APKs. Seems like the second APK problem is solved but i still get the signature error.










      share|improve this question















      for some testing purposes I use the Google Pixels 2 with the Android Version 8.0. Yes I know there is an Update to 9.0 but I do not want to right now.



      On this Device there is the Google keep App (Pakage: com.google.android.keep) installed. I pulled this App via ADB, renamed to .zip and extracted it to a folder. Now I found another APK inside the /res/raw folder and I do not know why there is a second APK. Please explain to me why there is a second APK. Is there any security reason to do so? Also if I try to verify the signature I receive the error:



      DOES NOT VERIFY



      ERROR: APK Signature Scheme v2 signer #1: Malformed additional attribute #1



      i used the apksignier but with jarsigner I do not receive any error. There i receive jar verified and some Warnings. Now I think its probably one of the Warnings which is causing my error with apksigner.



      Warning:



      This jar contains entries whoes certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to request target.



      and some Timestamp error which I do not think will cause the error. The algorithm which is used by this app is MD5withRSA. Maybe it throws the error because MD5withRSA is a security risk.



      I also deinstalled the APK und reinstalled it via Google Playstore but it still contains two APKs and the signature failed too.



      Every advice is appreciated.




      EDIT:



      It seems that this second APKs are Android-Wear OS APKs. Seems like the second APK problem is solved but i still get the signature error.







      android google-apps android-security google-keep






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 15 at 8:19

























      asked Nov 12 at 8:01









      Xesraw

      94




      94



























          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function ()
          StackExchange.using("externalEditor", function ()
          StackExchange.using("snippets", function ()
          StackExchange.snippets.init();
          );
          );
          , "code-snippets");

          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "1"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53257959%2ffound-an-apk-inside-another-apk%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown






























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53257959%2ffound-an-apk-inside-another-apk%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          這個網誌中的熱門文章

          How to read a connectionString WITH PROVIDER in .NET Core?

          Node.js Script on GitHub Pages or Amazon S3

          Museum of Modern and Contemporary Art of Trento and Rovereto