AllowedAPKSigningKeys can be bypassed for APKs with v1-only signatures

(Since we've been discussing this on an internal chat, I couldn't find an issue for this I'm starting a new one to keep track of this)

According to https://www.openwall.com/lists/oss-security/2025/01/03/1, AllowedAPKSigningKeys can be bypassed by maliciously putting \n (newline) characters into filename fields in zip-file headers.

Here's a short assessment of this finding:

• AllowedAPKSigningKeys is only relevant for reproducible builds. (Currently 300-400 apps on f-droid.org, so only a fraction)
• To be affected APKs have to be signed with APK signing scheme v1. v2 signatures were introduced on Android 7 (2016, api level 24) and v2 signatures are mandatory for apps targeting Android 11 (2020, api level 30) or newer. So additional the prior mentioned reproducible builds in place, susceptible apps have to be hopelessly outdated as well.
• Currently there are 14 apps on f-droid.org that match this criteria.
• Additionally the web-servers providing the reproducible binaries for these apps would have to be compromised.
• There's also only a limited time-window where our servers download reproducible builds binaries from the web. So a potential attack would also require putting malicious binaries on upstreams webserver right after an app update is ready for getting built. Once a build is shipped, the time window closes and wont open up until the next update gets ready.

Based on this we concluded that the findings on AllowedAPKSigningKeys do not pose an immediate threat to the safety of F-Droid users.

The scripts I've used to check for \n characters in zip file headers of APKs on f-droid.org are published here: https://gitlab.com/uniqx/rb-zipfilenamecheck