Magisk: Zip signature verification failed in TWRP [17.0]

Created on 1 Sep 2018 · 4Comments · Source: topjohnwu/Magisk

Magisk 17.0 can not be installed when "Zip signature verification" option is enabled in TWRP.

Installing zip file '/sdcard/Magisk-v17.0.zip'
Checking for Digest file...
Skipping Digest check: no Digest file found
Verifying zip signature...
I:read key e=3 hash=20
I:1 key(s) loaded from /res/keys
I:comment is 1216 bytes; signature 1198 bytes from end
I:failed to verify against RSA key 0
E:failed to verify whole-file signature
I:Zip signature verification failed: 1
Zip signature verification failed!
Error installing zip file '/sdcard/Magisk-v17.0.zip'

Source

Displax

👍1

Most helpful comment

Disable zip signature verification in TWRP, it is false security.
TWRP will only check whether it is signed by the test key, which it isn't because the zip is signed with my own private key.

topjohnwu on 1 Sep 2018

👍4

All 4 comments

Disable zip signature verification in TWRP, it is false security.
TWRP will only check whether it is signed by the test key, which it isn't because the zip is signed with my own private key.

topjohnwu on 1 Sep 2018

👍4

_Hey, can you give me the signed zip, because i have stock recovery and i cant disable zip verification?_

SsNipeR1 on 14 Sep 2020

@SsNipeR1 You'll need to install this way: https://topjohnwu.github.io/Magisk/install.html#boot-image-patching

Didgeridoohan on 14 Sep 2020

Disable zip signature verification in TWRP, it is false security.
TWRP will only check whether it is signed by the test key, which it isn't because the zip is signed with my own private key.

How can we verify our download of Magisk and Magisk Manager? I think I remember that this was sometimes part of the FAQ but I can't find the instructions anymore....