ad44dd4f3c3c713ef04779093aeadf23bc324162 |
10-Nov-2017 |
Colin Cross <ccross@android.com> |
Convert signapk to Android.bp See build/soong/README.md for more information Test: m checkbuild Change-Id: I89a7fa7647e7081ca49720fae3be23ce84ab38e5
ndroid.bp
ndroid.mk
|
9a04e12eba4446064663cf60adf936e91095a188 |
31-Oct-2017 |
Treehugger Robot <treehugger-gerrit@google.com> |
Merge "Add OWNERS for SignApk"
|
c6c6dfe7421a38dac1ddf41b508f822955375e55 |
31-Oct-2017 |
Alex Klyubin <klyubin@google.com> |
Add OWNERS for SignApk Test: build/make/tools/checkowners.py -c -v OWNERS Bug: 30972906 Change-Id: I7a2c9301376e24239924ffbedcb2b97727da700a
WNERS
|
d50662502f056f9ca7f8b9182d7c9d599c8d710e |
27-Oct-2017 |
Victor Hsieh <victorhsieh@google.com> |
Migrate to the new apksig API Following the new API contract, this effectively add extra padding before central dir to make it 4KB aligned. Test: build succeeded Bug: 30972906 Change-Id: I7cac9d2c4371b473c88df867b3b2ae906443db10
rc/com/android/signapk/SignApk.java
|
b34d45ad65524e3cd1d9b77963b8dc25beced5c2 |
18-Oct-2017 |
Colin Cross <ccross@android.com> |
Follow renames of conscrypt and bouncycastle to remove -host suffix Test: m checkbuild Change-Id: I72bd7249cf6bdc4a2251f6877c776f439649da81
ndroid.mk
|
cec578c916ad3bedce71d5a8c3f8ce84864b6339 |
29-Mar-2017 |
Alex Deymo <deymo@google.com> |
Don't include the dev-key on IOT products. This patch updates the logic to use the PRODUCT_IOT variable instead of BRILLO. Bug: 36702887 Test: `make`; Image doesn't have the dev key. Change-Id: I1751e97d8cdfeba83c7e4720a017a5f4dcfd49da
ndroid.mk
|
9b75e272b6bbcc79dcdf8eef0524a30872c84ef6 |
13-Dec-2016 |
Alex Klyubin <klyubin@google.com> |
Faster auto-detection of APK's minSdkVersion Prior to this change, when signing APKs, the build system invoked 'aapt dump badging' on each APK, to detect the value to pass into signapk as --min-sdk-version. Now that signapk uses the apksig library, it can auto-detect that value on its own, thus avoiding the need to invoke 'aapt dump badging' and thus speeding up the build process. The semantics of signapk's --min-sdk-version flag is changed by this commit from having the default value of 0 to having the default value of "auto-detect from APK". P.S. The get-package-min-sdk-version-int is not removed from core/definitions.mk in this commnit, because this function is used in another project's .mk file and thus that .mk file needs to be modified first. Test: rm -Rf out/ && make Change-Id: I0972fcf0abbde9cbf6794e6c05c743c77c8a78f9
rc/com/android/signapk/SignApk.java
|
969e354b1f5c83f22ba1727da19d3b803c7b3fcc |
07-Sep-2016 |
Alex Klyubin <klyubin@google.com> |
"SignApk" in Created-By header The switch to apksig changed the Created-By header value in .SF file from "1.0 (Android SignApk)" to "1.0 (Android apksigner)". This commit reverts the value back to "1.0 (Android SignApk)". Change-Id: I2fc462cade40a5b31bb6191996fd6f18fabbf08f
rc/com/android/signapk/SignApk.java
|
1b09a508bae3158c8496b9cf26d35910fae7954f |
07-Jul-2016 |
Alex Klyubin <klyubin@google.com> |
Move apksigner library to tools/apksig. This moves build/tools/apksigner/core to its own project tools/apksig. The move also renames the moved Java packages from com.android.apksigner.core.* to com.android.apksig.* to reflect the new name of the library. Bug: 27461702 Change-Id: Iab812ae2b8f0a741014f842460c78e35bc249d43
ndroid.mk
rc/com/android/signapk/SignApk.java
|
d4761a19b884d69c684c34ec0e5b74aaba2cfe95 |
14-Jun-2016 |
Alex Klyubin <klyubin@google.com> |
Faster and cleaner way to obtain UTF-8 encoded form. Instead of specifying character encoding by name, the faster, cleaner, and safer way is to use StandardCharsets.UTF_8. Bug: 27461702 Change-Id: I897284d3ceeb44a21cc74de09a9b25f6aec8c205
rc/com/android/signapk/SignApk.java
|
ab2a3b0061f26ebc95bc320fcfac316ccf14f567 |
12-Jun-2016 |
Alex Klyubin <klyubin@google.com> |
Fix inefficiency in APK entry data alignment. 26f00cda4b979d7e74db6872990682335b36612b introduced a bug where an APK entry's extra field is padded for alignment purposes when no padding is necessary because the entry is aligned without any padding bytes. Bug: 27461702 Change-Id: Icb164dbaa26d9686412e2920318a9f40c5ce9751
rc/com/android/signapk/SignApk.java
|
fa1da6c3114d9f0c0cd0e27025c07f73f1810b76 |
27-May-2016 |
Alex Klyubin <klyubin@google.com> |
Switch signapk to apksigner-core. This switches signapk's APK signing from its own signing logic to that offered by apksigner-core library. OTA update package signing logic remains inside signapk codebase. Bug: 27461702 Change-Id: Ibf8435c555fe3f2b621d5189e7ae44f79082c810
ndroid.mk
rc/com/android/signapk/ApkSignerV2.java
rc/com/android/signapk/Pair.java
rc/com/android/signapk/SignApk.java
rc/com/android/signapk/ZipUtils.java
|
26f00cda4b979d7e74db6872990682335b36612b |
23-May-2016 |
Alex Klyubin <klyubin@google.com> |
Store entry alignment information in APK. Data of uncompressed APK entries is often aligned to a multiple of 4 or 4096 in the APK to make it easier to mmap the data. Unfortunately, the current method for achieving alignment suffers from two issues: (1) the way it uses the Local File Header extra field is not compliant with ZIP format (for example, this prevents older versions of Python's zipfile from reading APKs: https://bugs.python.org/issue14315), and (2) it does not store information about the alignment multiple in the APK, making it harder/impossible to preserve the intended alignment when rearranging entries in the APK. This change solves these issues by switching to a different method for aligning data of uncompressed APK entries. Same as before, alignment is achieved using Local File Header entry field. What's different is that alignment is achieved by placing a well-formed extensible data field/block into the extra field. The new field/block contains the alignment multiple (e.g., 4 or 4096) as well as the necessary padding (if any). Compared to the original alignment method, the new method uses 6 more bytes for each uncompressed entry. Bug: 27461702 Change-Id: I8cffbecc50bf634b28fca5bc39eb23f671961cf9
rc/com/android/signapk/SignApk.java
|
0caa16a6d1b4349654956c895aab925c9522d2cf |
12-May-2016 |
Alex Klyubin <klyubin@google.com> |
No need to JAR-sign OTA update packages. This removes the logic for JAR signing from -w (whole-file signing) mode. This mode is designed specifically for OTA update packages. When such packages are verified, their JAR signatures are ignored. Thus, there is no need to JAR-sign in -w mode. For context, OTA update packages are protected by a special signature residing in the ZIP End of Central Directory record (at the very end of the file). This is the signature verified when update packages are being applied to Android. Change-Id: Ia852a11ed6774ce746087cdd7f028b191ef6bc8b
rc/com/android/signapk/SignApk.java
|
b141ded82bef9af3c65b4192f986605f6c0dc21e |
04-May-2016 |
Alex Klyubin <klyubin@google.com> |
SHA-256 with ECDSA supported only on API Level 21 and higher. Turns out APK signatures using SHA-256 with ECDSA are accepted only by platforms with API Level 21 and higher, not 18 and higher. Bug: 28296599 Change-Id: I3fab5be17bf3a9bdbf4d84d90d51448027c7e761
rc/com/android/signapk/SignApk.java
|
3f52653abfb017a7fdc5819b28bed61f3eaf4498 |
25-Apr-2016 |
Alex Klyubin <klyubin@google.com> |
Separate logic for alg selection for OTA and APK signing. The rules for which digest algorithms are accepted by the Android platform for APK signatures and OTA update package signatures are different. For example, the set of digest algorithms accepted for APK signatures depends on the signing key algorithm and the platform's API Level. Whereas the set of digest algorithms accepted for OTA update package signatures by Recovery depends on the list produced by the build system, which in turn produces the list based on the key algorithm and digest used in the signing certificate. To reflect this reality, this refactoring CL explicitly separates signapk's logic for choosing the digest algorithm to use for v1 signing from its logic for choosing the digest algorithm to use for OTA update package signing. Bug: 28296599 Change-Id: Ic7aa77e89622d727e985f8749071284746be7f45
rc/com/android/signapk/SignApk.java
|
60817689faf7029d6073e0ebcf0c3bb9cce0cf73 |
07-Apr-2016 |
Alex Klyubin <klyubin@google.com> |
Remove support for DSA with SHA-512 from v2 signing. Android platform does not support DSA with SHA-512. Thus, it does not make sense to support this unsupported algorithm in APK Signature Scheme v2. Bug: 24331392 Change-Id: Ifba90ad5b11188bb968c28d9e0ed3f9cb13ce2e7
rc/com/android/signapk/ApkSignerV2.java
rc/com/android/signapk/SignApk.java
|
37a0ecd32935685151f0cfb5a5466e6e360a0b8f |
23-Mar-2016 |
Alex Klyubin <klyubin@google.com> |
Fix bug in APK entry alignment. APK entry alignment logic assumes that input entries have zero-length comment and extra fields. When the assumption is broken, the logic silently breaks alignment of output entries. This happens, for example, when the APK to be signed is already aligned and thus may contain entries with non-empty extra fields. Given that APKs are not supposed to use comment and extra fields for anything useful and given that this signer already discards comment and extra fields of compressed entries, this change makes the signer discard comment and extra fields of STORED input entries as well. This unbreaks the existing alignment logic. Bug: 27814973 Change-Id: I8242b037e21ba7bcf45d0fe2afc8bfc47f1ec314
rc/com/android/signapk/SignApk.java
|
82bf99bb4e4cd4779a08daa21bd4bc2007042f41 |
14-Mar-2016 |
Alex Klyubin <klyubin@google.com> |
Fix two cosmetic issues in signapk. * Zip EoCD record comment length was referred to as 32-bit whereas it is a 16-bit field. The implementation was fine, but the comment and the naming of a constant were wrong. * System.out.println was left over from early prototyping days. Removed. Bug: 25794543 Change-Id: I97199310d4b4451271a75bb6c6d0463e0b788be9
rc/com/android/signapk/ZipUtils.java
|
97dd58a071c16c31ab2ce3f29f8fa7e2db7c8b52 |
16-Feb-2016 |
Alex Klyubin <klyubin@google.com> |
Switch to production constant for v2 signing scheme ID. Bug: 25794543 Change-Id: I0e06f31ea3117c6865d18f853f99304964b323b4
rc/com/android/signapk/ApkSignerV2.java
|
f735851fa95ea7b372ab4245a7b583667efb4ea9 |
09-Feb-2016 |
Alex Klyubin <klyubin@google.com> |
Use Jan 1 2009 as timestamp in OTA update ZIPs. This is a follow-up to 6c41036bcf35fe39162b50d27533f0f3bfab3028 where I forgot to update a section of OTA update ZIP code. Bug: 26864066 Change-Id: Idbcde71d6377a16807e41c999120eeddd5b4d8a4
rc/com/android/signapk/SignApk.java
|
0d85dab09a09de48535e4139b858e5e4bef8565f |
30-Jan-2016 |
Dan Willemsen <dwillemsen@google.com> |
Merge "Use Jan 1 2009 as timestamp in APKs and OTA update ZIPs."
|
3d8bf2994c4e8e17500f79acf9b9decb8adc40af |
29-Jan-2016 |
Lee Campbell <leecam@google.com> |
brillo: Remove dependency on java for Brillo Brillo does not require Java. Add a JAVA_NOT_REQUIRED flag to the build system to make the jdk requirment optional Also don't build signapk for Brillo BUG: 25281898 Change-Id: I31e68cc7d076bf6c234699c77c0ea1ea428be4f5
ndroid.mk
|
6c41036bcf35fe39162b50d27533f0f3bfab3028 |
29-Jan-2016 |
Alex Klyubin <klyubin@google.com> |
Use Jan 1 2009 as timestamp in APKs and OTA update ZIPs. Previously, the timestamp was one hour ahead of NotBefore of the signer's certificate, adjusted for the current timezone. With this change the MS-DOS timestamp in output APK/ZIP files is Jan 1 2009 00:00:00. Bug: 26864066 Change-Id: Id6263c38ac7042489ab695454f8e0fb2d85a3958
rc/com/android/signapk/SignApk.java
|
dd910c5945272e9820dfd9d7798ba32aa7dfc73f |
02-Dec-2015 |
Alex Klyubin <klyubin@google.com> |
Make signapk sign using APK Signature Scheme v2. APKs are now signed with the usual JAR signature scheme and then with the APK Signature Scheme v2. APK Signature Scheme v2 is a whole-file signature scheme which aims to protect every single bit of the APK as opposed to the JAR signature scheme which protects only the names and uncompressed contents of ZIP entries. The two main goals of APK Signature Scheme v2 are: 1. Detect any unauthorized modifications to the APK. This is achieved by making the signature cover every byte of the APK being signed. 2. Enable much faster signature and integrity verification. This is achieved by requiring only a minimal amount of APK parsing before the signature is verified, thus completely bypassing ZIP entry decompression and by making integrity verification parallelizable by employing a hash tree. Bug: 25794543 Change-Id: I275d2a6d0a98504891985309b9dfff2e0e44b878
rc/com/android/signapk/ApkSignerV2.java
rc/com/android/signapk/Pair.java
rc/com/android/signapk/SignApk.java
rc/com/android/signapk/ZipUtils.java
|
9b54a565c9ffd1e8ed0c3434ede022d9501eaa80 |
20-Jan-2016 |
Alex Klyubin <klyubin@google.com> |
Command-line flag to disable signing with APK Signature Scheme v2. This change makes signapk not reject the --disable-v2 command-line flag which may be used by build scripts in some branches. The flag is currently ignored. This change is landed separately from the actual support for APK Signature Scheme v2 because of unbundled branches which use prebuilt versions of signapk. Bug: 25794543 Change-Id: I900966244b8b6296b1f443bf98830cc7f7cc81a8
rc/com/android/signapk/SignApk.java
|
c2c49ed0c13846f7f96249c7419971dfcddc9215 |
11-Jan-2016 |
Alex Klyubin <klyubin@google.com> |
Unconditionally use SHA-256 when minSdkVersion is 18 or higher. SHA-1 is deprecated, but the replacement SHA-256 is only supported for JAR/APK and OTA update package signatures on API Level 18 and newer. This change thus adds a --min-sdk-version command-line parameter to signapk. When this parameter is set to 18 or higher, SHA-256 is used instead of SHA-1. When the parameter is not provided, SHA-1 is used same as before. This change also removes any other digests from the MANIFEST.MF. This is to ignore any MANIFEST.MF digests already there in the APK, such as when re-signing an already signed APK. Build scripts will be modified to provide the --min-sdk-version parameter in a follow-up change. This is not done in this change because of prebuilts which require a prebuilt version of signapk to support this parameter before the build scripts can be modified. Bug: 25643280 Change-Id: I6a2782e465600fe2a3ad0c10bd80db2b80a6fb76
rc/com/android/signapk/SignApk.java
|
8502937cff58c036a2ac05671e1e46d1cbb46425 |
12-Jan-2016 |
Alex Klyubin <klyubin@google.com> |
List SHA-1 digests of APK entries' contents in .SF files. Due to a bug introduced in 8562fd478d7f1b1b693de5db67928f1993522c0a SHA-1 digests of APK entries' contents were listed under wrong attribute name. The effect is equivalent to not listing SHA-1 digests. This change fix the issue by listing SHA-1 digests under the correct attribute name. However, these digests are not that useful because: (1) typically the digest of the MANIFEST.MF verifies and thus the per-entry digests are ignored, and (2) per-entry digests of entries with names longer than 64 characters are wrong in any case because the digest generation code does not take into account that such names are split over multiple lines. An alternative to this change would be to completely omit outputting per-entry sections of .SF files, thus saving space and speeding up APK verification (.SF files would decompress faster). Bug: 26513901 Change-Id: If95d58e9baa62b1113639fe70724e1e9c9f4e15c
rc/com/android/signapk/SignApk.java
|
fe7c1e59d15c9fd3f5f28ef555926547e26b8640 |
15-Dec-2015 |
Alex Klyubin <klyubin@google.com> |
Move signapk sources to src dir. This also makes source files follow the standard directory structure based on Java package names. Bug: 25794543 Change-Id: Ie0b568057f836e56407f76d29eeacd28ab907ba8
ndroid.mk
ignApk.java
rc/com/android/signapk/SignApk.java
|
9667b18f2300e4bf0f33d3aef51d2f48bcb6778b |
10-Dec-2015 |
Alex Klyubin <klyubin@google.com> |
Make signapk use Conscrypt. This makes the signapk tool use Conscrypt (where possible) instead of the platform-default JCA providers and the Bouncy Castle JCA provider. This speeds up (by 10-30%) APK and OTA update signing because Conscrypt's crypto primitives are backed by BoringSSL. Previously, the signapk tool consisted only of the signapk.jar. Because Conscrypt is backed by native code, signapk now consists of signapk.jar and crypto_openjdk_jni shared library. This requires that users of the tool be updated to provide a suitable -Djava.library.path argument to the Java runtime. This change updates all known users of the tool inside the Android source tree to do so. Bug: 26097626 Change-Id: I8411b37d7f771ed99269751a3007dff103083552
ndroid.mk
ignApk.java
|
924a6837609359d09076391fa363fdcf3c8544bd |
03-Dec-2015 |
Alex Klyubin <klyubin@google.com> |
Make signapk align .so entries to 4096 bytes. This makes signapk align uncompressed .so entries to memory page boundary (4096 bytes) to enable such libraries to be loaded at runtime through memory-mapping the APK. With this change in place, there should no longer be a need to run zipalign after (or before) signapk. Bug: 25794543 Change-Id: I74775af15a683791f57fcbd3497a79951b3f63a1
ignApk.java
|
c218d3eca3476eaaf4a52b9faaa24275dc7cf9d1 |
19-Nov-2015 |
Alex Klyubin <klyubin@google.com> |
Clean up compiler warnings in signapk. Bug: 25794543 Change-Id: Ia7da4fbaed77af4020e5aa0b14fe5e1bd8521edb
ignApk.java
|
50c7c5a72208517237f84b15be6d15c96fa3b2ec |
03-Sep-2015 |
adattatr <anisha.dattatraya.kulkarni@intel.com> |
If a console doesn't exist, read password from stdin. When signapk.jar is invoked by scripts like sign_target_files_apks.py, there is no console as signapk is invoked using popen(). To support signing of APKs using software keys with passwords, we need to read the password from stdin if there is no console. Change-Id: Icf69ba1e58bf1f91979eaf1d3b91cb202782e8fd Signed-off-by: adattatr <anisha.dattatraya.kulkarni@intel.com> Signed-off-by: Brad Geltz <brad.geltz@intel.com>
ignApk.java
|
fafe5ac81940caaa6b222433a2fd9ef5e1239686 |
11-Mar-2015 |
Ying Wang <wangying@android.com> |
Merge "Signapk.java: hide the password"
|
bda807d3a1f39024fad99b0afc9eed834d4f9b81 |
07-Aug-2014 |
Kenny Root <kroot@google.com> |
Track bouncycastle upgrade to 1.51 The new API in 1.51 will allow null return values. Change-Id: I583690bf0740b2d0962f02edea3896e18626e548
ignApk.java
|
22717f9f9ee764e8126bcbc8c4cd9dc58b713fee |
10-Jul-2014 |
zhang jun <jun.zhang@intel.com> |
Signapk.java: hide the password Reads the password through console instead of stdin directly and returns it as a string. Change-Id: I52e525680b93e9729158f4902b22f985245dbf2f Signed-off-by: zhang jun <jun.zhang@intel.com> Signed-off-by: Mingwei Shi <mingwei.shi@intel.com>
ignApk.java
|
1d67eec191b76e299acfa54d95f3897e25536174 |
15-May-2014 |
Doug Zongker <dougz@google.com> |
make SignApk do zip alignment When signing an APK, make the SignApk tool align the stored entries to (by default) 4-byte boundaries. This obviates the need to run the separate zipalign tool, which currently does this job. The alignment byte count can be specified with the -a option. OTA package signing (with -w) never does alignment. The order of files in the output APK is changed so that all stored files come first in the output, followed by all non-stored files. This is not expected to have any impact in practice. Change-Id: Iaeef89b2a7283e25fadb99c0a0f0641f682d76b8
ignApk.java
|
01ed66d2ba4f1469b259965b186cafc04da57451 |
10-Oct-2013 |
Kenny Root <kroot@google.com> |
Allow ECDSA signing OTA files ECDSA works in the recovery verifier, so we can allow OTA updates to be signed with EC keys. Change-Id: If8f2be028843fbfd6c8c9c41b492605d9b5cbeb0
ignApk.java
|
89c961aa11ed7539306061d7c31f1bb1fcf33e62 |
25-Sep-2013 |
Kenny Root <kroot@google.com> |
SignApk: add argument for loading a Provider For supporting loading a custom key type provider, add a -providerClass argument that loads the selected JCE at the front of the provider list. Change-Id: I3df16f7c570d36e08806b614d6f30c41cb117565
ignApk.java
|
62ea4a5c3cf5da5c64e881e6986e5753304fe8be |
25-Sep-2013 |
Kenny Root <kroot@google.com> |
Read algorithm OID directly from PKCS#8 container The PKCS#8 PrivateKeyInfo structure has the algorithm OID encoded right before the actual key octet stream is encoded. Use Bouncycastle to read the OID for creation with the key factory. This aids in the creation of custom key types that are backed by hardware devices (e.g., HSMs) and have their own assigned OIDs. Change-Id: If5d8fe07bc157e9bb5a3fb5f99091e924143105f
ignApk.java
|
3d2365c068539941bec258d461c149a63c4fbf98 |
19-Sep-2013 |
Kenny Root <kroot@google.com> |
SignApk: add support for EC keys Change-Id: I09bc0e52fc84ec321b997016a8f97de1bfd2770d
ignApk.java
|
8562fd478d7f1b1b693de5db67928f1993522c0a |
10-Apr-2013 |
Doug Zongker <dougz@android.com> |
SignApk: update SignApk to support SHA256withRSA signing (cherry picked from commit c0581a02ede48007623030c4ce13174ee972cc42) Change-Id: I6212e0f3a6aa3265b111f0f7348b667af4a668b0
ignApk.java
|
29706d155a7516e36b63c5201d3e294de6589814 |
18-Dec-2012 |
Koushik Dutta <koushd@gmail.com> |
SignApk: perform the whole file signature in a single streaming pass. Author: Koushik Dutta <koushd@gmail.com> Change-Id: I58a68fa4bd4c0c3bb0e025d4311186195fb90e5a
ignApk.java
|
b14c97621bb748d717fd9c91b21cb4d7cf0bd85e |
16-Oct-2012 |
Doug Zongker <dougz@android.com> |
add multiple key support to signapk Support signing .apks (but not OTA packages) with multiple keys. Bug: 7350459 Change-Id: I794e1da0555e2bb9247a59c756656d4ca7ee04cf
ignApk.java
|
147626e624ec0b709e6dc8f156ccb391fffef9c8 |
04-Sep-2012 |
Doug Zongker <dougz@google.com> |
change SignApk.java to use bouncy castle for signing Remove use of the private sun.security.* classes for generating pkcs7 signatures and use bouncy castle instead. Change-Id: Ie8213575461975085d119e000e764d2a28c26715
ndroid.mk
ignApk.java
|
e691373514d47ecf29ce13e14e9f3b867d394693 |
04-Jul-2012 |
Doug Zongker <dougz@android.com> |
make SignApk faster for OTA packages Change to the default compression level instead of the max compression level for OTA packages (-w): it's much faster and the difference in output size is usually negligible. Bug: 6778962 Change-Id: I82a6acc19be8b3289fd84c8c15f03ebeb7a1ce63
ignApk.java
|
7bb042317ab4df86b9962f30399c7728e8b84599 |
11-May-2012 |
Doug Zongker <dougz@android.com> |
add copy of public cert used for signing to OTA packages When signing a file with -w (ie, an OTA package), add the file META-INF/com/android/otacert, which is a copy of the public key certificate. While this can be extracted from the CERT.RSA file, having a copy of it more easily accessible makes it easier to write tools. Bug: 6477365 Change-Id: I8cdb19536eca9a223c2b954e3f8ea0d9f3f86f02
ignApk.java
|
7978d50edb9c4da0b8f4076412f092418da6e372 |
24-Sep-2010 |
Ficus Kirkpatrick <ficus@android.com> |
Add a workaround for a platform JAR parsing bug. The java.util.jar implementation through Android 1.6 has a bug where if the signature file in META-INF is a multiple of 1024 bytes, it will throw an IOException attempting to read it. If signapk would produce a CERT.SF in a multiple of 1024 bytes, add an extra CRLF to the end of the file. Bug: 3019677 Change-Id: I23d4a36e12e224be600d3ac39379b5b5a022a628
ignApk.java
|
da12daf15f2e6aef7e94f340d23bc435ddc025f4 |
10-Jun-2010 |
Joe Onorato <joeo@android.com> |
Add a tapas command. (Actually there was a tapas command that just called choosecombo). The new better tapas command is for building unbundled apps. Run it with one or more modules to build and optionally a build variant. tapas [variant] App1 App2 ... If you don't supply a build variant, it defaults to eng. Change-Id: I02214abd0b5ad02e364fcb024e10cf6ad17a9e68
ndroid.mk
|
badd2ca451ee7a408f55632025cbe69649b426b5 |
15-Aug-2009 |
Doug Zongker <dougz@android.com> |
fix endianness problem with the tail of the signature comment The two 0xff bytes were intended to easily distinguish files with whole file signatures from those without, but I got the endianness backwards. Go ahead and fix that, as long as I'm making changes to the verifier anyway. Check for a signature that includes the sequence 0x50 0x4b 0x05 0x06, which looks to minzip like the start of the EOCD block.
ignApk.java
|
c6cf01a1170c3a7a5b03135b01cf97f06e1b953d |
13-Aug-2009 |
Doug Zongker <dougz@android.com> |
add whole-file signature mode to SignApk Make SignApk generate a signature for (nearly) the entire zip file when run with the -w option. The signature covers all of the zip file except for the archive comment (conveniently the last thing in a zip file); the archive comment field is used to contain the signature itself.
ignApk.java
|
a237874ccf49e92b93faea51f65c2ff37ea19ac7 |
16-Jul-2009 |
Doug Zongker <dougz@android.com> |
fix the modtime of files in the apk when signing SignApk fixes the timestamp of the signature files it adds. Use that same timestamp for all the files, so that the modtime doesn't vary from build to build. (Incremental OTAs currently spend significant time rewriting every .apk to do nothing but patch in timestamp changes.)
ignApk.java
|
af482b62e50b70e469426681584503eab1b308e9 |
08-Jun-2009 |
Doug Zongker <dougz@android.com> |
make signapk strip other signatures Change signapk to not propagate other signatures to the output archive. Multiple signatures seem to confuse the package manager, as we saw with Maps, and other partners are checking in prebuilt APKs for google experience devices signed with random other things.
ignApk.java
|
88b607994a148f4af5bffee163e39ce8296750c6 |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
ndroid.mk
ignApk.java
ignApk.mf
est/run
|
05806d7af62e07c6225b2e7103a1b115ecf6c9ad |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
ndroid.mk
ignApk.java
ignApk.mf
est/run
|
dcc08f073b6873c69ab891d4f69f7c568e282df7 |
18-Dec-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Code drop from //branches/cupcake/...@124589
ndroid.mk
ignApk.java
|
b6c1cf6de79035f58b512f4400db458c8401379a |
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
ndroid.mk
ignApk.java
ignApk.mf
est/run
|