Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit af482b62 authored by Doug Zongker's avatar Doug Zongker
Browse files

make signapk strip other signatures 

Change signapk to not propagate other signatures to the output
archive.  Multiple signatures seem to confuse the package manager, as
we saw with Maps, and other partners are checking in prebuilt APKs for
google experience devices signed with random other things.
parent a0bad432

tools/signapk/SignApk.java

+8 −1
Original line number Diff line number Diff line
@@ -62,6 +62,7 @@ import java.util.jar.JarEntry; 
import java.util.jar.JarFile;

import java.util.jar.JarOutputStream;

import java.util.jar.Manifest;

import java.util.regex.Pattern;

import javax.crypto.Cipher;

import javax.crypto.EncryptedPrivateKeyInfo;

import javax.crypto.SecretKeyFactory;
@@ -75,6 +76,10 @@ class SignApk { 
    private static final String CERT_SF_NAME = "META-INF/CERT.SF";

    private static final String CERT_RSA_NAME = "META-INF/CERT.RSA";



    // Files matching this pattern are not copied to the output.

    private static Pattern stripPattern =

            Pattern.compile("^META-INF/(.*)[.](SF|RSA|DSA)$");



    private static X509Certificate readPublicKey(File file)

            throws IOException, GeneralSecurityException {

        FileInputStream input = new FileInputStream(file);
@@ -193,7 +198,9 @@ class SignApk { 
        for (JarEntry entry: byName.values()) {

            String name = entry.getName();

            if (!entry.isDirectory() && !name.equals(JarFile.MANIFEST_NAME) &&

                !name.equals(CERT_SF_NAME) && !name.equals(CERT_RSA_NAME)) {

                !name.equals(CERT_SF_NAME) && !name.equals(CERT_RSA_NAME) &&

                (stripPattern == null ||

                 !stripPattern.matcher(name).matches())) {

                InputStream data = jar.getInputStream(entry);

                while ((num = data.read(buffer)) > 0) {

                    md.update(buffer, 0, num);