Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit dd910c59 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Make signapk sign using APK Signature Scheme v2. 

APKs are now signed with the usual JAR signature scheme and then
with the APK Signature Scheme v2.

APK Signature Scheme v2 is a whole-file signature scheme which aims
to protect every single bit of the APK as opposed to the JAR signature
scheme which protects only the names and uncompressed contents of ZIP
entries.

The two main goals of APK Signature Scheme v2 are:
1. Detect any unauthorized modifications to the APK. This is achieved
   by making the signature cover every byte of the APK being signed.
2. Enable much faster signature and integrity verification. This is
   achieved by requiring only a minimal amount of APK parsing before
   the signature is verified, thus completely bypassing ZIP entry
   decompression and by making integrity verification parallelizable
   by employing a hash tree.

Bug: 25794543
Change-Id: I275d2a6d0a98504891985309b9dfff2e0e44b878
parent 3cc36050
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment