From 066978cbcfc8bc388e8749ba5d1ef82a10cb576b Mon Sep 17 00:00:00 2001
From: Marcus Hoffmann <bubu@bubu1.eu>
Date: Sat, 11 Apr 2020 23:04:43 +0200
Subject: [PATCH] publish: use common signing method

This is currently still jarsigner based but will at least use sha256
when possible
---
 fdroidserver/common.py  |  2 +-
 fdroidserver/publish.py | 17 +++--------------
 2 files changed, 4 insertions(+), 15 deletions(-)

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 1f3a483c..26bb7e82 100644
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -3064,7 +3064,7 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir):
 
     One of the inputs is signed, the other is unsigned. The signature metadata
     is transferred from the signed to the unsigned apk, and then jarsigner is
-    used to verify that the signature from the signed apk is also varlid for
+    used to verify that the signature from the signed apk is also valid for
     the unsigned one.  If the APK given as unsigned actually does have a
     signature, it will be stripped out and ignored.
 
diff --git a/fdroidserver/publish.py b/fdroidserver/publish.py
index 914afb1d..b1009dc7 100644
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@@ -319,7 +319,7 @@ def main():
             # characters are significant, so we'll use the first 8 from
             # the MD5 of the app's ID and hope there are no collisions.
             # If a collision does occur later, we're going to have to
-            # come up with a new alogrithm, AND rename all existing keys
+            # come up with a new algorithm, AND rename all existing keys
             # in the keystore!
             if not skipsigning:
                 if appid in config['keyaliases']:
@@ -367,23 +367,12 @@ def main():
                                                                       unsigned_dir,
                                                                       output_dir))
 
-                # TODO replace below with common.sign_apk() once it has proven stable
-                # Sign the application...
-                p = FDroidPopen([config['jarsigner'], '-keystore', config['keystore'],
-                                 '-storepass:env', 'FDROID_KEY_STORE_PASS',
-                                 '-keypass:env', 'FDROID_KEY_PASS', '-sigalg',
-                                 'SHA1withRSA', '-digestalg', 'SHA1',
-                                 apkfile, keyalias], envs=env_vars)
-                if p.returncode != 0:
-                    raise BuildException(_("Failed to sign application"), p.output)
+                # Sign and zipalign the application...
+                common.sign_apk(apkfile, signed_apk_path, keyalias)
                 if appid not in signed_apks:
                     signed_apks[appid] = []
                 signed_apks[appid].append(apkfile)
 
-                # Zipalign it...
-                common._zipalign(apkfile, os.path.join(output_dir, apkfilename))
-                os.remove(apkfile)
-
                 publish_source_tarball(apkfilename, unsigned_dir, output_dir)
                 logging.info('Published ' + apkfilename)