From c81ad4485cf482fe628a9234af03d2559da9a1cf Mon Sep 17 00:00:00 2001 From: FC Stegerman Date: Sat, 19 Nov 2022 19:56:16 +0100 Subject: [PATCH] verify_apks(): compare to unsigned APK if copying fails --- fdroidserver/common.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 5172f233..d61befb5 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -3403,15 +3403,21 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None): apksigcopier.do_copy(signed_apk, unsigned_apk, tmp_apk, v1_only=v1_only) except apksigcopier.APKSigCopierError as e: logging.info('...NOT verified - {0}'.format(tmp_apk)) - return 'signature copying failed: {}'.format(str(e)) + error = 'signature copying failed: {}'.format(str(e)) + result = compare_apks(signed_apk, unsigned_apk, tmp_dir, + os.path.dirname(unsigned_apk)) + if result is not None: + error += '\nComparing reference APK to unsigned APK...\n' + result + return error if not verify_apk_signature(tmp_apk): logging.info('...NOT verified - {0}'.format(tmp_apk)) + error = 'verification of APK with copied signature failed' result = compare_apks(signed_apk, tmp_apk, tmp_dir, os.path.dirname(unsigned_apk)) if result is not None: - return result - return 'verification of APK with copied signature failed' + error += '\nComparing reference APK to APK with copied signature...\n' + result + return error logging.info('...successfully verified') return None