mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-10-03 17:50:11 +02:00
Merge branch 'keytool_smartcardoptions' into 'master'
fix keytool not working with default smartcardoptions See merge request fdroid/fdroidserver!812
This commit is contained in:
commit
7adba093e4
@ -131,7 +131,7 @@ The repository of older versions of applications from the main demo repository.
|
||||
|
||||
# You should not need to change these at all, unless you have a very
|
||||
# customized setup for using smartcards in Java with keytool/jarsigner
|
||||
# smartcardoptions = "-storetype PKCS11 \
|
||||
# smartcardoptions = "-storetype PKCS11 -providerName SunPKCS11-OpenSC \
|
||||
# -providerClass sun.security.pkcs11.SunPKCS11 \
|
||||
# -providerArg opensc-fdroid.cfg"
|
||||
|
||||
|
@ -323,7 +323,8 @@ def read_config(opts, config_file='config.py'):
|
||||
config['smartcardoptions'] = re.sub(r'\s+', r' ', config['smartcardoptions']).split(' ')
|
||||
elif not smartcardoptions and 'keystore' in config and config['keystore'] == 'NONE':
|
||||
# keystore='NONE' means use smartcard, these are required defaults
|
||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerClass',
|
||||
config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName',
|
||||
'SunPKCS11-OpenSC', '-providerClass',
|
||||
'sun.security.pkcs11.SunPKCS11',
|
||||
'-providerArg', 'opensc-fdroid.cfg']
|
||||
|
||||
@ -3082,15 +3083,21 @@ def sign_apk(unsigned_path, signed_path, keyalias):
|
||||
apk = _get_androguard_APK(unsigned_path)
|
||||
if apk.get_effective_target_sdk_version() >= 30:
|
||||
if config['keystore'] == 'NONE':
|
||||
# NOTE: apksigner doesn't like -providerName/--provider-name at all, don't use
|
||||
# NOTE: apksigner doesn't like -providerName/--provider-name at all, don't use that.
|
||||
# apksigner documents the options as --ks-provider-class and --ks-provider-arg
|
||||
# those seem to be accepted but fail when actually making a signature with
|
||||
# weird internal exceptions. Those options actually work.
|
||||
# From: https://geoffreymetais.github.io/code/key-signing/#scripting
|
||||
apksigner_smartcardoptions = config['smartcardoptions'].copy()
|
||||
if '-providerName' in apksigner_smartcardoptions:
|
||||
pos = config['smartcardoptions'].index('-providerName')
|
||||
# remove -providerName and it's argument
|
||||
del apksigner_smartcardoptions[pos]
|
||||
del apksigner_smartcardoptions[pos]
|
||||
replacements = {'-storetype': '--ks-type',
|
||||
'-providerClass': '--provider-class',
|
||||
'-providerArg': '--provider-arg'}
|
||||
signing_args = [replacements.get(n, n) for n in config['smartcardoptions']]
|
||||
signing_args = [replacements.get(n, n) for n in apksigner_smartcardoptions]
|
||||
else:
|
||||
signing_args = ['--key-pass', 'env:FDROID_KEY_PASS']
|
||||
if not find_apksigner():
|
||||
|
Loading…
Reference in New Issue
Block a user