kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-07-07 01:40:10 +02:00
Code Activity

Build a signed index in jar format, to be used by the next version of the client

Browse Source
This commit is contained in:
Ciaran Gultnieks 2011-01-29 09:32:21 +00:00
parent cbd42b2a62
commit f0fa241751
4 changed files with 69 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
config.sample.py
View File

@ -17,6 +17,15 @@ The official FDroid repository. Applications in this repository are official
binaries built by the original application developers.
"""
#The key (from the keystore defined below) to be used for signing the
#repository itself. Can be none for an unsigned repository.
repo_keyalias = None
#If you're building a signed repository, you need the public key here. You
#can get the public key in the correct format by using 'getsig -f x.jar" where
#x.jar is any jar you have signed with it.
repo_pubkey = 'not set'
#The keystore to use for release keys when building. This needs to be
#somewhere safe and secure, and backed up!
keystore = "/home/me/somewhere/my.keystore"

BIN
getsig/getsig.class
View File

Binary file not shown.

45
getsig/getsig.java
View File

@ -13,13 +13,23 @@ public class getsig {
public static void main(String[] args) {
if (args.length != 1) {
String apkPath = null;
boolean full = false;
if(args.length == 1) {
apkPath = args[0];
} else if (args.length == 2) {
if(!args[0].equals("-f")) {
System.out.println("Only -f is supported");
System.exit(1);
}
apkPath = args[1];
full = true;
} else {
System.out.println("Specify the APK file to get the signature from!");
System.exit(1);
}
String apkPath = args[0];
try {
JarFile apk = new JarFile(apkPath);
@ -64,17 +74,24 @@ public class getsig {
csig[j*2+1] = (byte)(d >= 10 ? ('a' + d - 10) : ('0' + d));
}
// Get the MD5 sum of that...
MessageDigest md;
md = MessageDigest.getInstance("MD5");
byte[] md5sum = new byte[32];
md.update(csig);
md5sum = md.digest();
BigInteger bigInt = new BigInteger(1, md5sum);
String md5hash = bigInt.toString(16);
while (md5hash.length() < 32)
md5hash = "0" + md5hash;
System.out.println("Result:" + md5hash);
String result;
if(full) {
result = new String(csig);
} else {
// Get the MD5 sum...
MessageDigest md;
md = MessageDigest.getInstance("MD5");
byte[] md5sum = new byte[32];
md.update(csig);
md5sum = md.digest();
BigInteger bigInt = new BigInteger(1, md5sum);
String md5hash = bigInt.toString(16);
while (md5hash.length() < 32)
md5hash = "0" + md5hash;
result = md5hash;
}
System.out.println("Result:" + result);
System.exit(0);
} catch (Exception e) {

29
update.py
View File

@ -240,6 +240,8 @@ repoel = doc.createElement("repo")
repoel.setAttribute("name", repo_name)
repoel.setAttribute("icon", repo_icon)
repoel.setAttribute("url", repo_url)
if repo_keyalias != None:
repoel.setAttribute("pubkey", repo_pubkey)
addElement('description', repo_description, doc, repoel)
root.appendChild(repoel)
@ -357,6 +359,33 @@ output = doc.toxml()
of.write(output)
of.close()
if repo_keyalias != None:
if not options.quiet:
print "Creating signed index."
#Create a jar of the index...
p = subprocess.Popen(['jar', 'cf', 'index.jar', 'index.xml'],
cwd='repo', stdout=subprocess.PIPE)
output = p.communicate()[0]
if options.verbose:
print output
if p.returncode != 0:
print "ERROR: Failed to create jar file"
sys.exit(1)
# Sign the index...
p = subprocess.Popen(['jarsigner', '-keystore', keystore,
'-storepass', keystorepass, '-keypass', keypass,
os.path.join('repo', 'index.jar') , repo_keyalias], stdout=subprocess.PIPE)
output = p.communicate()[0]
if p.returncode != 0:
print "Failed to sign index"
print output
sys.exit(1)
if options.verbose:
print output
#Copy the repo icon into the repo directory...
iconfilename = os.path.join(icon_dir, repo_icon)
shutil.copyfile(repo_icon, iconfilename)