diff --git a/config.sample.py b/config.sample.py index 7bd574c6..0001a802 100644 --- a/config.sample.py +++ b/config.sample.py @@ -17,6 +17,15 @@ The official FDroid repository. Applications in this repository are official binaries built by the original application developers. """ +#The key (from the keystore defined below) to be used for signing the +#repository itself. Can be none for an unsigned repository. +repo_keyalias = None + +#If you're building a signed repository, you need the public key here. You +#can get the public key in the correct format by using 'getsig -f x.jar" where +#x.jar is any jar you have signed with it. +repo_pubkey = 'not set' + #The keystore to use for release keys when building. This needs to be #somewhere safe and secure, and backed up! keystore = "/home/me/somewhere/my.keystore" diff --git a/getsig/getsig.class b/getsig/getsig.class index ecd9f4ec..832b08c5 100644 Binary files a/getsig/getsig.class and b/getsig/getsig.class differ diff --git a/getsig/getsig.java b/getsig/getsig.java index 8b1da1ec..e4dd1269 100644 --- a/getsig/getsig.java +++ b/getsig/getsig.java @@ -13,13 +13,23 @@ public class getsig { public static void main(String[] args) { - if (args.length != 1) { + String apkPath = null; + boolean full = false; + + if(args.length == 1) { + apkPath = args[0]; + } else if (args.length == 2) { + if(!args[0].equals("-f")) { + System.out.println("Only -f is supported"); + System.exit(1); + } + apkPath = args[1]; + full = true; + } else { System.out.println("Specify the APK file to get the signature from!"); System.exit(1); } - String apkPath = args[0]; - try { JarFile apk = new JarFile(apkPath); @@ -64,17 +74,24 @@ public class getsig { csig[j*2+1] = (byte)(d >= 10 ? ('a' + d - 10) : ('0' + d)); } - // Get the MD5 sum of that... - MessageDigest md; - md = MessageDigest.getInstance("MD5"); - byte[] md5sum = new byte[32]; - md.update(csig); - md5sum = md.digest(); - BigInteger bigInt = new BigInteger(1, md5sum); - String md5hash = bigInt.toString(16); - while (md5hash.length() < 32) - md5hash = "0" + md5hash; - System.out.println("Result:" + md5hash); + String result; + if(full) { + result = new String(csig); + } else { + // Get the MD5 sum... + MessageDigest md; + md = MessageDigest.getInstance("MD5"); + byte[] md5sum = new byte[32]; + md.update(csig); + md5sum = md.digest(); + BigInteger bigInt = new BigInteger(1, md5sum); + String md5hash = bigInt.toString(16); + while (md5hash.length() < 32) + md5hash = "0" + md5hash; + result = md5hash; + } + + System.out.println("Result:" + result); System.exit(0); } catch (Exception e) { diff --git a/update.py b/update.py index 5449e01b..b12f147a 100644 --- a/update.py +++ b/update.py @@ -240,6 +240,8 @@ repoel = doc.createElement("repo") repoel.setAttribute("name", repo_name) repoel.setAttribute("icon", repo_icon) repoel.setAttribute("url", repo_url) +if repo_keyalias != None: + repoel.setAttribute("pubkey", repo_pubkey) addElement('description', repo_description, doc, repoel) root.appendChild(repoel) @@ -357,6 +359,33 @@ output = doc.toxml() of.write(output) of.close() +if repo_keyalias != None: + + if not options.quiet: + print "Creating signed index." + + #Create a jar of the index... + p = subprocess.Popen(['jar', 'cf', 'index.jar', 'index.xml'], + cwd='repo', stdout=subprocess.PIPE) + output = p.communicate()[0] + if options.verbose: + print output + if p.returncode != 0: + print "ERROR: Failed to create jar file" + sys.exit(1) + + # Sign the index... + p = subprocess.Popen(['jarsigner', '-keystore', keystore, + '-storepass', keystorepass, '-keypass', keypass, + os.path.join('repo', 'index.jar') , repo_keyalias], stdout=subprocess.PIPE) + output = p.communicate()[0] + if p.returncode != 0: + print "Failed to sign index" + print output + sys.exit(1) + if options.verbose: + print output + #Copy the repo icon into the repo directory... iconfilename = os.path.join(icon_dir, repo_icon) shutil.copyfile(repo_icon, iconfilename)