StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove support for DSA with SHA-512 from v2 signing.

Browse Source 
Android platform does not support DSA with SHA-512. Thus, it does not
make sense to support this unsupported algorithm in APK Signature
Scheme v2.

Bug: 24331392
Change-Id: Ifba90ad5b11188bb968c28d9e0ed3f9cb13ce2e7
This commit is contained in:
Alex Klyubin
2016-04-07 10:24:56 -07:00
parent 4d69fbf5be
commit 60817689fa
2 changed files with 1 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tools/signapk/src/com/android/signapk/ApkSignerV2.java
View File

@@ -75,7 +75,6 @@ public abstract class ApkSignerV2 {
public static final int SIGNATURE_ECDSA_WITH_SHA256 = 0x0201; public static final int SIGNATURE_ECDSA_WITH_SHA256 = 0x0201;
public static final int SIGNATURE_ECDSA_WITH_SHA512 = 0x0202; public static final int SIGNATURE_ECDSA_WITH_SHA512 = 0x0202;
public static final int SIGNATURE_DSA_WITH_SHA256 = 0x0301; public static final int SIGNATURE_DSA_WITH_SHA256 = 0x0301;
public static final int SIGNATURE_DSA_WITH_SHA512 = 0x0302;
/** /**
* {@code .SF} file header section attribute indicating that the APK is signed not just with * {@code .SF} file header section attribute indicating that the APK is signed not just with
@@ -660,8 +659,6 @@ public abstract class ApkSignerV2 {
return Pair.create("SHA512withECDSA", null); return Pair.create("SHA512withECDSA", null);
case SIGNATURE_DSA_WITH_SHA256: case SIGNATURE_DSA_WITH_SHA256:
return Pair.create("SHA256withDSA", null); return Pair.create("SHA256withDSA", null);
case SIGNATURE_DSA_WITH_SHA512:
return Pair.create("SHA512withDSA", null);
default: default:
throw new IllegalArgumentException( throw new IllegalArgumentException(
"Unknown signature algorithm: 0x" "Unknown signature algorithm: 0x"
@@ -679,7 +676,6 @@ public abstract class ApkSignerV2 {
case SIGNATURE_RSA_PSS_WITH_SHA512: case SIGNATURE_RSA_PSS_WITH_SHA512:
case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512: case SIGNATURE_RSA_PKCS1_V1_5_WITH_SHA512:
case SIGNATURE_ECDSA_WITH_SHA512: case SIGNATURE_ECDSA_WITH_SHA512:
case SIGNATURE_DSA_WITH_SHA512:
return CONTENT_DIGEST_CHUNKED_SHA512; return CONTENT_DIGEST_CHUNKED_SHA512;
default: default:
throw new IllegalArgumentException( throw new IllegalArgumentException(

2
tools/signapk/src/com/android/signapk/SignApk.java
View File

@@ -992,7 +992,7 @@ class SignApk {
} else if ("EC".equalsIgnoreCase(keyAlgorithm)) { } else if ("EC".equalsIgnoreCase(keyAlgorithm)) {
return ApkSignerV2.SIGNATURE_ECDSA_WITH_SHA512; return ApkSignerV2.SIGNATURE_ECDSA_WITH_SHA512;
} else if ("DSA".equalsIgnoreCase(keyAlgorithm)) { } else if ("DSA".equalsIgnoreCase(keyAlgorithm)) {
return ApkSignerV2.SIGNATURE_DSA_WITH_SHA512; throw new IllegalArgumentException("SHA-512 is not supported with DSA");
} else { } else {
throw new IllegalArgumentException("Unsupported key algorithm: " + keyAlgorithm); throw new IllegalArgumentException("Unsupported key algorithm: " + keyAlgorithm);
} }