From 7e1f93160ec615dbe2b0f1995907a4d98c3e52d9 Mon Sep 17 00:00:00 2001 From: Filip Ekberg Date: Mon, 9 Oct 2017 21:38:44 +0200 Subject: [PATCH 1/4] Change md5withRSA to SHA1withRSA which is the default sig alg. SHA1withRSA is now the default signature algorithm according to this JDK issue: https://bugs.openjdk.java.net/browse/JDK-6560733 --- src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs index 0ba322cc509..fbeb824d60e 100644 --- a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs +++ b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs @@ -42,7 +42,7 @@ protected override string GenerateCommandLineCommands () cmd.AppendSwitchIfNotNull ("-storepass ", StorePass); cmd.AppendSwitchIfNotNull ("-keypass ", KeyPass); cmd.AppendSwitchIfNotNull ("-digestalg ", "SHA1"); - cmd.AppendSwitchIfNotNull ("-sigalg ", "md5withRSA"); + cmd.AppendSwitchIfNotNull ("-sigalg ", "SHA1withRSA"); cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); cmd.AppendFileNameIfNotNull (UnsignedApk); From 03027bd3b87459c507ffe61d4f7f45cdbc0a8754 Mon Sep 17 00:00:00 2001 From: Filip Ekberg Date: Tue, 10 Oct 2017 12:25:08 +0200 Subject: [PATCH 2/4] Add support for overriding the default signing algorithm used with jarsign --- .../Tasks/AndroidSignPackage.cs | 8 +++++--- .../Xamarin.Android.Common.targets | 1 + 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs index fbeb824d60e..54f198782aa 100644 --- a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs +++ b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs @@ -32,7 +32,9 @@ public class AndroidSignPackage : AndroidToolTask public string TimestampAuthorityCertificateAlias { get; set; } - protected override string GenerateCommandLineCommands () + public string SigningAlgorithm { get; set; } + + protected override string GenerateCommandLineCommands () { var cmd = new CommandLineBuilder (); @@ -42,8 +44,8 @@ protected override string GenerateCommandLineCommands () cmd.AppendSwitchIfNotNull ("-storepass ", StorePass); cmd.AppendSwitchIfNotNull ("-keypass ", KeyPass); cmd.AppendSwitchIfNotNull ("-digestalg ", "SHA1"); - cmd.AppendSwitchIfNotNull ("-sigalg ", "SHA1withRSA"); - cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); + cmd.AppendSwitchIfNotNull ("-sigalg ", string.IsNullorWitespace(SigningAlgorithm) ? "md5withRSA" : SigningAlgorithm); + cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); cmd.AppendFileNameIfNotNull (UnsignedApk); cmd.AppendSwitch (KeyAlias); diff --git a/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets b/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets index fb60b3fe313..96baa2756ec 100755 --- a/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets +++ b/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets @@ -2439,6 +2439,7 @@ because xbuild doesn't support framework reference assemblies. ToolExe="$(JarsignerToolExe)" TimestampAuthorityUrl="$(JarsignerTimestampAuthorityUrl)" TimestampAuthorityCertificateAlias="$(JarsignerTimestampAuthorityCertificateAlias)" + SigningAlgorithm="$(_ApkSigningAlgorithm)" /> From 24d0a75fab048db504335b90b5d51e7741aae22e Mon Sep 17 00:00:00 2001 From: Filip Ekberg Date: Tue, 10 Oct 2017 13:03:21 +0200 Subject: [PATCH 3/4] ApkSigningAlgorithm is not private and should not be prefixed with _ --- .../Tasks/AndroidSignPackage.cs | 8 ++++---- .../Xamarin.Android.Common.targets | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs index 54f198782aa..4b04a9c88dd 100644 --- a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs +++ b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs @@ -32,9 +32,9 @@ public class AndroidSignPackage : AndroidToolTask public string TimestampAuthorityCertificateAlias { get; set; } - public string SigningAlgorithm { get; set; } + public string SigningAlgorithm { get; set; } - protected override string GenerateCommandLineCommands () + protected override string GenerateCommandLineCommands () { var cmd = new CommandLineBuilder (); @@ -44,8 +44,8 @@ protected override string GenerateCommandLineCommands () cmd.AppendSwitchIfNotNull ("-storepass ", StorePass); cmd.AppendSwitchIfNotNull ("-keypass ", KeyPass); cmd.AppendSwitchIfNotNull ("-digestalg ", "SHA1"); - cmd.AppendSwitchIfNotNull ("-sigalg ", string.IsNullorWitespace(SigningAlgorithm) ? "md5withRSA" : SigningAlgorithm); - cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); + cmd.AppendSwitchIfNotNull ("-sigalg ", string.IsNullorWitespace(SigningAlgorithm) ? "md5withRSA" :SigningAlgorithm); + cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); cmd.AppendFileNameIfNotNull (UnsignedApk); cmd.AppendSwitch (KeyAlias); diff --git a/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets b/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets index 96baa2756ec..e692a167c4d 100755 --- a/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets +++ b/src/Xamarin.Android.Build.Tasks/Xamarin.Android.Common.targets @@ -2439,7 +2439,7 @@ because xbuild doesn't support framework reference assemblies. ToolExe="$(JarsignerToolExe)" TimestampAuthorityUrl="$(JarsignerTimestampAuthorityUrl)" TimestampAuthorityCertificateAlias="$(JarsignerTimestampAuthorityCertificateAlias)" - SigningAlgorithm="$(_ApkSigningAlgorithm)" + SigningAlgorithm="$(ApkSigningAlgorithm)" /> From 1c3b50547c204e0469853d3c567628a94310235c Mon Sep 17 00:00:00 2001 From: Filip Ekberg Date: Tue, 10 Oct 2017 16:28:11 +0200 Subject: [PATCH 4/4] Fix typo in AndroidSignPackage --- src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs index 4b04a9c88dd..3490173077c 100644 --- a/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs +++ b/src/Xamarin.Android.Build.Tasks/Tasks/AndroidSignPackage.cs @@ -44,7 +44,7 @@ protected override string GenerateCommandLineCommands () cmd.AppendSwitchIfNotNull ("-storepass ", StorePass); cmd.AppendSwitchIfNotNull ("-keypass ", KeyPass); cmd.AppendSwitchIfNotNull ("-digestalg ", "SHA1"); - cmd.AppendSwitchIfNotNull ("-sigalg ", string.IsNullorWitespace(SigningAlgorithm) ? "md5withRSA" :SigningAlgorithm); + cmd.AppendSwitchIfNotNull ("-sigalg ", string.IsNullOrWhiteSpace(SigningAlgorithm) ? "md5withRSA" :SigningAlgorithm); cmd.AppendSwitchIfNotNull ("-signedjar ", String.Format ("{0}{1}{2}-Signed-Unaligned.apk", SignedApkDirectory, Path.DirectorySeparatorChar, Path.GetFileNameWithoutExtension (UnsignedApk))); cmd.AppendFileNameIfNotNull (UnsignedApk);