From: Doug Zongker Date: Mon, 8 Jun 2009 17:46:55 +0000 (-0700) Subject: make signapk strip other signatures X-Git-Tag: android-x86-1.6~22^2~29^2 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=af482b62e50b70e469426681584503eab1b308e9;p=android-x86%2Fbuild.git make signapk strip other signatures Change signapk to not propagate other signatures to the output archive. Multiple signatures seem to confuse the package manager, as we saw with Maps, and other partners are checking in prebuilt APKs for google experience devices signed with random other things. --- diff --git a/tools/signapk/SignApk.java b/tools/signapk/SignApk.java index 340a9f551..fb5502861 100644 --- a/tools/signapk/SignApk.java +++ b/tools/signapk/SignApk.java @@ -62,6 +62,7 @@ import java.util.jar.JarEntry; import java.util.jar.JarFile; import java.util.jar.JarOutputStream; import java.util.jar.Manifest; +import java.util.regex.Pattern; import javax.crypto.Cipher; import javax.crypto.EncryptedPrivateKeyInfo; import javax.crypto.SecretKeyFactory; @@ -75,6 +76,10 @@ class SignApk { private static final String CERT_SF_NAME = "META-INF/CERT.SF"; private static final String CERT_RSA_NAME = "META-INF/CERT.RSA"; + // Files matching this pattern are not copied to the output. + private static Pattern stripPattern = + Pattern.compile("^META-INF/(.*)[.](SF|RSA|DSA)$"); + private static X509Certificate readPublicKey(File file) throws IOException, GeneralSecurityException { FileInputStream input = new FileInputStream(file); @@ -193,7 +198,9 @@ class SignApk { for (JarEntry entry: byName.values()) { String name = entry.getName(); if (!entry.isDirectory() && !name.equals(JarFile.MANIFEST_NAME) && - !name.equals(CERT_SF_NAME) && !name.equals(CERT_RSA_NAME)) { + !name.equals(CERT_SF_NAME) && !name.equals(CERT_RSA_NAME) && + (stripPattern == null || + !stripPattern.matcher(name).matches())) { InputStream data = jar.getInputStream(entry); while ((num = data.read(buffer)) > 0) { md.update(buffer, 0, num);