Skip to content

Commit

Permalink
Using SHA256 instead of SHA1 (#85)
Browse files Browse the repository at this point in the history
  • Loading branch information
atanas-bitrise authored Nov 29, 2022
1 parent 9962288 commit 8c96369
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
4 changes: 2 additions & 2 deletions keystore/keystore.go
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,8 @@ func (helper Helper) createSignCmd(buildArtifactPth, destBuildArtifactPth, priva
}
split = strings.Split(split[1], "and")

signingAlgorithm := "SHA1with" + split[0]
digestAlgorithm := "SHA1"
signingAlgorithm := "SHA256with" + split[0]
digestAlgorithm := "SHA-256"

cmdSlice := []string{
jarsigner,
Expand Down
14 changes: 7 additions & 7 deletions keystore/keystore_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ import (
)

func TestCreateSignCmd(t *testing.T) {
t.Log("signature algorithm: SHA1withRSA")
t.Log("signature algorithm: SHA256withRSA")
{
apkPth := "android.apk"
destApkPth := "android-signed.apk"
keystorePath := "keystore.jks"
keystorePassword := "pass"
alias := "alias"
keypassword := "keypass"
signatureAlgorithm := "SHA1withRSA"
signatureAlgorithm := "SHA256withRSA"

keystore := Helper{
keystorePth: keystorePath,
Expand All @@ -30,7 +30,7 @@ func TestCreateSignCmd(t *testing.T) {
require.Equal(t, 17, len(cmdSlice))

actual := strings.Join(cmdSlice, " ")
expected := jarsigner + " -sigfile CERT -sigalg SHA1withRSA -digestalg SHA1 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
expected := jarsigner + " -sigfile CERT -sigalg SHA256withRSA -digestalg SHA-256 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
require.Equal(t, expected, actual)
}

Expand All @@ -56,7 +56,7 @@ func TestCreateSignCmd(t *testing.T) {
require.Equal(t, 17, len(cmdSlice))

actual := strings.Join(cmdSlice, " ")
expected := jarsigner + " -sigfile CERT -sigalg SHA1withRSA -digestalg SHA1 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
expected := jarsigner + " -sigfile CERT -sigalg SHA256withRSA -digestalg SHA-256 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
require.Equal(t, expected, actual)
}

Expand All @@ -82,7 +82,7 @@ func TestCreateSignCmd(t *testing.T) {
require.Equal(t, 17, len(cmdSlice))

actual := strings.Join(cmdSlice, " ")
expected := jarsigner + " -sigfile CERT -sigalg SHA1withRSA -digestalg SHA1 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
expected := jarsigner + " -sigfile CERT -sigalg SHA256withRSA -digestalg SHA-256 -keystore keystore.jks -storepass pass -keypass keypass -signedjar android-signed.apk android.apk alias"
require.Equal(t, expected, actual)
}
}
Expand All @@ -100,10 +100,10 @@ Valid from: Thu Jun 02 19:56:20 CEST 2016 until: Mon May 27 19:56:20 CEST 2041
Certificate fingerprints:
MD5: CA:30:61:CB:AD:70:03:73:C7:FD:91:A4:9C:FB:92:F9
SHA1: 66:C3:60:5B:B8:0B:B0:2C:AE:C5:54:72:B6:B2:D6:18:99:FB:70:9F
Signature algorithm name: SHA1withRSA (Weak)
Signature algorithm name: SHA256withRSA
Version: 3
`
signatureAlgorithm, err := findSignatureAlgorithm(keystoreData)
require.NoError(t, err)
require.Equal(t, "SHA1withRSA", signatureAlgorithm)
require.Equal(t, "SHA256withRSA", signatureAlgorithm)
}

0 comments on commit 8c96369

Please sign in to comment.