3 # gpgsign.py - part of the FDroid server tools
4 # Copyright (C) 2015, Ciaran Gultnieks, ciaran@ciarang.com
6 # This program is free software: you can redistribute it and/or modify
7 # it under the terms of the GNU Affero General Public License as published by
8 # the Free Software Foundation, either version 3 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU Affero General Public License for more details.
16 # You should have received a copy of the GNU Affero General Public License
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
22 from argparse import ArgumentParser
33 Sign a JAR file with Java's jarsigner.
35 This method requires a properly initialized config object.
37 This does use old hashing algorithms, i.e. SHA1, but that's not
38 broken yet for file verification. This could be set to SHA256,
39 but then Android < 4.3 would not be able to verify it.
40 https://code.google.com/p/android/issues/detail?id=38321
42 args = [config['jarsigner'], '-keystore', config['keystore'],
43 '-storepass:env', 'FDROID_KEY_STORE_PASS',
44 '-digestalg', 'SHA1', '-sigalg', 'SHA1withRSA',
45 jar, config['repo_keyalias']]
46 if config['keystore'] == 'NONE':
47 args += config['smartcardoptions']
48 else: # smardcards never use -keypass
49 args += ['-keypass:env', 'FDROID_KEY_PASS']
51 'FDROID_KEY_STORE_PASS': config['keystorepass'],
52 'FDROID_KEY_PASS': config['keypass'],
54 p = common.FDroidPopen(args, envs=env_vars)
56 logging.critical("Failed to sign %s!" % jar)
60 def sign_index_v1(repodir, json_name):
62 Sign index-v1.json to make index-v1.jar
64 This is a bit different than index.jar: instead of their being index.xml
65 and index_unsigned.jar, the presence of index-v1.json means that there is
66 unsigned data. That file is then stuck into a jar and signed by the
67 signing process. index-v1.json is never published to the repo. It is
68 included in the binary transparency log, if that is enabled.
70 name, ext = common.get_extension(json_name)
71 index_file = os.path.join(repodir, json_name)
72 jar_file = os.path.join(repodir, name + '.jar')
73 with zipfile.ZipFile(jar_file, 'w', zipfile.ZIP_DEFLATED) as jar:
74 jar.write(index_file, json_name)
80 global config, options
82 # Parse command line...
83 parser = ArgumentParser(usage="%(prog)s [options]")
84 common.setup_global_opts(parser)
85 options = parser.parse_args()
87 config = common.read_config(options)
89 if 'jarsigner' not in config:
90 logging.critical('Java jarsigner not found! Install in standard location or set java_paths!')
94 if config['archive_older'] != 0:
95 repodirs.append('archive')
98 for output_dir in repodirs:
99 if not os.path.isdir(output_dir):
100 logging.error("Missing output directory '" + output_dir + "'")
103 unsigned = os.path.join(output_dir, 'index_unsigned.jar')
104 if os.path.exists(unsigned):
106 os.rename(unsigned, os.path.join(output_dir, 'index.jar'))
107 logging.info('Signed index in ' + output_dir)
110 json_name = 'index-v1.json'
111 index_file = os.path.join(output_dir, json_name)
112 if os.path.exists(index_file):
113 sign_index_v1(output_dir, json_name)
114 os.remove(index_file)
115 logging.info('Signed ' + index_file)
119 logging.info("Nothing to do")
122 if __name__ == "__main__":