Commit 70ba2cb3 authored by Ciaran Gultnieks's avatar Ciaran Gultnieks

Added signing of built applications

parent a6b4830a
......@@ -214,5 +214,58 @@ for app in apps:
thisbuild['vercode'] + '.apk')
shutil.copyfile(src, dest)
# Figure out the key alias name we'll use. Only the first 8
# characters are significant, so we'll use the first 8 from
# the MD5 of the app's ID and hope there are no collisions.
# If a collision does occur later, we're going to have to
# come up with a new alogrithm, AND rename all existing keys
# in the keystore!
m = md5.new()
m.update(app['id'])
keyalias = m.hexdigest()[:8]
print "Key alias: " + keyalias
# See if we already have a key for this application, and
# if not generate one...
p = subprocess.Popen(['keytool', '-list',
'-alias', keyalias, '-keystore', keystore,
'-storepass', keystorepass], stdout=subprocess.PIPE)
output = p.communicate()[0]
if p.returncode !=0:
print "Key does not exist - generating..."
p = subprocess.Popen(['keytool', '-genkey',
'-keystore', keystore, '-alias', keyalias,
'-keyalg', 'RSA', '-keysize', '2048',
'-validity', '10000',
'-storepass', keystorepass, '-keypass', keypass,
'-dname', keydname], stdout=subprocess.PIPE)
output = p.communicate()[0]
print output
if p.returncode != 0:
print "Failed to generate key"
sys.exit(1)
# Sign the application...
p = subprocess.Popen(['jarsigner', '-keystore', keystore,
'-storepass', keystorepass, '-keypass', keypass,
dest, keyalias], stdout=subprocess.PIPE)
output = p.communicate()[0]
print output
if p.returncode != 0:
print "Failed to sign application"
sys.exit(1)
# Zipalign it...
tmpfile = dest + ".tmp"
os.rename(dest, tmpfile)
p = subprocess.Popen(['zipalign', '-v', '4',
tmpfile, dest], stdout=subprocess.PIPE)
output = p.communicate()[0]
print output
if p.returncode != 0:
print "Failed to align application"
sys.exit(1)
os.remove(tmpfile)
print "Finished."
......@@ -12,3 +12,17 @@ The official FDroid repository. Applications in this repository are official
binaries built by the original application developers.
"""
#The keystore to use for release keys when building. This needs to be
#somewhere safe and secure, and backed up!
keystore = "/home/me/somewhere/my.keystore"
#The password for the keystore.
keystorepass = "foo"
#The password for keys - the same is used for each auto-generated key.
keypass = "foo2"
#THe distinguished name used for all keys.
keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"
"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment