boklm pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
-
5f4ef79a
by Nicolas Vigier at 2025-12-16T16:04:39+01:00
1 changed file:
Changes:
| ... | ... | @@ -36,8 +36,8 @@ sign_apk() { |
| 36 | 36 | |
| 37 | 37 | verify_apk() {
|
| 38 | 38 | verified=$(apksigner verify --print-certs --verbose "$1")
|
| 39 | - scheme_v1="Verified using v1 scheme (JAR signing): true"
|
|
| 40 | 39 | scheme_v2="Verified using v2 scheme (APK Signature Scheme v2): true"
|
| 40 | + scheme_v3="Verified using v3 scheme (APK Signature Scheme v3): true"
|
|
| 41 | 41 | |
| 42 | 42 | if test "$tbb_version_type" = "alpha"; then
|
| 43 | 43 | cert_digest="Signer #1 certificate SHA-256 digest: 15f760b41acbe4783e667102c9f67119be2af62fab07763f9d57f01e5e1074e1"
|
| ... | ... | @@ -47,12 +47,10 @@ verify_apk() { |
| 47 | 47 | pubkey_digest="Signer #1 public key SHA-256 digest: 343ca8a2e5452670bdc335a181a4baed909f868937d68c4653e44ef84de8dfc6"
|
| 48 | 48 | fi
|
| 49 | 49 | if test "$SIGNING_PROJECTNAME" = "torvpn"; then
|
| 50 | - # No v1 scheme signature on torvpn apk
|
|
| 51 | - scheme_v1=''
|
|
| 52 | 50 | cert_digest="Signer #1 certificate SHA-256 digest: c2f6ffa30e56a7c53a226248ef908612ee539df2f52bede5a55037425b83331d"
|
| 53 | 51 | pubkey_digest="Signer #1 public key SHA-256 digest: fddc5f93ae0bc971e951481b0b5e6b62e47040fe979ff535cf75daade2f13f3d"
|
| 54 | 52 | fi
|
| 55 | - for digest in "${scheme_v1}" "${scheme_v2}" "${cert_digest}" "${pubkey_digest}"; do
|
|
| 53 | + for digest in "${scheme_v2}" "${scheme_v3}" "${cert_digest}" "${pubkey_digest}"; do
|
|
| 56 | 54 | test -z "$digest" && continue
|
| 57 | 55 | if ! echo "${verified}" | grep -q "${digest}"; then
|
| 58 | 56 | echo "Expected digest not found:"
|