boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 5f4ef79a by Nicolas Vigier at 2025-12-16T16:04:39+01:00 Bug 41671: Update apk signing script to check for v3 instead of v1 signatures - - - - - 1 changed file: - tools/signing/linux-signer-sign-android-apks Changes: ===================================== tools/signing/linux-signer-sign-android-apks ===================================== @@ -36,8 +36,8 @@ sign_apk() { verify_apk() { verified=$(apksigner verify --print-certs --verbose "$1") - scheme_v1="Verified using v1 scheme (JAR signing): true" scheme_v2="Verified using v2 scheme (APK Signature Scheme v2): true" + scheme_v3="Verified using v3 scheme (APK Signature Scheme v3): true" if test "$tbb_version_type" = "alpha"; then cert_digest="Signer #1 certificate SHA-256 digest: 15f760b41acbe4783e667102c9f67119be2af62fab07763f9d57f01e5e1074e1" @@ -47,12 +47,10 @@ verify_apk() { pubkey_digest="Signer #1 public key SHA-256 digest: 343ca8a2e5452670bdc335a181a4baed909f868937d68c4653e44ef84de8dfc6" fi if test "$SIGNING_PROJECTNAME" = "torvpn"; then - # No v1 scheme signature on torvpn apk - scheme_v1='' cert_digest="Signer #1 certificate SHA-256 digest: c2f6ffa30e56a7c53a226248ef908612ee539df2f52bede5a55037425b83331d" pubkey_digest="Signer #1 public key SHA-256 digest: fddc5f93ae0bc971e951481b0b5e6b62e47040fe979ff535cf75daade2f13f3d" fi - for digest in "${scheme_v1}" "${scheme_v2}" "${cert_digest}" "${pubkey_digest}"; do + for digest in "${scheme_v2}" "${scheme_v3}" "${cert_digest}" "${pubkey_digest}"; do test -z "$digest" && continue if ! echo "${verified}" | grep -q "${digest}"; then echo "Expected digest not found:" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5f... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5f... You're receiving this email because of your account on gitlab.torproject.org.