[tor-bugs] #28697 [Applications/Tor Browser]: Our QA and testing .apks are signed with a key per build
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 3 10:10:08 UTC 2018
#28697: Our QA and testing .apks are signed with a key per build
-------------------------------------+-------------------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: tbb-mobile,
Severity: Normal | TorBrowserTeam201812
Actual Points: | Parent ID: #25164
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
For every .apk build we do a
{{{
keytool -genkey -v -keystore qa.keystore -storepass android -alias
androidqakey -keypass android -keyalg RSA -keysize 2048 -validity 10000
-dname "CN=Android Tor QA,O=Tor,C=US"
}}}
which
a) results in differences between the resulting .apk files defeating our
reproducible builds goal and
b) results in a hassle testing those .apk files by trying to overwrite an
older installation: the keys must be the same, otherwise the app would not
get installed over the already available one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28697>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list