mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-10-08 18:31:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

signindex: support signing index-v1.jar

Browse source 
This is a bit different than index.jar: instead of their being index.xml
and index_unsigned.jar, the presense of index-v1.json means that there is
unsigned data.  That file is then stuck into a jar and signed by the
signing process.  index-v1.json is never published to the repo.  It is
included in the binary transparency log, if that is enabled.
This commit is contained in:
Hans-Christoph Steiner 2017-03-16 18:51:43 +01:00
parent fa657ce720
commit 866528de5b
4 changed files with 57 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
fdroidserver/update.py
View file

@ -1282,13 +1282,9 @@ def make_index_v1(apps, packages, repodir, repodict, requestsdict):
json.dump(output, fp, default=_index_encoder_default)
if options.nosign:
logging.debug('index-v1 must have a signature, signindex will overwrite it!')
jar_file = os.path.join(repodir, 'index-v1.jar')
with zipfile.ZipFile(jar_file, 'w', zipfile.ZIP_DEFLATED) as jar:
jar.write(index_file, json_name)
common.signjar(jar_file)
os.remove(index_file)
logging.debug('index-v1 must have a signature, use `fdroid signindex` to create it!')
else:
common.sign_index_v1(repodir, json_name)
def make_index_v0(apps, apks, repodir, repodict, requestsdict):